Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Running cursor and bottom scroll ??


  • This topic is locked This topic is locked
7 replies to this topic

#1 jocko7874

jocko7874

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:MANILA
  • Local time:02:43 AM

Posted 02 November 2017 - 08:43 PM

I AM NOT sure if I need a new keyboard or if virus, trojan, etc related.

 

Keeps scrolling to bottom of page. But if i hold the F2 key down it stops scroll to bottom of page. 

However the second I let it go....back it goes to the bottom.

 

Same with the cursor....it just keeps going from left to right, and if I press backspace it goes back as long as i am depressing the F2key?

 

Any suggestions be appreciated.....my thumb is getting worn down to the bone soon  he he he.

 

ASUS x604t 8.1 windows.

 

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,965 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:43 AM

Posted 03 November 2017 - 08:25 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

The first thing I would is change my mouse.

Borrow one or get a new one.

If possible for you to download and run this program please do it.

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===


Please post the logs.

#3 jocko7874

jocko7874
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:MANILA
  • Local time:02:43 AM

Posted 07 November 2017 - 03:39 PM

Thanks nasdaq....

 

Me complied with all you stated to help me....about 3 weeks ago....but when I posted the frst scan 2 reports....it said....:cannot post cause there is a virus present ....or something like that....ne suggestions how I should do it...

 

Will do another scan when to your next reply for a fresh scan...

 

earl



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,965 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:43 AM

Posted 08 November 2017 - 07:36 AM

Try to copy and paste the contents of the FRST.txt and Addition.txt File?

If you get an error please give me the error message.

#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,965 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:43 AM

Posted 13 November 2017 - 08:12 AM

Are you still with me?

#6 jocko7874

jocko7874
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:MANILA
  • Local time:02:43 AM

Posted 02 January 2018 - 11:08 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02.01.2018
Ran by Earl (administrator) on ASUS (03-01-2018 11:53:58)
Running from C:\Users\Earl\Desktop\FRST-OlderVersion
Loaded Profiles: Earl (Available Profiles: Earl)
Platform: Microsoft Windows 8.1 with Bing (Update) (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
(ASUS Cloud Corporation) C:\Program Files\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLoader.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPCenter.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKU\S-1-5-21-3686689766-4104429596-1712315094-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7814600 2017-11-09] (Piriform Ltd)
HKU\S-1-5-21-3686689766-4104429596-1712315094-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-3686689766-4104429596-1712315094-1001\...\Policies\Explorer\DisallowRun: [1] Mshta.exe
HKU\S-1-5-21-3686689766-4104429596-1712315094-1001\...\Policies\Explorer\DisallowRun: [2] powershell.exe
HKU\S-1-5-21-3686689766-4104429596-1712315094-1001\...\Policies\Explorer\DisallowRun: [3] bitsadmin.exe
HKU\S-1-5-21-3686689766-4104429596-1712315094-1001\...\MountPoints2: {fcf3576f-cb49-11e7-9735-bcc83a68ec25} - "D:\AutoPlay.exe" -c
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk [2017-11-17]
ShortcutTarget: Acrobat Assistant.lnk -> C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{4BD3D58F-1305-4532-986B-CC1C3F68F027}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{4BD3D58F-1305-4532-986B-CC1C3F68F027}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{CBED9D25-4647-4D5A-A9B8-4D17C383CD3B}: [DhcpNameServer] 40.53.1.201 40.53.1.203

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3686689766-4104429596-1712315094-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope value is missing
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: ywtbzehh.default
FF ProfilePath: C:\Users\Earl\AppData\Roaming\Mozilla\Firefox\Profiles\ywtbzehh.default [2018-01-03]
FF Homepage: Mozilla\Firefox\Profiles\ywtbzehh.default -> hxxps://login.yahoo.com/?.src=ym&.intl=us&.done=https%3A%2F%2Fmail.yahoo.com%2F
FF Session Restore: Mozilla\Firefox\Profiles\ywtbzehh.default -> is enabled.
FF Extension: (Avast Online Security) - C:\Users\Earl\AppData\Roaming\Mozilla\Firefox\Profiles\ywtbzehh.default\Extensions\wrc@avast.com.xpi [2017-12-21]
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2013-07-13] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2013-07-13] (Intel Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-20] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-20] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://us.yahoo.com/
CHR StartupUrls: Default -> "hxxp://yahoo.us/","hxxps://ipleak.net/","hxxp://us.yahoo.com/","hxxp://google.com.usa/","hxxp://www.yahoo.com/","hxxp://sports.yahoo.com/","hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-03-31&ent=hp&u=5FF201377F05C9C9FBE954533857D17D","hxxps://us.yahoo.com/","hxxps://www.google.com/","hxxps://www.yahoo.com/"
CHR Profile: C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default [2018-01-03]
CHR Extension: (Flash Video Downloader) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2017-11-15]
CHR Extension: (Docs) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-02]
CHR Extension: (Google Drive) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-02]
CHR Extension: (YouTube) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-02]
CHR Extension: (Honey) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2017-12-21]
CHR Extension: (Thesaurus.com - Synonyms and Antonyms) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\clljlcapeomdokpgadmegpabakieebci [2017-11-15]
CHR Extension: (Pricescout - Price Comparison & Coupons) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkjddnnlgmahpnjjkiolhoophlpibfn [2017-11-15]
CHR Extension: (Google Docs Offline) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-02]
CHR Extension: (Google Voice (by Google)) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2017-11-15]
CHR Extension: (Scanguard Web Shield) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkljlnkimgcfmiklhilenokeckdiiepf [2017-12-27]
CHR Extension: (Video Downloader professional) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmdldgcmokdpmacblnehppgkjphcbpnn [2017-12-26]
CHR Extension: (Superblock Extended - Adblocker) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmljjoddjjkoidiahlgbgjjgodcajhgf [2017-11-02]
CHR Extension: (Poppit!) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2017-11-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-02]
CHR Extension: (Adblock Pro) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2017-11-15]
CHR Extension: (Gmail) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-14]
CHR Extension: (uBlock Adblocker Plus) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnhflmgomffaphmnbcogleagmloijbkd [2017-11-24]
CHR HKLM\...\Chrome\Extension: [kkljlnkimgcfmiklhilenokeckdiiepf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pmagdleikobihfikldcpmgfjcppcddnf] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AsHidService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [103224 2014-05-15] (ASUSTek Computer Inc.)
R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [115512 2014-03-27] (ASUSTek Computer Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2011-11-22] (ASUS)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [1677016 2015-04-25] (Broadcom Corporation.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [281488 2014-09-26] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [75264 2014-06-24] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [89088 2014-06-24] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [82432 2014-06-24] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [281488 2014-09-26] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [586752 2013-07-02] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [637912 2013-07-02] (Intel® Corporation)
R2 jhi_service; C:\Program Files\Intel\TXE Components\DAL\jhi_service.exe [168216 2014-01-15] (Intel Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280872 2017-01-13] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103696 2017-01-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-03] (ASUS)
R3 AsusHID; C:\Windows\System32\drivers\AsusHID.sys [70424 2015-01-01] (ASUS Corporation)
R1 ATKWMIACPIIO; C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [17720 2013-07-03] (ASUSTek Computer Inc.)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [97896 2013-07-18] (ASIX Electronics Corp.)
R3 BCMSDH43XX; C:\Windows\system32\DRIVERS\bcmdhd63.sys [307928 2015-04-25] (Broadcom Corp)
R3 BthMini; C:\Windows\System32\Drivers\BTHMINI.sys [24064 2013-08-22] (Microsoft Corporation)
S3 btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [145112 2015-04-25] (Broadcom Corporation.)
R3 BtwSerialBus; C:\Windows\system32\DRIVERS\BtwSerialBus.sys [132312 2015-04-25] (Broadcom Corporation.)
R3 camera; C:\Windows\system32\DRIVERS\camera.sys [460800 2014-06-25] (Intel Corporation)
R3 DptfDevDBPT; C:\Windows\system32\DRIVERS\DptfDevPower.sys [17408 2014-06-24] (Intel Corporation)
R3 DptfDevDisplay; C:\Windows\system32\DRIVERS\DptfDevDisplay.sys [19968 2014-06-24] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [28160 2014-06-24] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [72704 2014-06-24] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [174080 2014-06-24] (Intel Corporation)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [23552 2014-05-16] (Intel Corporation)
R3 GpioVirtual; C:\Windows\System32\drivers\iaiogpiovirtual.sys [16896 2014-03-21] (Intel Corporation)
R3 HIDSwitch; C:\Windows\System32\drivers\AsHIDSwitch.sys [17720 2013-10-08] (ASUS)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [62464 2014-05-16] (Intel Corporation)
R3 iaiouart; C:\Windows\System32\drivers\iaiouart.sys [87552 2014-03-21] (Intel Corporation)
S0 iaStorA; C:\Windows\System32\drivers\iaStorA.sys [522600 2014-06-26] (Intel Corporation)
S3 intaud_WaveExtensible; C:\Windows\system32\drivers\intelaud.sys [32152 2014-08-02] (Intel Corporation)
R3 IntelSST; C:\Windows\system32\drivers\isstrtc.sys [264704 2014-11-26] (Intel® Corporation)
R3 iwdbus; C:\Windows\System32\drivers\iwdbus.sys [23448 2014-08-02] (Intel Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [21968 2014-03-15] (Intel Corporation)
R1 MpKsl3e07380d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4EA1DC14-1E59-4228-8556-28663C12173C}\MpKsl3e07380d.sys [49504 2018-01-03] (Microsoft Corporation)
S3 NETwNs32; C:\Windows\system32\DRIVERS\Netwsn00.sys [10372096 2013-06-18] (Intel Corporation)
R3 PMIC; C:\Windows\System32\drivers\PMIC.sys [66560 2014-07-01] (Intel Corporation)
R3 rtii2sac; C:\Windows\system32\DRIVERS\rtii2sac.sys [226520 2014-12-04] (Realtek Semiconductor Corp.)
R3 TXEI; C:\Windows\System32\drivers\TXEI.sys [75792 2014-01-09] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [38920 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [231256 2017-01-13] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [85336 2017-01-13] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam32.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard32.sys [X]

========================== Drivers MD5 =======================

C:\Windows\System32\drivers\1394ohci.sys F7B9F821CF1C31B266F60A5733F8119A
C:\Windows\System32\drivers\3ware.sys 57F7923ACC5009218F6591B3C0F62E07
C:\Windows\System32\drivers\ACPI.sys 97E855ABBF94A5B979BB3070833AE71C
C:\Windows\System32\Drivers\acpiex.sys DCA3C5F55150B3AEB8B75A5E8D1156DC
C:\Windows\System32\drivers\acpipagr.sys EE103776F838AE570EDBB2C1FB1356AF
C:\Windows\System32\drivers\acpipmi.sys AC1BAD06E47D090C553FDEEAD1A7C463
C:\Windows\System32\drivers\acpitime.sys 519FA16CFE54F107861501D852322AEF
C:\Windows\System32\drivers\ADP80XX.SYS D614199DF507F1047D2C9ADB89BDD49E
C:\Windows\system32\drivers\afd.sys 2B204EEC6A78BB9730927A28435DFEB4
C:\Windows\system32\DRIVERS\AGRSM.sys 7E10E3BB9B258AD8A9300F91214D67B9
C:\Windows\System32\drivers\agp440.sys 7A706DCF874214097A30694D3B686866
C:\Windows\System32\DRIVERS\ahcache.sys C758755F80B98F9F7DD413DB870961B7
C:\Windows\System32\drivers\amdagp.sys E7E154969EEDB8E8FC2C80DF690A175A
C:\Windows\System32\drivers\amdk8.sys D9707ECC59834964EBA0D9D6C87305F6
C:\Windows\System32\drivers\amdppm.sys 7E4E0841365A02F77BD8497CCE347179
C:\Windows\System32\drivers\amdsata.sys 5558A0EB3082EAC88C0578ABCE0C707D
C:\Windows\System32\drivers\amdsbs.sys FB1A73A850C812F63BA9D174AB97BFB6
C:\Windows\System32\drivers\amdxata.sys 43352B9C7917984404F893AD10468F63
C:\Windows\system32\drivers\appid.sys 07501A1B68BD333B3C61D4A5CFBB021F
C:\Windows\System32\drivers\arcsas.sys 0554DE27A3B4527C000073CEA0E84D1B
C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys B9FDFA552EBA5B4BF377F7CCEC9B8BC7
C:\Windows\System32\drivers\AsusHID.sys D4EBE02927E26EC1D16F56A2C963E8E5
C:\Windows\system32\DRIVERS\asyncmac.sys 437EAC134721F0BA2D856FA3B2622F7B
C:\Windows\System32\drivers\atapi.sys 72FCAE2CE6DFEAB2AB072435017F3417
C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys 6C0668BB88AC2DE0EFDB76166C577E94
C:\Windows\system32\DRIVERS\ax88772.sys 7681222D4AE9779B5CD0C6D7AB16E4E3
C:\Windows\System32\drivers\BasicDisplay.sys 235EAE5E6E5F3F0DD49DA9204F86976E
C:\Windows\System32\drivers\BasicRender.sys 8F59B574BCEFA7EC8F24959FDAA3A146
C:\Windows\System32\drivers\bcmfn2.sys 9BAB0675B0910424FEEABECEF647896B
C:\Windows\system32\DRIVERS\bcmdhd63.sys 4097314EBA661E94BA1C127E69EE63B7
C:\Windows\system32\Drivers\Beep.sys 38058AF65F15D0E9E1A5A9B8E75B0757
C:\Windows\System32\DRIVERS\bowser.sys 4E3071E55F83A28E0B6B4F8CDDF7B3F4
C:\Windows\System32\drivers\BthAvrcpTg.sys 48590B2DBCE55AC0DF0F7A3F23204CBF
C:\Windows\System32\drivers\BthEnum.sys 9CDC68D1B3D7EE582BA0550E738163B9
C:\Windows\System32\drivers\bthhfenum.sys 84CF99F7190D54D4C72E0F5D008BF88C
C:\Windows\System32\drivers\BthHFHid.sys 1C0791BC4DC2AE0B41F8E84CD3154929
C:\Windows\system32\DRIVERS\BthLEEnum.sys 0957FAE86F9E920BF3727769D87002A8
C:\Windows\System32\Drivers\BTHMINI.sys 0A5BD61C7D9225E5DB10EAA872B99501
C:\Windows\System32\drivers\bthmodem.sys 9B32997052780FF5343949BF7B85E2EA
C:\Windows\System32\drivers\bthpan.sys 1576D5370E1514ABC729920B6798BE82
C:\Windows\System32\Drivers\BTHport.sys BAB1EC541CB36911D808F9E25D4736F6
C:\Windows\system32\DRIVERS\btwampfl.sys 6ABD58514ECAB6429BEC060D95DC1148
C:\Windows\system32\DRIVERS\BtwSerialBus.sys 67EF2FACC910BD07A63D6E89A8BC3DFC
C:\Windows\system32\DRIVERS\camera.sys 70A8E326B99FCC8320015A880F59F76C
C:\Windows\System32\DRIVERS\cdfs.sys CE232BB0965C0C0B786C3F976CCBFB7D
C:\Windows\System32\drivers\cdrom.sys E2FC132D48EA4E8B04432C33EFB77801
C:\Windows\System32\drivers\circlass.sys 98294CE233DE8687CEEC29BD632107D0
C:\Windows\System32\drivers\CLFS.sys 87A6853D97A19DF5446EAA0F189307F4
C:\Windows\System32\drivers\CmBatt.sys 6D46D1CCDA47E9B76F2D7FF4417D31AD
C:\Windows\System32\Drivers\cng.sys 7D9269AE019E57516BB470EFFDB8C7E4
C:\Windows\System32\DRIVERS\cnghwassist.sys EC086CEEC479CEDAD294D64D819CAABE
C:\Windows\System32\drivers\CompositeBus.sys F89853991E6A03526E17E4AE5239FD98
C:\Windows\System32\drivers\condrv.sys C8A7949EBAC42923D59B2C2630D2AD84
C:\Windows\System32\drivers\dam.sys 2ECC9D6E0104409B441EA7095233F323
C:\Windows\System32\Drivers\dfsc.sys ED6EE96632AC8DF092E484D9BB4EF3CD
C:\Windows\System32\drivers\disk.sys D3116CD30BE289BF97623E47520C3825
C:\Windows\System32\drivers\dmvsc.sys 0357F5F7C542249D8EAA4E6FCC69EE91
C:\Windows\system32\DRIVERS\DptfDevPower.sys 1703280F88AB05819478DAB24A9A6752
C:\Windows\system32\DRIVERS\DptfDevDisplay.sys 6D80C974C07221A7441B06160808EB9F
C:\Windows\system32\DRIVERS\DptfDevGen.sys 57598D59C953E4F0BC7C92070D5679DC
C:\Windows\system32\DRIVERS\DptfDevProc.sys C10CA1FF27E91EE1633505A84DA1C1E3
C:\Windows\system32\DRIVERS\DptfManager.sys C98F1252F4D562B06A8BF9F71B6B39E2
C:\Windows\system32\drivers\drmkaud.sys 3AF1DB24CE340245436F1E90E04F6392
C:\Windows\System32\drivers\dxgkrnl.sys DB3E5D2D33B39620F68F9EEC3B163FEE
C:\Windows\system32\DRIVERS\e1i6332.sys 939C1903636616277A82F8E8F68489D8
C:\Windows\System32\drivers\EhStorClass.sys AECFDE05D120822452BA8F606841B3FE
C:\Windows\System32\drivers\EhStorTcgDrv.sys BFDF5BA2B770B358CA607109240A739D
C:\Windows\System32\drivers\errdev.sys 6E7FD164E20C50F5A2D49AD0218FF4AE
C:\Windows\system32\Drivers\exfat.sys 630E4FAFAE692F2D2D3835A4F37A583C
C:\Windows\system32\Drivers\fastfat.sys 2B731E0CF73B392B1923078F464D96DB
C:\Windows\System32\drivers\fdc.sys F2D60D87B15FF8ABBDA27371EBBEFE0B
C:\Windows\System32\drivers\fileinfo.sys 878BE2CD1B68000D4BEEE293267B19CB
C:\Windows\System32\drivers\filetrace.sys 5C427FD4AFAEAC08882A70EDA5013AF8
C:\Windows\System32\drivers\flpydisk.sys BB2091E613F6F06F24FF9507E0FAA20B
C:\Windows\System32\drivers\fltmgr.sys 0E647295EA5573F06DDD42F0FDFF254A
C:\Windows\System32\drivers\FsDepends.sys 73F944AA04157781172CAD535AB6E172
C:\Windows\system32\Drivers\Fs_Rec.sys 6496F5E84CBC8C6D697939D6518D9B7A
C:\Windows\System32\DRIVERS\fvevol.sys A58318CA9F98AAB207D4C84868490D1D
C:\Windows\System32\drivers\fxppm.sys B3CDDF19F6201210B8785FFD642A1632
C:\Windows\System32\drivers\gagp30kx.sys 2DC88A077B783AFD416CDEE7BDE63868
C:\Windows\System32\drivers\vmgencounter.sys 2156802A56276A97FB6892412A0B899D
C:\Windows\System32\drivers\iaiogpioe.sys 7C2B97F9368383AEAF4D3DC1A9D6C075
C:\Windows\System32\Drivers\msgpioclx.sys FB1DB2A2663D59FEB04F4311861C7022
C:\Windows\System32\drivers\iaiogpiovirtual.sys 148B5ADE03272086B6936E219D4536F3
C:\Windows\system32\drivers\HdAudio.sys 449688B15D29787C8A440D6ECA9925B5
C:\Windows\System32\drivers\HDAudBus.sys 7E0EDA9EE53E344D1604EB2A7E8DED47
C:\Windows\System32\drivers\HidBatt.sys 5C5BF3E47BB6B07FAD8EA4565159659E
C:\Windows\System32\drivers\hidbth.sys 4A59C5DAF29CC28DA966C57DB863655E
C:\Windows\System32\drivers\hidi2c.sys 4AC33C5E591F9845E34DA8681E558A58
C:\Windows\System32\drivers\hidir.sys 2E6CA4DE2AEDF7ABDFEA906F11EDC8B1
C:\Windows\System32\drivers\AsHIDSwitch.sys 828B281E7D28C4B6561BBAF474D1F4BF
C:\Windows\System32\drivers\hidusb.sys 71E4AD300E86C0754D6070FB92475CF7
C:\Windows\System32\drivers\HpSAMD.sys BA073FD7F6C94FF18F97DF8F0297ED62
C:\Windows\System32\drivers\HTTP.sys 620501A5FFBB48EB3D70D9FF80EBD70A
C:\Windows\System32\drivers\hwpolicy.sys FAEB94F3ACCDFDA16E5FA585369FDEC4
C:\Windows\System32\drivers\hyperkbd.sys 2DDC60AD29D845A745C9ECAAE35FC477
C:\Windows\system32\DRIVERS\HyperVideo.sys D360FFBA289307976BE1BBE7BE792F58
C:\Windows\System32\drivers\i8042prt.sys 5043E69532392A43549E5D41E22638AA
C:\Windows\System32\drivers\iaioi2ce.sys A51D288022A2BB8743D118C135AB244A
C:\Windows\System32\drivers\iaiouart.sys B2093AFC903A92F6118368248BBC50AD
C:\Windows\System32\drivers\iaStorA.sys 1DAAFC850CA7E3E697E83A69F494E731
C:\Windows\System32\drivers\iaStorAV.sys 387637FC01BA30E95A2330DA3FFD0919
C:\Windows\System32\drivers\iaStorV.sys D2E7F3611BB8F1C2661B8F7858D33A35
C:\Windows\system32\DRIVERS\igdkmd32.sys 44984E17657E0DE38714263E6E869682
C:\Windows\system32\drivers\intelaud.sys BE37CE00B9ACDA579F799E61148C7624
C:\Windows\System32\drivers\intelide.sys B0F92A795C7E48E2C5F908265C655458
C:\Windows\System32\drivers\intelpep.sys 95BD617B467F746553AD1FC523F5D2B6
C:\Windows\System32\drivers\intelppm.sys 6DD61D8AFB56C9F853210C49FD4D8C16
C:\Windows\system32\drivers\isstrtc.sys 1CCE96CD6D5A9CAA2FFEDB046A0AC17E
C:\Windows\System32\DRIVERS\ipfltdrv.sys 23B5C10891B64FB4261F9FCADF24FE28
C:\Windows\System32\drivers\IPMIDrv.sys 3DC0D272D298B3AC09794E89FFB78BCD
C:\Windows\System32\drivers\ipnat.sys FA6C94C754A566EA8A61D658932F32DE
C:\Windows\System32\drivers\irenum.sys ADF675CF9EB57229E9D13BC2F5D4719D
C:\Windows\System32\drivers\isapnp.sys 2A0D17D431F13E87ADCB28DEEC84F252
C:\Windows\System32\drivers\msiscsi.sys ECDC74BA83C8A10C1AFBFC30E0AEC9E1
C:\Windows\System32\drivers\iwdbus.sys DC270EA3E059D38A2382A7D3760A91AE
C:\Windows\System32\drivers\kbdclass.sys 4504C8B75A6B2E5BE800DE03B26891D3
C:\Windows\System32\drivers\kbdhid.sys 8BAF1904393EACA7178A5EF962256D3F
C:\Windows\system32\DRIVERS\kdnic.sys 7F896C99637CB0E48262F307FC0F3557
C:\Windows\System32\Drivers\ksecdd.sys AE42F929AF51FADDF28B31A9B5449A0F
C:\Windows\System32\Drivers\ksecpkg.sys ED85B5DD11C9624DA19A33CE3751E74F
C:\Windows\system32\DRIVERS\lltdio.sys 369ED2626209D245BA1CEBB626F9A376
C:\Windows\System32\drivers\lsi_sas.sys 876BA8550E9F1F4EF8A7D056E66678F6
C:\Windows\System32\drivers\lsi_sas2.sys 6FB4E344E66F7243D23F0F52A9610790
C:\Windows\System32\drivers\lsi_sas3.sys 2E61D97CA19BBECCCF7CDE9C0C7392B5
C:\Windows\System32\drivers\lsi_sss.sys 3986C8FAA6E397725024E7189BAC69CE
C:\Windows\system32\drivers\luafv.sys B5DD71CB8B6A832FC06BF9B8FCAAD7CC
C:\Windows\System32\drivers\MBI.sys EBFB06184BE82D1316EDA56739AF6B94
C:\Windows\System32\drivers\megasas.sys EE038F0B57FD34B872AE2ADD7679C1E2
C:\Windows\System32\drivers\megasr.sys 2E3BE5DA8078B170DA14CE3181C5D3AC
C:\Windows\System32\drivers\modem.sys FFE175CCDA4BC0278E88149F183B6C5E
C:\Windows\System32\drivers\monitor.sys 523C526BBB796FC2087C0C8AC2B669BD
C:\Windows\System32\drivers\mouclass.sys 1B621475FA22B947B60EE004A8EE11F5
C:\Windows\System32\drivers\mouhid.sys 64DAA33D69C4442AD4CC52D478895355
C:\Windows\System32\drivers\mountmgr.sys 531616189685907D8F2EF165F1C2A185
C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4EA1DC14-1E59-4228-8556-28663C12173C}\MpKsl3e07380d.sys 8D085FF70068FAEE00320CFD9D9A09A8
C:\Windows\System32\drivers\mpsdrv.sys 4B300E2D06B03410064CF443E1CE6B25
C:\Windows\system32\drivers\mrxdav.sys 241E2BF9F8A771CDB8BA5CB3EBF3E19D
C:\Windows\System32\DRIVERS\mrxsmb.sys 4B9F77B2AC8F364549D68FB75D4F1B84
C:\Windows\System32\DRIVERS\mrxsmb10.sys 9D8C02815A62077B566003CE0CB39C89
C:\Windows\System32\DRIVERS\mrxsmb20.sys B6DE3E066F1F62AD4EE1222EB167E83A
C:\Windows\system32\DRIVERS\bridge.sys 1188DC48CB36F31A3624BB9504F77AEE
C:\Windows\system32\Drivers\Msfs.sys D99C98D630C34A448A93DE552DC7DD68
C:\Windows\System32\drivers\msgpiowin32.sys 22FFBD5F9BCE2E970C617B95103079DC
C:\Windows\System32\drivers\mshidkmdf.sys 30DA16E72C4CB4D5F06D35D0DFA16E2C
C:\Windows\System32\drivers\mshidumdf.sys 26B1961255650B59107FC4990B2CEF34
C:\Windows\System32\drivers\msisadrv.sys BF7ABD4461576528028FB86633A7EA24
C:\Windows\system32\drivers\MSKSSRV.sys 0B2A5AB2591D7F6E8E64A0516325F2AD
C:\Windows\system32\DRIVERS\mslldp.sys 2B1E1DA9C5FA25DB8DAC2F34BCF10196
C:\Windows\system32\drivers\MSPCLOCK.sys 86729EC40EB28DBBAB6A672B138B4DC5
C:\Windows\system32\drivers\MSPQM.sys 4E5FB5BD76165A81EE181A82EB665C8A
C:\Windows\system32\Drivers\MsRPC.sys C90BB8C3DC3F50FBA1A668B844C84315
C:\Windows\System32\drivers\mssmbios.sys CF61A813430B7F12452BCED287135676
C:\Windows\system32\drivers\MSTEE.sys C323F63D61AD8CEC79B3CF4B8463B208
C:\Windows\System32\drivers\MTConfig.sys 06442D8CA4425EFF66F47D8F82493450
C:\Windows\System32\Drivers\mup.sys 6CD6189DFA649EEBFCBE81CB30030355
C:\Windows\System32\drivers\mvumis.sys 8122A46E9A5EBD2E001FF5FB34A12A47
C:\Windows\system32\DRIVERS\nwifi.sys A8464A9952313B509991875BFAD3B34A
C:\Windows\System32\drivers\ndis.sys A424C178E62FE65C4C7A2EC4BCE1EA3E
C:\Windows\system32\DRIVERS\ndiscap.sys 9FA562E35A0263FBD01D44559224D46B
C:\Windows\system32\DRIVERS\NdisImPlatform.sys 873FCE0E787BC74059941D597BE630E0
C:\Windows\system32\DRIVERS\ndistapi.sys BD856EB36898EFA1B11346996ECA764C
C:\Windows\system32\DRIVERS\ndisuio.sys 1D34650E97E74DF51BD86E0A102DB241
C:\Windows\System32\drivers\NdisVirtualBus.sys 53D21FFC20728406A20BCCF145DC2AD4
C:\Windows\system32\DRIVERS\ndiswan.sys 11312D35028616E585DCF02AFAFA56DC
C:\Windows\system32\DRIVERS\ndiswan.sys 11312D35028616E585DCF02AFAFA56DC
C:\Windows\system32\Drivers\NDProxy.sys 9F76B41778F62A7E582ADA902E8D149E
C:\Windows\System32\drivers\Ndu.sys C6003C8BB723B4D7FCDFB4C419D676A1
C:\Windows\System32\DRIVERS\netbios.sys F0F2377D72E48EBCA9B9BE5F3DE3F355
C:\Windows\System32\DRIVERS\netbt.sys 63D70491891A33F1EF4085588770A335
C:\Windows\system32\DRIVERS\netvsc63.sys 6A90783186DA0F93D21C805F6FAFD9CE
C:\Windows\system32\DRIVERS\Netwsn00.sys 5B6B4F399CE724EFC099672D26EF4377
C:\Windows\system32\Drivers\Npfs.sys 6CB2336E1C247A8164ADFF8A0D2FBCA4
C:\Windows\System32\drivers\npsvctrig.sys 1B134DECC25E59D0C8AD95B64D475297
C:\Windows\System32\drivers\nsiproxy.sys 136B97CCC3F7AC46FE06AD492163DF91
C:\Windows\system32\Drivers\Ntfs.sys 71999387B0EBF2582076716688AD94B2
C:\Windows\system32\Drivers\Null.sys C68CBBB69A8C611EFA668FA36DE542D9
C:\Windows\System32\drivers\nvraid.sys CE9BC6B9B2D5A9782B20B8EF1D48FC6E
C:\Windows\System32\drivers\nvstor.sys 8BC42FC48C9DB301025D7A5C6B20ECD9
C:\Windows\System32\drivers\nv_agp.sys 5FC39F8B065128F2A59F92EE9AE3F286
C:\Windows\System32\drivers\parport.sys 86B928F774B48AC71E16BD5527B0DA21
C:\Windows\System32\drivers\partmgr.sys C503DA12698E7F775F8252F7A6FEA47F
C:\Windows\System32\drivers\parvdm.sys B6ED9C3699F7A32142B68AECDF295223
C:\Windows\System32\drivers\pci.sys 0A2BBE5E87374A32E4B1A5EEE582AE6C
C:\Windows\System32\drivers\pciide.sys 05C7426981598F0E45824BC912D5177B
C:\Windows\System32\drivers\pcmcia.sys F404AA7E499C83117C7442C2C2801C03
C:\Windows\System32\drivers\pcw.sys E0F759702BBA5095CB0AE570333B194B
C:\Windows\System32\drivers\pdc.sys 0DA829F8B69E428086363F5546B3DC32
C:\Windows\System32\drivers\peauth.sys 1A9DFE5854BD66E28178431E9C96E77D
C:\Windows\System32\drivers\PMIC.sys 9568778A76EC4E538BCEA87A3928B69C
C:\Windows\system32\DRIVERS\raspptp.sys AB94C4DC37785915FF3F18DB9C55638F
C:\Windows\System32\drivers\processr.sys 0BE3706EE01AA76D1583E82AE2E680D6
C:\Windows\system32\DRIVERS\pacer.sys 9F6173E6F8E4034C008FCE29BFD4FBB2
C:\Windows\system32\drivers\qwavedrv.sys C619F26983C63B2BB1F6FDD6B52490E0
C:\Windows\System32\DRIVERS\rasacd.sys 91D50E991F182B40E10E06A9D21D8779
C:\Windows\system32\DRIVERS\AgileVpn.sys C543731C1A5AE31E202A082E2F4C4DDE
C:\Windows\system32\DRIVERS\rasl2tp.sys C51AB62AB41A2E8560D12472B204CC00
C:\Windows\system32\DRIVERS\raspppoe.sys 1B6351227867FBD8917769479F7D84A3
C:\Windows\system32\DRIVERS\rassstp.sys 8381166CCC89EB6875DEFDA4A3B8CE37
C:\Windows\System32\DRIVERS\rdbss.sys 8810FA3D36B8922B7BD1935378CD1667
C:\Windows\System32\drivers\rdpbus.sys 4E3C895DB9831A925CAFAF9F04FE89CC
C:\Windows\System32\drivers\rdpdr.sys 67E91843B0344411820A012063E876B2
C:\Windows\System32\drivers\rdpvideominiport.sys 3EE4808DA6AFB088E1111A2CA620E521
C:\Windows\System32\drivers\rdyboost.sys ED5DA057B5C00042CDF0E705C59B3CB1
C:\Windows\system32\DRIVERS\rfcomm.sys 5E3934F8ADC8D93064CC5E537637882C
C:\Windows\system32\DRIVERS\rspndr.sys A7B0D780D365635525B8A2B10CE493C4
C:\Windows\system32\DRIVERS\rtii2sac.sys 2B8B33609C9A2D79661413BC5958BE23
C:\Windows\System32\drivers\vms3cap.sys 14FC57F255EB705ECA023FB85D70BF7B
C:\Windows\System32\drivers\sbp2port.sys 98A297A744DDF9B2E14B05E511439ABC
C:\Windows\System32\DRIVERS\scfilter.sys D35A984D81C47A8AFC5FA6CE2B4EF9DA
C:\Windows\System32\drivers\sdbus.sys 777A2903082CA816CF57878A81DE1B61
C:\Windows\System32\drivers\sdstor.sys 6A90C0C56CABEAA19779434BA6A9875B
C:\Windows\system32\Drivers\secdrv.sys A8CC993CED4DF9710ADAABC9DA66B660
C:\Windows\System32\drivers\SerCx.sys B9B7306D989D3B205EE9637ABB937978
C:\Windows\System32\drivers\SerCx2.sys 617029159ED22EF9CB3F83FE5AF968CB
C:\Windows\System32\drivers\serenum.sys A652B755F4BBD800FF5024E858FCD306
C:\Windows\System32\drivers\serial.sys F5B043FE7A4A714DB1B231F5F847C13E
C:\Windows\System32\drivers\sermouse.sys 83F70AC05D00530EFAE71C913AEB5F3B
C:\Windows\System32\drivers\sfloppy.sys 4FC275DBBE9F48EB07418E066843058D
C:\Windows\System32\drivers\sisagp.sys 0EFBAF5C195B78D7897701EA3084AFA8
C:\Windows\System32\drivers\SiSRaid2.sys 447DAF85E9F4D53710636468AD9911EA
C:\Windows\System32\drivers\sisraid4.sys 5C08041AA0DB4FE983D496D820AFACB7
C:\Windows\System32\drivers\spaceport.sys 834A5578B7E264BB5A00DA849055B00F
C:\Windows\System32\drivers\SpbCx.sys E0A6F5DA31A1B0F3C8D8A4802F97667D
C:\Windows\System32\DRIVERS\srv.sys FB72FC44BBC3E12B922E4BF0B3179C71
C:\Windows\System32\DRIVERS\srv2.sys B688F280F425C68B328098A0C633F3C5
C:\Windows\System32\DRIVERS\srvnet.sys 4F00B256BBAD56AFB5308F6D88F771A3
C:\Windows\System32\drivers\stexstor.sys B4489EA5810BF73778CD8BDC305109CE
C:\Windows\System32\drivers\storahci.sys BA47EC0DC91660274059C437DC53D82B
C:\Windows\System32\DRIVERS\vmstorfl.sys FA5A48CAB745A7A8CB83ECFE26BD2A11
C:\Windows\System32\drivers\stornvme.sys BD6608D55780F0EF6DF665F0F2C14511
C:\Windows\System32\drivers\storvsc.sys 19AC4D3BB088AA4561036B220FEB99DE
C:\Windows\System32\drivers\swenum.sys BDD8121BEB8227A65D83C87FD4BE5AFE
C:\Windows\System32\drivers\tcpip.sys FA5E50F4439DF511DB20B1795E0C290F
C:\Windows\system32\DRIVERS\tcpip.sys FA5E50F4439DF511DB20B1795E0C290F
C:\Windows\System32\drivers\tcpipreg.sys 31D0E1BF76AA85F5A72F4FD488C3B508
C:\Windows\system32\DRIVERS\tdx.sys 2D65A3A3C09B5174539EA8E99CD2F4AD
C:\Windows\System32\drivers\terminpt.sys 87F4612CBEF6CD97043911BA43ABB53B
C:\Windows\system32\drivers\tpm.sys 7441A1E10500AC6229DDCE369A953929
C:\Windows\System32\drivers\tsusbflt.sys 3E87B8167BA1CA5274DFACC4856B3FD9
C:\Windows\System32\drivers\TsUsbGD.sys 3F6FA4385342780468C0FEE5D09BB431
C:\Windows\system32\DRIVERS\tunnel.sys C9AF1C4C24DA2FF092B1A4548EEC5ACB
C:\Windows\System32\drivers\TXEI.sys E325A435A38D1674CE61D43FA3BC3587
C:\Windows\System32\drivers\uagp35.sys 61FC1405334298EFE7D49970C5346551
C:\Windows\System32\drivers\uaspstor.sys 0E919230A74FA541CC5C2D3F917340B7
C:\Windows\System32\drivers\ucx01000.sys BC87FFF7ACB60F25CEE11C03856D2BFD
C:\Windows\System32\DRIVERS\udfs.sys 070CDA00BE4D9E4E92F5471B8D24CBD8
C:\Windows\System32\drivers\UEFI.sys 31C53FFBFD9977D3F2061627A69274D2
C:\Windows\System32\drivers\uliagpkx.sys 202F1C6EBA7D84F59C03E708F45A28C3
C:\Windows\System32\drivers\umbus.sys 8CB5D86BDB3890CFC4D94593935C2F4B
C:\Windows\System32\drivers\umpass.sys C4115675F53E9E853294C15131D5EBBC
C:\Windows\System32\drivers\usbccgp.sys 3F5BEB63C977549911EA48E193823E66
C:\Windows\System32\drivers\usbcir.sys 9D941A00FD49FBC8670EFE0B48F41994
C:\Windows\System32\drivers\usbehci.sys BC1961D7D967E02AA706E185F1AECC5F
C:\Windows\System32\drivers\usbhub.sys 0F317BCBB9F658B5B1EC51B77B13B52B
C:\Windows\System32\drivers\UsbHub3.sys A0A51CFBE5BDBB62662BD4979A324166
C:\Windows\System32\drivers\usbohci.sys 2489E643ED4A277F89535AA952ACBCE7
C:\Windows\System32\drivers\usbprint.sys F4FA8FC5577F5F603FD79663BD8F3005
C:\Windows\System32\drivers\USBSTOR.SYS CBDB5082EB3E55E29D3F842DFF7EBC44
C:\Windows\System32\drivers\usbuhci.sys 1BBDAFBF70A2D3356059D49FC0465377
C:\Windows\System32\Drivers\usbvideo.sys DCEF75D41DD4FE665FA2F41F901E67AF
C:\Windows\System32\drivers\USBXHCI.SYS 0CEA7C4EC8BAB5DEFC8F7198BEE03850
C:\Windows\System32\drivers\vdrvroot.sys 3D06B8D4A1ED1B91C8566DF7AC510AF2
C:\Windows\System32\drivers\VerifierExt.sys E0915FFD3BDFB98B723C46FEB8070B8A
C:\Windows\System32\drivers\vhdmp.sys 55C2A68BC2BC68AFE3C0401495BD860E
C:\Windows\System32\drivers\viaagp.sys 33CA244E0808BBD784EA6938605FED28
C:\Windows\System32\drivers\viac7.sys EBBBCBC27D7F391188CDF4196ED80D63
C:\Windows\System32\drivers\viaide.sys 75B08537DCF231A7B536ACE2ED8E8A35
C:\Windows\System32\drivers\vmbus.sys 744DBD744910FAB62EACD05F25471D61
C:\Windows\System32\drivers\VMBusHID.sys 1F02B273254268F975612210D8CB6859
C:\Windows\System32\drivers\volmgr.sys B78808F8D73F3FB54DFC4600BEAD3E84
C:\Windows\System32\drivers\volmgrx.sys 81F670ACFA8E844D94898F7B8E9B55B7
C:\Windows\System32\drivers\volsnap.sys 31A2AA48C1ECD390E2707E5C21B75DCE
C:\Windows\System32\drivers\vsmraid.sys 10B78A2D45B1330C162FDE8FEE78F315
C:\Windows\System32\drivers\vstxraid.sys 761B3F51660CD3D9F815E5C916235D0B
C:\Windows\System32\drivers\vwifibus.sys A74C7E7977CD39708AA1E1A374D12877
C:\Windows\system32\DRIVERS\vwififlt.sys 548D38A40EC4DFE578A88081F7F60926
C:\Windows\system32\DRIVERS\vwifimp.sys DAFCED9CBD13A790AF5DF4263DEF9169
C:\Windows\System32\drivers\wacompen.sys 67B211F7AB2D49C6403E7FD970421806
C:\Windows\system32\DRIVERS\wanarp.sys 4686214315127725738113C0B1779E0A
C:\Windows\system32\DRIVERS\wanarp.sys 4686214315127725738113C0B1779E0A
C:\Windows\System32\drivers\WdBoot.sys 2986A8079E201F95CBB86DE1A1DB6AEB
C:\Windows\System32\drivers\Wdf01000.sys C49F1B047C2080FC5AA662A769887631
C:\Windows\System32\drivers\WdFilter.sys 9868BD10886F8031CB25F2A57B3A3715
C:\Windows\System32\Drivers\WdNisDrv.sys 5CB73B803803FA48542E4E5AE380B01F
C:\Windows\System32\DRIVERS\wfplwfs.sys FB8E85DC666E4D484A4C0ABAA4DD73B5
C:\Windows\System32\drivers\wimmount.sys A4A63DD4E1B72B8C8189AD3F09914AF0
C:\Windows\system32\DRIVERS\WinUSB.sys 7683DEBE4329EF289BC2B1FC709ED629
C:\Windows\System32\drivers\wmiacpi.sys AF01C55490366930DFAF1D3655C763BD
C:\Windows\system32\Drivers\Wof.sys DB3F0877E5C225693A131AE82C262957
C:\Windows\System32\DRIVERS\wpcfltr.sys 7E7207FF951BDAA10781D758628EC1B9
C:\Windows\System32\drivers\WpdUpFltr.sys 6D8FA63A8C9765A853264D3977EECC19
C:\Windows\system32\drivers\ws2ifsl.sys 12BCBE7CA69586AF483C86255739793F
C:\Windows\System32\drivers\WudfPf.sys C0D25C818F1B4F559442E3BC92B18F8D
C:\Windows\System32\drivers\WUDFRd.sys 39C5340AE404C9B566D406B8DF5CE758
C:\Windows\system32\DRIVERS\WUDFRd.sys 39C5340AE404C9B566D406B8DF5CE758
C:\Windows\system32\DRIVERS\WUDFRd.sys 39C5340AE404C9B566D406B8DF5CE758

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-03 11:10 - 2018-01-03 11:51 - 000000000 ____D C:\EEK
2018-01-03 09:36 - 2018-01-03 11:07 - 309095184 _____ C:\Users\Earl\Desktop\EmsisoftEmergencyKit.exe
2018-01-03 07:29 - 2018-01-03 08:04 - 134356992 _____ C:\Users\Earl\Desktop\EmsisoftEmergencyKit.exe (1).crdownload
2018-01-03 07:15 - 2018-01-03 08:04 - 000108544 ___SH C:\Users\Earl\Desktop\Thumbs.db
2018-01-03 07:05 - 2018-01-03 07:05 - 000030330 _____ C:\ProgramData\agent.uninstall.1514934324.bdinstall.bin
2018-01-02 19:00 - 2018-01-02 19:00 - 000000000 ____D C:\ProgramData\Bitdefender
2018-01-02 18:58 - 2018-01-02 18:58 - 000000000 ____D C:\Users\Earl\AppData\Roaming\QuickScan
2018-01-02 18:55 - 2018-01-02 18:59 - 011091968 _____ C:\Users\Earl\Desktop\EmsisoftEmergencyKit.exe.crdownload
2018-01-02 17:22 - 2018-01-02 17:22 - 000047972 _____ C:\ProgramData\agent.1514884935.bdinstall.bin
2018-01-02 00:39 - 2018-01-02 00:39 - 000017551 _____ C:\Users\Earl\Desktop\MTB.txt
2017-12-29 09:59 - 2017-12-29 09:59 - 000000000 ____D C:\Program Files\Malwarebytes
2017-12-29 09:55 - 2017-12-29 09:55 - 001790024 _____ (Malwarebytes) C:\Users\Earl\Documents\jrt.exe
2017-12-29 09:21 - 2017-12-29 09:47 - 083316440 _____ (Malwarebytes ) C:\Users\Earl\Documents\mbam.exe
2017-12-29 04:23 - 2017-12-29 04:36 - 037693392 _____ (Tweaking.com) C:\Users\Earl\Desktop\tweaking.com_windows_repair_aio_setup.exe
2017-12-29 03:26 - 2017-12-29 03:27 - 000892416 _____ (Farbar) C:\Users\Earl\Desktop\goodin.exe
2017-12-29 00:22 - 2018-01-03 06:58 - 000000000 ____D C:\Program Files\SMADAV
2017-12-29 00:22 - 2017-12-29 20:06 - 000000000 ____D C:\Users\Earl\AppData\Roaming\Smadav
2017-12-29 00:22 - 2017-12-29 01:45 - 000000000 __SHD C:\[Smad-Cage]
2017-12-27 01:29 - 2017-12-27 01:29 - 008198432 _____ (Malwarebytes) C:\Users\Earl\Desktop\clean.exe
2017-12-23 20:40 - 2017-12-23 20:40 - 000001051 _____ C:\Users\Earl\Desktop\IMG_20171222_0003 - Shortcut.lnk
2017-12-21 01:21 - 2017-12-21 01:20 - 001142072 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll
2017-12-21 00:58 - 2017-12-21 01:21 - 000000000 ____D C:\ProgramData\AVAST Software
2017-12-17 08:00 - 2017-12-17 08:01 - 000001888 _____ C:\Users\Earl\Documents\cc_20171216_160056.reg
2017-12-14 08:59 - 2017-11-17 22:59 - 003454464 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-12-14 08:59 - 2017-11-14 09:37 - 013679616 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-12-14 08:59 - 2017-11-14 09:10 - 020269056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-12-14 08:59 - 2017-11-14 08:32 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-12-14 08:59 - 2017-11-08 23:55 - 000025600 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-12-14 08:59 - 2017-11-08 04:46 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2017-12-14 08:59 - 2017-11-08 04:39 - 000662016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-12-14 08:59 - 2017-11-08 04:27 - 004509696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-12-14 08:59 - 2017-11-08 04:27 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2017-12-14 08:59 - 2017-11-08 04:22 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-12-14 08:59 - 2017-11-08 04:18 - 000694272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-12-14 08:59 - 2017-11-08 04:12 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2017-12-14 08:59 - 2017-11-08 04:04 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-12-14 08:59 - 2017-11-08 04:02 - 000562176 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2017-12-14 08:59 - 2017-11-08 04:01 - 001313280 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-12-14 08:59 - 2017-11-08 03:58 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-12-14 08:59 - 2017-10-19 01:10 - 000128568 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-12-14 08:59 - 2017-10-14 14:21 - 001117184 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-12-14 08:59 - 2017-10-14 14:19 - 000780800 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-12-14 08:59 - 2017-10-14 14:11 - 003076608 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-12-14 08:59 - 2017-10-10 23:49 - 000953856 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2017-12-14 08:59 - 2017-10-10 23:42 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2017-12-14 08:59 - 2014-10-29 09:38 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2017-12-13 07:55 - 2018-01-03 07:15 - 000000000 ____D C:\Users\Earl\Desktop\archive
2017-12-13 07:54 - 2017-12-13 07:54 - 005144092 _____ C:\Users\Earl\Desktop\archive.zip
2017-12-06 00:37 - 2017-12-06 00:37 - 000000396 _____ C:\Users\Earl\Documents\browserPlugins.txt
2017-12-06 00:35 - 2017-12-06 00:35 - 000073744 _____ C:\Users\Earl\Documents\cc_20171205_083529.reg
2017-12-05 00:43 - 2017-12-05 00:43 - 000445654 _____ C:\Users\Earl\Desktop\photo.htm
2017-12-04 23:30 - 2017-11-21 04:32 - 000450720 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-12-04 20:55 - 2017-12-04 20:55 - 000000000 ____D C:\ProgramData\SecuritySuite
2017-12-04 01:35 - 2017-12-04 01:35 - 000000000 ___HD C:\ProgramData\CanonBJ
2017-12-04 01:35 - 2012-03-14 21:00 - 000311296 _____ (CANON INC.) C:\Windows\system32\CNMLMA4.DLL
2017-12-02 06:16 - 2017-12-14 00:24 - 000000000 ____D C:\Users\Earl\AppData\LocalLow\Mozilla
2017-12-02 06:16 - 2017-12-02 06:19 - 000000000 ____D C:\Users\Earl\AppData\Local\Mozilla
2017-12-02 06:16 - 2017-12-02 06:16 - 000000000 ____D C:\Users\Earl\AppData\Roaming\Mozilla
2017-11-26 10:53 - 2018-01-03 11:53 - 000000000 ____D C:\FRST
2017-11-26 10:53 - 2017-11-26 10:53 - 000001104 _____ C:\Users\Earl\Desktop\FRST - Shortcut.lnk
2017-11-25 23:37 - 2017-12-04 06:08 - 001224704 _____ C:\Users\Earl\Desktop\ONE RAD.pmd
2017-11-17 13:18 - 2017-11-25 23:26 - 001323008 _____ C:\Users\Earl\Documents\santa at fridays.pmd
2017-11-17 12:40 - 2017-11-17 12:40 - 000001289 _____ C:\Users\Earl\Desktop\pics n other stuff.lnk
2017-11-17 12:35 - 2017-11-17 12:35 - 000002153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 5.0.lnk
2017-11-17 12:35 - 2001-10-12 08:35 - 000020588 _____ (Adobe Systems Incorporated.) C:\Windows\system32\PdfPorts.dll
2017-11-17 12:35 - 2001-10-12 08:34 - 000077824 _____ C:\Windows\system32\adistres.dll
2017-11-17 12:34 - 2017-11-17 12:36 - 000000000 ____D C:\Windows\_ISTMP1.DIR
2017-11-17 12:34 - 2017-11-17 12:35 - 000000000 ____D C:\_ISTMP1.DIR
2017-11-17 12:34 - 2017-11-17 12:34 - 000000000 ____D C:\Users\Earl\Documents\My eBooks
2017-11-17 12:34 - 2017-11-17 12:34 - 000000000 ____D C:\Users\Earl\AppData\Roaming\InterTrust
2017-11-17 12:33 - 2017-11-17 12:33 - 000000000 __RSH C:\MSDOS.SYS
2017-11-17 12:33 - 2017-11-17 12:33 - 000000000 __RSH C:\IO.SYS
2017-11-17 12:33 - 2013-08-22 12:07 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\ntvdmd.dll
2017-11-17 12:33 - 2013-08-22 12:05 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\graftabl.com
2017-11-17 12:33 - 2013-08-22 12:04 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\win.com
2017-11-17 12:33 - 2013-08-22 12:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\vdmredir.dll
2017-11-17 12:33 - 2013-08-22 11:55 - 000536576 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm.exe
2017-11-17 12:33 - 2013-08-22 09:42 - 000092320 _____ (Microsoft Corporation) C:\Windows\system32\krnl386.exe
2017-11-17 12:33 - 2013-08-22 09:42 - 000068992 _____ (Microsoft Corporation) C:\Windows\system32\MMSYSTEM.DLL
2017-11-17 12:33 - 2013-08-22 09:42 - 000068992 _____ (Microsoft Corporation) C:\Windows\system\MMSYSTEM.DLL
2017-11-17 12:33 - 2013-08-22 09:42 - 000050648 _____ C:\Windows\system32\COMMAND.COM
2017-11-17 12:33 - 2013-08-22 09:42 - 000047840 _____ (Microsoft Corporation) C:\Windows\system32\USER.EXE
2017-11-17 12:33 - 2013-08-22 09:42 - 000042809 _____ C:\Windows\system32\KEY01.SYS
2017-11-17 12:33 - 2013-08-22 09:42 - 000042537 _____ C:\Windows\system32\KEYBOARD.SYS
2017-11-17 12:33 - 2013-08-22 09:42 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\DDEML.DLL
2017-11-17 12:33 - 2013-08-22 09:42 - 000039274 _____ C:\Windows\system32\mem.exe
2017-11-17 12:33 - 2013-08-22 09:42 - 000035776 _____ C:\Windows\system32\NTIO411.SYS
2017-11-17 12:33 - 2013-08-22 09:42 - 000035552 _____ C:\Windows\system32\NTIO412.SYS
2017-11-17 12:33 - 2013-08-22 09:42 - 000034688 _____ C:\Windows\system32\NTIO804.SYS
2017-11-17 12:33 - 2013-08-22 09:42 - 000034688 _____ C:\Windows\system32\NTIO404.SYS
2017-11-17 12:33 - 2013-08-22 09:42 - 000033968 _____ C:\Windows\system32\NTIO.SYS
2017-11-17 12:33 - 2013-08-22 09:42 - 000029370 _____ C:\Windows\system32\NTDOS411.SYS
2017-11-17 12:33 - 2013-08-22 09:42 - 000029274 _____ C:\Windows\system32\NTDOS412.SYS
2017-11-17 12:33 - 2013-08-22 09:42 - 000029146 _____ C:\Windows\system32\NTDOS804.SYS
2017-11-17 12:33 - 2013-08-22 09:42 - 000029146 _____ C:\Windows\system32\NTDOS404.SYS
2017-11-17 12:33 - 2013-08-22 09:42 - 000027866 _____ C:\Windows\system32\NTDOS.SYS
2017-11-17 12:33 - 2013-08-22 09:42 - 000027097 _____ C:\Windows\system32\country.sys
2017-11-17 12:33 - 2013-08-22 09:42 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\GDI.EXE
2017-11-17 12:33 - 2013-08-22 09:42 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\OLESVR.DLL
2017-11-17 12:33 - 2013-08-22 09:42 - 000024064 _____ (Microsoft Corporation) C:\Windows\system\OLESVR.DLL
2017-11-17 12:33 - 2013-08-22 09:42 - 000020634 _____ C:\Windows\system32\debug.exe
2017-11-17 12:33 - 2013-08-22 09:42 - 000019694 _____ C:\Windows\system32\GRAPHICS.COM
2017-11-17 12:33 - 2013-08-22 09:42 - 000014710 _____ C:\Windows\system32\KB16.COM
2017-11-17 12:33 - 2013-08-22 09:42 - 000012704 _____ (Microsoft Corporation) C:\Windows\system32\WFWNET.DRV
2017-11-17 12:33 - 2013-08-22 09:42 - 000012704 _____ (Microsoft Corporation) C:\Windows\system\WFWNET.DRV
2017-11-17 12:33 - 2013-08-22 09:42 - 000012642 _____ C:\Windows\system32\edlin.exe
2017-11-17 12:33 - 2013-08-22 09:42 - 000012498 _____ C:\Windows\system32\append.exe
2017-11-17 12:33 - 2013-08-22 09:42 - 000011753 _____ C:\Windows\system32\setver.exe
2017-11-17 12:33 - 2013-08-22 09:42 - 000010544 _____ (Microsoft Corporation) C:\Windows\system32\COMM.drv
2017-11-17 12:33 - 2013-08-22 09:42 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\WIFEMAN.DLL
2017-11-17 12:33 - 2013-08-22 09:42 - 000009029 _____ C:\Windows\system32\ANSI.SYS
2017-11-17 12:33 - 2013-08-22 09:42 - 000008424 _____ C:\Windows\system32\exe2bin.exe
2017-11-17 12:33 - 2013-08-22 09:42 - 000007052 _____ C:\Windows\system32\nlsfunc.exe
2017-11-17 12:33 - 2013-08-22 09:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\WINNLS.DLL
2017-11-17 12:33 - 2013-08-22 09:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\SHELL.DLL
2017-11-17 12:33 - 2013-08-22 09:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\system\SHELL.DLL
2017-11-17 12:33 - 2013-08-22 09:42 - 000004768 _____ C:\Windows\system32\HIMEM.SYS
2017-11-17 12:33 - 2013-08-22 09:42 - 000004048 _____ (Microsoft Corporation) C:\Windows\system32\TIMER.DRV
2017-11-17 12:33 - 2013-08-22 09:42 - 000004048 _____ (Microsoft Corporation) C:\Windows\system\TIMER.DRV
2017-11-17 12:33 - 2013-08-22 09:42 - 000003360 _____ (Microsoft Corporation) C:\Windows\system32\system.drv
2017-11-17 12:33 - 2013-08-22 09:42 - 000003360 _____ (Microsoft Corporation) C:\Windows\system\system.drv
2017-11-17 12:33 - 2013-08-22 09:42 - 000002864 _____ (Microsoft Corporation) C:\Windows\system32\WOWDEB.EXE
2017-11-17 12:33 - 2013-08-22 09:42 - 000002864 _____ (Microsoft Corporation) C:\Windows\system32\WINSOCK.DLL
2017-11-17 12:33 - 2013-08-22 09:42 - 000002842 _____ C:\Windows\system32\redir.exe
2017-11-17 12:33 - 2013-08-22 09:42 - 000002176 _____ (Microsoft Corporation) C:\Windows\system32\vga.drv
2017-11-17 12:33 - 2013-08-22 09:42 - 000002176 _____ (Microsoft Corporation) C:\Windows\system\vga.drv
2017-11-17 12:33 - 2013-08-22 09:42 - 000002112 _____ (Microsoft Corporation) C:\Windows\system32\WINSPOOL.EXE
2017-11-17 12:33 - 2013-08-22 09:42 - 000002080 _____ (Microsoft Corporation) C:\Windows\system32\WINOLDAP.MOD
2017-11-17 12:33 - 2013-08-22 09:42 - 000002032 _____ (Microsoft Corporation) C:\Windows\system32\mouse.drv
2017-11-17 12:33 - 2013-08-22 09:42 - 000002032 _____ (Microsoft Corporation) C:\Windows\system\mouse.drv
2017-11-17 12:33 - 2013-08-22 09:42 - 000001744 _____ (Microsoft Corporation) C:\Windows\system32\sound.drv
2017-11-17 12:33 - 2013-08-22 09:42 - 000001744 _____ (Microsoft Corporation) C:\Windows\system\sound.drv
2017-11-17 12:33 - 2013-08-22 09:42 - 000001152 _____ (Microsoft Corporation) C:\Windows\system32\mmtask.tsk
2017-11-17 12:33 - 2013-08-22 09:42 - 000001152 _____ (Microsoft Corporation) C:\Windows\system\mmtask.tsk
2017-11-17 12:33 - 2013-08-22 09:42 - 000001131 _____ C:\Windows\system32\LOADFIX.COM
2017-11-17 12:33 - 2013-08-22 09:42 - 000000882 _____ C:\Windows\system32\share.exe
2017-11-17 12:33 - 2013-08-22 09:42 - 000000882 _____ C:\Windows\system32\fastopen.exe
2017-11-17 12:33 - 2013-08-22 09:42 - 000000718 _____ C:\Windows\system32\mscdexnt.exe
2017-11-17 12:33 - 2013-08-22 09:41 - 000002000 _____ (Microsoft Corporation) C:\Windows\system32\keyboard.drv
2017-11-17 12:33 - 2013-08-22 09:41 - 000002000 _____ (Microsoft Corporation) C:\Windows\system\keyboard.drv
2017-11-17 12:33 - 2013-08-22 09:40 - 000028112 _____ (Microsoft Corporation) C:\Windows\system32\DRWATSON.EXE
2017-11-17 12:33 - 2013-08-22 09:40 - 000013888 _____ (Microsoft Corporation) C:\Windows\system32\TOOLHELP.DLL
2017-11-17 12:33 - 2013-08-22 09:38 - 000053600 _____ C:\Windows\system32\dosx.exe
2017-11-17 12:33 - 2013-08-22 09:35 - 000032816 _____ (Microsoft Corporation) C:\Windows\system32\COMMDLG.DLL
2017-11-17 12:33 - 2013-08-22 09:35 - 000032816 _____ (Microsoft Corporation) C:\Windows\system\COMMDLG.DLL
2017-11-17 12:33 - 2013-06-18 20:56 - 000256192 _____ (Microsoft Corporation) C:\Windows\winhelp.exe
2017-11-17 12:33 - 2013-06-18 20:56 - 000221600 _____ (Microsoft Corporation) C:\Windows\system32\lanman.drv
2017-11-17 12:33 - 2013-06-18 20:56 - 000177856 _____ (Microsoft Corporation) C:\Windows\system32\typelib.dll
2017-11-17 12:33 - 2013-06-18 20:56 - 000169520 _____ (Microsoft Corporation) C:\Windows\system32\ole2disp.dll
2017-11-17 12:33 - 2013-06-18 20:56 - 000153008 _____ (Microsoft Corporation) C:\Windows\system32\ole2nls.dll
2017-11-17 12:33 - 2013-06-18 20:56 - 000127213 _____ C:\Windows\system32\ega.cpi
2017-11-17 12:33 - 2013-06-18 20:56 - 000108464 _____ (Microsoft Corporation) C:\Windows\system32\netapi.dll
2017-11-17 12:33 - 2013-06-18 20:56 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\olecli.dll
2017-11-17 12:33 - 2013-06-18 20:56 - 000082944 _____ (Microsoft Corporation) C:\Windows\system\olecli.dll
2017-11-17 12:33 - 2013-06-18 20:56 - 000069886 _____ C:\Windows\system32\edit.com
2017-11-17 12:33 - 2013-06-18 20:56 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\pmspl.dll
2017-11-17 12:33 - 2013-06-18 20:56 - 000042592 _____ (Microsoft Corporation) C:\Windows\system32\ole2.dll
2017-11-17 12:33 - 2013-06-18 20:56 - 000028420 _____ C:\Windows\system32\bios1.rom
2017-11-17 12:33 - 2013-06-18 20:56 - 000027792 _____ (Microsoft Corporation) C:\Windows\system32\compobj.dll
2017-11-17 12:33 - 2013-06-18 20:56 - 000027200 _____ (Microsoft Corporation) C:\Windows\system32\ctl3dv2.dll
2017-11-17 12:33 - 2013-06-18 20:56 - 000021232 _____ C:\Windows\system32\graphics.pro
2017-11-17 12:33 - 2013-06-18 20:56 - 000018896 _____ (Microsoft Corporation) C:\Windows\system32\sysedit.exe
2017-11-17 12:33 - 2013-06-18 20:56 - 000018832 _____ C:\Windows\system32\v7vga.rom
2017-11-17 12:33 - 2013-06-18 20:56 - 000013312 _____ C:\Windows\system32\win87em.dll
2017-11-17 12:33 - 2013-06-18 20:56 - 000010790 _____ C:\Windows\system32\EDIT.HLP
2017-11-17 12:33 - 2013-06-18 20:56 - 000009936 _____ (Microsoft Corporation) C:\Windows\system32\lzexpand.dll
2017-11-17 12:33 - 2013-06-18 20:56 - 000009936 _____ (Microsoft Corporation) C:\Windows\system\lzexpand.dll
2017-11-17 12:33 - 2013-06-18 20:56 - 000009008 _____ (Microsoft Corporation) C:\Windows\system32\ver.dll
2017-11-17 12:33 - 2013-06-18 20:56 - 000009008 _____ (Microsoft Corporation) C:\Windows\system\ver.dll
2017-11-17 12:33 - 2013-06-18 20:56 - 000008191 _____ C:\Windows\system32\bios4.rom
2017-11-17 12:33 - 2013-06-18 20:56 - 000005532 _____ (Microsoft Corporation) C:\Windows\system\stdole.tlb
2017-11-17 12:33 - 2013-06-18 20:56 - 000004208 _____ (Microsoft Corporation) C:\Windows\system32\storage.dll
2017-11-17 12:10 - 2017-11-17 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2017-11-17 12:09 - 2001-04-12 05:03 - 000565760 _____ (Microsoft Corporation) C:\Windows\system32\MSVCP50.DLL
2017-11-17 12:09 - 2001-04-12 05:03 - 000401484 _____ (Microsoft Corporation) C:\Windows\system32\MSVCRTD.DLL
2017-11-17 12:09 - 2001-04-12 05:03 - 000210944 _____ C:\Windows\system32\MSVCRT10.DLL
2017-11-17 12:09 - 2001-04-12 05:03 - 000133904 _____ (Microsoft Corporation) C:\Windows\system32\MFCANS32.DLL
2017-11-17 12:09 - 2001-04-12 05:03 - 000133392 _____ (Microsoft Corporation) C:\Windows\system32\MFCO30.DLL
2017-11-17 12:09 - 2001-04-12 05:03 - 000094285 _____ (Microsoft Corporation) C:\Windows\system32\MSVCIRTD.DLL
2017-11-17 12:09 - 2001-04-12 05:03 - 000033424 _____ (Microsoft Corporation) C:\Windows\system32\URLCACHE.DLL
2017-11-17 12:09 - 2001-04-12 05:03 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\W95FIBER.DLL
2017-11-17 12:09 - 2001-04-12 05:03 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\MFCUIA32.DLL
2017-11-17 12:09 - 2001-04-12 05:02 - 000322832 _____ (Microsoft Corporation) C:\Windows\system32\MFC30.DLL
2017-11-17 12:09 - 2001-04-12 05:02 - 000243712 _____ (Eastman Kodak Company) C:\Windows\KPCP32.DLL
2017-11-17 12:09 - 2001-04-12 05:02 - 000212480 _____ (Eastman Kodak) C:\Windows\PCDLIB32.DLL
2017-11-17 12:09 - 2001-04-12 05:02 - 000156672 _____ (Eastman Kodak Company) C:\Windows\sprof32.dll
2017-11-17 12:09 - 2001-04-12 05:02 - 000070144 _____ (Eastman Kodak Company) C:\Windows\KPFP32.DLL
2017-11-17 12:09 - 2001-04-12 05:02 - 000058368 _____ (Eastman Kodak Company) C:\Windows\pfpick.dll
2017-11-17 12:09 - 2001-04-12 05:02 - 000053760 _____ (Eastman Kodak Company) C:\Windows\PTPICK32.DLL
2017-11-17 12:09 - 2001-04-12 05:02 - 000048128 _____ (Eastman Kodak Company) C:\Windows\KPSYS32.DLL
2017-11-17 12:09 - 2001-04-12 05:02 - 000042483 _____ C:\Windows\ICCCODES.DAT
2017-11-17 12:09 - 2001-04-12 05:02 - 000039095 _____ C:\Windows\Iccsigs.dat
2017-11-17 12:09 - 2001-04-12 05:02 - 000032792 _____ (Eastman Kodak Company) C:\Windows\SPWHPT.DLL
2017-11-17 12:09 - 2001-04-12 05:02 - 000031744 _____ (Eastman Kodak Company) C:\Windows\KPSHARP.DLL
2017-11-17 12:09 - 2001-04-12 05:02 - 000031232 _____ (Eastman Kodak Company) C:\Windows\KPSCALE.DLL
2017-11-17 12:09 - 2001-04-12 05:02 - 000020992 _____ (Eastman Kodak Company) C:\Windows\icccodes.dll
2017-11-17 12:09 - 2001-04-12 05:02 - 000000156 _____ C:\Windows\KPCMS.INI
2017-11-17 12:08 - 2017-11-17 12:35 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-11-17 12:08 - 2017-11-17 12:35 - 000000000 ____D C:\Program Files\Adobe
2017-11-17 12:08 - 2017-11-17 12:10 - 000000000 ____D C:\Windows\system32\Color
2017-11-17 12:08 - 2017-11-17 12:09 - 000000000 ____D C:\Kpcms
2017-11-17 12:03 - 1998-10-30 06:45 - 000306688 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2017-11-17 09:54 - 2017-10-11 15:31 - 000123048 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-11-17 09:54 - 2017-10-10 22:58 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2017-11-17 09:54 - 2017-10-10 21:16 - 001918464 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-11-17 09:54 - 2017-10-10 21:16 - 001321472 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-11-17 09:54 - 2017-10-10 21:16 - 000541696 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-11-17 09:54 - 2017-10-10 21:16 - 000509440 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-11-17 09:54 - 2017-10-10 21:16 - 000488448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-11-17 09:54 - 2017-10-10 21:16 - 000308736 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-11-17 09:54 - 2017-10-10 21:16 - 000303616 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-11-17 09:54 - 2017-10-10 21:16 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-11-17 09:54 - 2017-10-10 21:16 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-11-17 09:05 - 2017-09-09 00:50 - 002471424 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2017-11-17 09:04 - 2017-10-18 03:11 - 000339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2017-11-17 09:04 - 2017-10-17 02:33 - 001681232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-11-17 09:04 - 2017-10-14 20:59 - 001325400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-11-17 09:04 - 2017-10-14 14:50 - 002293760 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-11-17 09:04 - 2017-10-14 14:25 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-11-17 09:04 - 2017-10-14 14:24 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-11-17 09:04 - 2017-10-14 14:24 - 000331776 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-11-17 09:04 - 2017-10-14 14:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-11-17 09:04 - 2017-10-14 14:14 - 013317632 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-11-17 09:04 - 2017-10-10 23:47 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2017-11-17 09:04 - 2017-10-10 23:11 - 002749952 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-11-17 09:04 - 2017-10-10 23:08 - 000367104 _____ (Microsoft Corporation) C:\Windows\system32\PCPTpm12.dll
2017-11-17 09:04 - 2017-10-05 15:13 - 000319320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-11-17 09:04 - 2017-09-15 07:49 - 000736600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-11-17 09:04 - 2017-09-08 11:28 - 000507176 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-11-17 09:04 - 2017-09-08 03:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\mgmtapi.dll
2017-11-17 09:04 - 2017-09-08 00:10 - 000513456 _____ C:\Windows\system32\locale.nls
2017-11-17 09:04 - 2017-09-07 21:40 - 000922432 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-11-17 09:04 - 2017-09-07 07:47 - 000118272 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll
2017-11-17 09:04 - 2017-09-07 07:03 - 000111448 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-11-17 09:04 - 2017-09-07 05:08 - 000377688 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-11-17 09:04 - 2017-08-11 09:30 - 002464256 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-11-17 09:04 - 2016-01-09 09:42 - 000075096 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-11-17 09:04 - 2015-10-11 14:39 - 000382808 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-11-17 09:04 - 2015-10-11 14:39 - 000023896 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-11-17 09:04 - 2015-10-11 01:36 - 000026112 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-11-17 09:04 - 2015-10-11 01:36 - 000022016 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-11-15 09:22 - 2017-11-15 09:22 - 000000000 ____D C:\Users\Earl\AppData\Roaming\Google
2017-11-08 03:30 - 2017-11-13 04:34 - 000159528 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-11-08 03:30 - 2017-11-13 04:34 - 000000000 ____D C:\Program Files\MalwareFox AntiMalware
2017-11-08 03:30 - 2017-11-11 08:32 - 000051371 _____ C:\Windows\ZAM.krnl.trace
2017-11-08 03:30 - 2017-11-08 03:30 - 000000000 ____D C:\Users\Earl\AppData\Local\Wolf of Webstreet OPC Private Limited
2017-11-08 03:29 - 2017-11-08 03:29 - 000000000 ____D C:\Users\Earl\AppData\Local\Zemana
2017-11-08 03:00 - 2017-11-08 03:00 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2017-11-08 01:50 - 2017-11-08 01:55 - 000000000 ____D C:\EditPadLite7
2017-11-04 23:13 - 2017-11-04 23:13 - 000000000 ____D C:\Users\Earl\AppData\Local\CEF
2017-11-03 19:14 - 2017-12-29 22:36 - 000001066 _____ C:\Users\Public\Desktop\System Ninja.lnk
2017-11-03 13:00 - 2017-11-17 11:45 - 000000000 ____D C:\Windows\system32\Appraiser
2017-11-03 13:00 - 2017-11-03 13:00 - 000000000 ___SD C:\Windows\system32\CompatTel
2017-11-03 10:43 - 2015-07-30 21:48 - 000103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-11-03 09:34 - 2017-04-22 05:53 - 000029376 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2017-11-03 09:34 - 2017-04-22 05:53 - 000018600 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2017-11-03 09:34 - 2017-04-12 02:27 - 000987840 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2017-11-03 09:34 - 2017-04-12 02:27 - 000485576 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2017-11-03 09:08 - 2017-12-15 19:49 - 000000000 ____D C:\Windows\system32\MRT
2017-11-03 09:07 - 2017-12-15 19:37 - 130448288 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-11-03 09:07 - 2017-12-15 19:37 - 130448288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-11-03 08:33 - 2017-12-18 02:33 - 000000000 ____D C:\Program Files\CCleaner
2017-11-03 08:33 - 2017-12-06 00:32 - 000000983 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-11-03 08:33 - 2017-11-03 08:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-11-03 05:54 - 2017-11-03 05:54 - 000002290 _____ C:\Windows\system32\PARTIZAN.TXT
2017-11-02 22:13 - 2017-11-02 22:31 - 000000000 ____D C:\ProgramData\RegRun
2017-11-02 22:12 - 2013-08-22 14:13 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts.old
2017-11-02 22:11 - 2017-11-03 08:38 - 000000000 ____D C:\Program Files\UnHackMe
2017-11-02 22:11 - 2017-11-03 06:19 - 000000000 ____D C:\Users\Earl\Documents\RegRun2
2017-11-02 22:11 - 2017-11-02 22:27 - 000000002 RSHOT C:\Windows\winstart.bat
2017-11-02 22:07 - 2018-01-03 11:29 - 000000000 ____D C:\ProgramData\Emsisoft
2017-11-02 22:02 - 2017-11-02 22:03 - 000000241 _____ C:\DelFix.txt
2017-11-02 22:02 - 2017-11-02 22:02 - 000000000 ____D C:\Windows\ERUNT
2017-11-02 21:57 - 2018-01-03 07:12 - 000000000 ____D C:\AdwCleaner
2017-11-02 21:54 - 2017-11-02 22:01 - 000000000 ____D C:\ProgramData\HitmanPro
2017-11-02 10:16 - 2017-11-02 10:16 - 000000787 _____ C:\Users\Earl\Desktop\old folder - Shortcut.lnk
2017-11-02 10:06 - 2018-01-03 11:53 - 000000000 ____D C:\Users\Earl\Desktop\FRST-OlderVersion
2017-11-02 08:17 - 2017-11-02 08:17 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2017-11-02 07:37 - 2018-01-03 07:12 - 000000000 ____D C:\Program Files\System Ninja
2017-11-02 07:37 - 2017-12-29 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Ninja
2017-11-02 07:36 - 2017-11-02 07:37 - 002338610 _____ (SingularLabs ) C:\Users\Earl\Downloads\ninja-setup-3.1.3_.exe
2017-11-02 05:14 - 2017-12-17 19:17 - 000002163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-02 05:14 - 2017-12-17 19:17 - 000002151 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-02 05:13 - 2017-12-20 10:37 - 000000000 ____D C:\Users\Earl\AppData\Local\Google
2017-11-02 05:13 - 2017-11-02 05:13 - 000000000 ____D C:\Program Files\Google
2017-11-02 05:12 - 2017-11-02 05:13 - 000000000 ____D C:\Users\Earl\AppData\Local\Deployment
2017-11-02 05:12 - 2017-11-02 05:12 - 000000000 ____D C:\Users\Earl\AppData\Local\Apps\2.0
2017-11-02 04:59 - 2016-06-21 22:12 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-11-02 04:59 - 2016-05-15 04:01 - 000320720 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2017-11-02 04:59 - 2016-05-14 05:35 - 000286208 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2017-11-02 04:59 - 2016-05-14 05:26 - 000631808 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-11-02 04:59 - 2016-01-11 01:31 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2017-11-02 04:59 - 2016-01-11 01:14 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\cfgbkend.dll
2017-11-02 04:59 - 2016-01-11 00:51 - 000702976 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-11-02 04:59 - 2016-01-11 00:49 - 000443392 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2017-11-02 04:59 - 2016-01-11 00:40 - 000116736 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2017-11-02 04:59 - 2015-12-05 13:58 - 002528784 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2017-11-02 04:59 - 2015-12-05 13:58 - 002447136 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2017-11-02 04:59 - 2015-12-05 13:58 - 002324744 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-11-02 04:59 - 2015-12-05 13:58 - 001484888 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2017-11-02 04:59 - 2015-12-05 13:58 - 001115640 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2017-11-02 04:59 - 2015-12-05 13:58 - 001037680 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2017-11-02 04:59 - 2015-12-05 13:58 - 000914672 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2017-11-02 04:59 - 2015-12-05 13:58 - 000700360 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2017-11-02 04:59 - 2015-12-05 13:58 - 000584656 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2017-11-02 04:59 - 2015-12-05 13:58 - 000492736 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2017-11-02 04:59 - 2015-12-05 13:58 - 000463776 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2017-11-02 04:59 - 2015-12-05 13:58 - 000275312 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2017-11-02 04:59 - 2015-12-05 13:58 - 000274280 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2017-11-02 04:59 - 2015-12-05 13:58 - 000229272 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2017-11-02 04:59 - 2015-12-05 13:58 - 000184912 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2017-11-02 04:59 - 2015-12-05 13:58 - 000183856 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2017-11-02 04:59 - 2015-12-05 13:58 - 000110544 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-11-02 04:59 - 2015-12-05 13:58 - 000099136 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2017-11-02 04:59 - 2015-12-05 13:58 - 000081032 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2017-11-02 04:59 - 2015-12-05 13:58 - 000076936 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2017-11-02 04:59 - 2015-12-04 01:28 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2017-11-02 04:59 - 2015-12-04 01:28 - 000245760 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2017-11-02 04:59 - 2015-12-04 01:27 - 000736256 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2017-11-02 04:59 - 2015-12-04 01:24 - 001411584 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2017-11-02 04:59 - 2015-12-04 01:23 - 000402432 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2017-11-02 04:59 - 2015-12-04 01:01 - 000743936 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2017-11-02 04:59 - 2015-12-04 00:29 - 000887296 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2017-11-02 04:59 - 2015-11-05 16:21 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2017-11-02 04:59 - 2015-08-01 11:45 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2017-11-02 04:59 - 2015-08-01 11:38 - 001015808 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2017-11-02 04:59 - 2015-08-01 11:37 - 000359936 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2017-11-02 04:59 - 2015-07-22 22:25 - 001546752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2017-11-02 04:59 - 2015-07-19 02:29 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2017-11-02 04:59 - 2015-07-19 02:27 - 000520192 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2017-11-02 04:59 - 2015-07-02 05:37 - 000198656 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2017-11-02 04:59 - 2015-07-02 05:35 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2017-11-02 04:59 - 2015-03-13 10:18 - 000200000 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2017-11-02 04:59 - 2015-03-13 10:18 - 000131904 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2017-11-02 04:59 - 2014-12-09 11:42 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2017-11-02 04:59 - 2014-10-29 11:10 - 000013976 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2017-11-02 04:59 - 2014-10-29 11:07 - 000019096 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2017-11-02 04:59 - 2014-10-29 10:02 - 000064512 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2017-11-02 04:59 - 2014-10-29 10:01 - 000203776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2017-11-02 04:59 - 2014-10-29 09:58 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2017-11-02 04:59 - 2014-10-29 09:51 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2017-11-02 04:59 - 2014-10-29 09:50 - 000028672 ____C (Microsoft Corporation) C:\Windows\system32\MsApoFxProxy.dll
2017-11-02 04:59 - 2014-10-29 09:02 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2017-11-02 04:59 - 2014-09-04 08:00 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2017-11-02 04:58 - 2016-08-11 23:52 - 001119232 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2017-11-02 04:58 - 2016-08-11 23:48 - 000572928 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2017-11-02 04:58 - 2016-08-11 23:47 - 000373760 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2017-11-02 04:58 - 2016-05-13 01:43 - 000115704 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2017-11-02 04:58 - 2016-05-12 23:43 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2017-11-02 04:58 - 2016-05-12 23:37 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2017-11-02 04:58 - 2016-05-12 23:32 - 000308736 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2017-11-02 04:58 - 2016-05-06 23:23 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-11-02 04:58 - 2015-10-14 00:24 - 000462848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-11-02 04:58 - 2015-09-25 00:22 - 000592896 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2017-11-02 04:58 - 2015-09-03 10:17 - 001903848 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-11-02 04:58 - 2015-07-11 00:53 - 000909824 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2017-11-02 04:58 - 2015-04-25 10:33 - 000549888 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2017-11-02 04:58 - 2015-02-06 09:08 - 001943040 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-11-02 04:58 - 2015-01-31 07:20 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2017-11-02 04:58 - 2014-12-12 09:34 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2017-11-02 04:58 - 2014-12-12 08:46 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2017-11-02 04:58 - 2014-12-09 11:45 - 000393728 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2017-11-02 04:58 - 2014-12-06 10:36 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2017-11-02 04:58 - 2014-12-06 09:28 - 000314880 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2017-11-02 04:58 - 2014-11-01 07:47 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2017-11-02 04:58 - 2014-10-29 09:38 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\Wwanpref.dll
2017-11-02 04:58 - 2014-10-29 09:35 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\BdeUISrv.exe
2017-11-02 04:58 - 2014-10-29 09:03 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerDeviceEncryption.exe
2017-11-02 04:58 - 2014-10-29 09:02 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2017-11-02 04:58 - 2014-10-29 09:01 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2017-11-02 04:58 - 2014-10-29 08:57 - 000185344 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2017-11-02 04:58 - 2014-10-29 08:56 - 000297984 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2017-11-02 04:58 - 2014-10-23 13:05 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2017-11-02 04:58 - 2014-09-04 08:11 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\WofTasks.dll
2017-11-02 04:58 - 2014-08-31 04:53 - 000239104 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2017-11-02 04:58 - 2014-08-31 04:17 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-11-02 04:58 - 2014-08-23 15:13 - 002084520 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-11-02 04:58 - 2014-08-23 12:47 - 002151936 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2017-11-02 04:58 - 2014-08-23 12:02 - 000612352 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2017-11-02 04:57 - 2016-08-13 06:19 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-11-02 04:57 - 2016-04-11 14:25 - 000058712 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2017-11-02 04:57 - 2016-04-10 05:50 - 000375296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-11-02 04:57 - 2016-03-04 00:11 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2017-11-02 04:57 - 2016-02-05 01:02 - 000483328 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2017-11-02 04:57 - 2015-07-31 00:22 - 000230912 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2017-11-02 04:57 - 2015-07-11 01:14 - 000856064 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2017-11-02 04:57 - 2015-07-11 00:31 - 006213120 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-11-02 04:57 - 2015-03-24 05:45 - 000257216 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2017-11-02 04:57 - 2015-03-20 10:41 - 000369152 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2017-11-02 04:57 - 2015-03-20 10:16 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2017-11-02 04:57 - 2015-01-28 09:11 - 000357376 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2017-11-02 04:57 - 2014-10-29 09:58 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2017-11-02 04:57 - 2014-10-29 09:57 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2017-11-02 04:57 - 2014-10-29 09:43 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2017-11-02 04:57 - 2014-10-29 09:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2017-11-02 04:57 - 2014-10-29 09:05 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2017-11-02 04:57 - 2014-10-29 09:04 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2017-11-02 04:57 - 2014-10-29 09:04 - 000038400 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2017-11-02 04:57 - 2014-08-16 11:16 - 001205976 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2017-11-02 04:57 - 2014-08-16 08:39 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2017-11-02 04:57 - 2014-08-16 08:35 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2017-11-02 04:57 - 2014-08-16 08:30 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2017-11-02 04:57 - 2014-08-16 08:29 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2017-11-02 04:57 - 2014-08-16 08:23 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2017-11-02 04:57 - 2014-08-16 08:21 - 000220160 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2017-11-02 04:57 - 2014-08-16 08:19 - 000189952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-11-02 04:57 - 2014-08-16 08:15 - 000586752 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2017-11-02 04:57 - 2014-08-16 08:14 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2017-11-02 04:57 - 2014-08-16 08:13 - 005902848 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2017-11-02 04:57 - 2014-08-16 08:13 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2017-11-02 04:57 - 2014-08-16 08:11 - 003985408 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2017-11-02 04:57 - 2014-08-16 08:07 - 000756224 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2017-11-02 04:57 - 2014-08-16 08:05 - 000877056 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2017-11-02 04:56 - 2016-03-31 13:25 - 000851712 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-11-02 04:56 - 2016-02-07 01:20 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2017-11-02 04:56 - 2016-02-06 03:07 - 000243032 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2017-11-02 04:56 - 2016-02-01 02:37 - 000120672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2017-11-02 04:56 - 2015-12-02 23:01 - 000561664 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2017-11-02 04:56 - 2015-11-22 00:49 - 001344000 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2017-11-02 04:56 - 2015-11-22 00:40 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2017-11-02 04:56 - 2015-07-10 00:30 - 000212992 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2017-11-02 04:56 - 2015-07-10 00:30 - 000212992 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2017-11-02 04:56 - 2015-04-09 06:59 - 000333624 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2017-11-02 04:56 - 2015-03-13 10:37 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2017-11-02 04:56 - 2015-03-04 10:19 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2017-11-02 04:56 - 2014-10-29 10:00 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-11-02 04:56 - 2014-10-29 10:00 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-11-02 04:56 - 2014-10-29 09:51 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\LAPRXY.DLL
2017-11-02 04:56 - 2014-10-29 09:32 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-11-02 04:56 - 2014-10-13 10:47 - 000036160 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2017-11-02 04:56 - 2014-05-19 13:33 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\drvcfg.exe
2017-11-02 04:56 - 2014-05-19 13:23 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2017-11-02 04:55 - 2017-09-15 03:24 - 005761880 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-11-02 04:55 - 2017-09-15 03:24 - 001472056 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-11-02 04:55 - 2017-09-14 09:14 - 001124384 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-11-02 04:55 - 2017-09-13 21:27 - 000376320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2017-11-02 04:55 - 2017-09-10 01:55 - 019790760 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-11-02 04:55 - 2017-09-09 23:21 - 012879360 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-11-02 04:55 - 2017-09-09 12:17 - 001119736 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-11-02 04:55 - 2017-09-08 03:09 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-11-02 04:55 - 2017-09-08 02:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-11-02 04:55 - 2017-09-08 02:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-11-02 04:55 - 2017-09-08 02:24 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2017-11-02 04:55 - 2017-09-08 02:17 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2017-11-02 04:55 - 2017-08-18 06:03 - 000450392 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-11-02 04:55 - 2017-08-18 06:03 - 000136832 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-11-02 04:55 - 2017-08-13 23:52 - 005274624 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2017-11-02 04:55 - 2017-08-13 23:36 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2017-11-02 04:55 - 2017-08-13 23:18 - 005270016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-11-02 04:55 - 2017-08-11 09:57 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2017-11-02 04:55 - 2017-08-06 15:13 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2017-11-02 04:55 - 2017-07-09 02:31 - 000278880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2017-11-02 04:55 - 2017-07-08 11:12 - 000076120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2017-11-02 04:55 - 2017-07-08 11:11 - 001294928 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2017-11-02 04:55 - 2017-07-08 11:11 - 001181280 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2017-11-02 04:55 - 2017-06-15 22:16 - 001920000 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-11-02 04:55 - 2017-06-14 01:23 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2017-11-02 04:55 - 2017-06-14 01:11 - 000238080 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2017-11-02 04:55 - 2017-06-14 01:07 - 000304128 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2017-11-02 04:55 - 2017-06-14 01:05 - 001326080 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-11-02 04:55 - 2017-06-12 06:51 - 000240480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-11-02 04:55 - 2017-06-12 04:02 - 000299520 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2017-11-02 04:55 - 2017-06-09 21:47 - 000448629 _____ C:\Windows\system32\ApnDatabase.xml
2017-11-02 04:55 - 2017-06-08 09:41 - 001845080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-11-02 04:55 - 2017-06-07 03:08 - 002712576 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-11-02 04:55 - 2017-06-04 00:03 - 001549312 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-11-02 04:55 - 2017-06-02 18:25 - 000272896 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-11-02 04:55 - 2017-06-02 18:24 - 000391680 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-11-02 04:55 - 2017-06-02 18:17 - 000699392 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-11-02 04:55 - 2017-06-02 17:43 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-11-02 04:55 - 2017-06-01 05:17 - 000332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-11-02 04:55 - 2017-05-28 00:11 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\rdsdwmdr.dll
2017-11-02 04:55 - 2017-05-27 23:49 - 000946176 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2017-11-02 04:55 - 2017-05-16 06:06 - 000048472 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2017-11-02 04:55 - 2017-05-13 00:13 - 001559552 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-11-02 04:55 - 2017-05-13 00:10 - 001088000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-11-02 04:55 - 2017-05-12 23:51 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-11-02 04:55 - 2017-05-12 23:50 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-11-02 04:55 - 2017-05-12 23:48 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2017-11-02 04:55 - 2017-05-12 23:48 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-11-02 04:55 - 2017-05-12 23:47 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-11-02 04:55 - 2017-05-12 23:43 - 002174464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-11-02 04:55 - 2017-05-09 22:35 - 000555520 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2017-11-02 04:55 - 2017-04-16 17:05 - 000888896 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-11-02 04:55 - 2017-04-10 04:35 - 000319328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-11-02 04:55 - 2017-04-07 00:15 - 000358912 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-11-02 04:55 - 2017-04-07 00:08 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2017-11-02 04:55 - 2017-04-02 22:21 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2017-11-02 04:55 - 2017-04-01 05:59 - 001612504 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-11-02 04:55 - 2017-03-14 00:07 - 002170880 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-11-02 04:55 - 2017-03-11 11:56 - 001489608 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2017-11-02 04:55 - 2017-03-05 00:35 - 002976256 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-11-02 04:55 - 2017-02-12 00:42 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2017-11-02 04:55 - 2017-02-10 22:37 - 000038920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2017-11-02 04:55 - 2017-02-05 02:29 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2017-11-02 04:55 - 2017-02-01 22:58 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-11-02 04:55 - 2017-02-01 22:58 - 000153088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-11-02 04:55 - 2017-01-22 03:36 - 000482904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-11-02 04:55 - 2017-01-19 10:21 - 000870224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-11-02 04:55 - 2017-01-15 03:18 - 000787688 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-11-02 04:55 - 2017-01-13 00:55 - 000231256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2017-11-02 04:55 - 2017-01-13 00:55 - 000085336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2017-11-02 04:55 - 2017-01-12 01:31 - 000369496 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2017-11-02 04:55 - 2017-01-11 04:21 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2017-11-02 04:55 - 2017-01-11 03:20 - 000696832 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-11-02 04:55 - 2017-01-07 01:04 - 001495552 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2017-11-02 04:55 - 2016-12-25 08:19 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2017-11-02 04:55 - 2016-11-20 04:14 - 000130624 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-11-02 04:55 - 2016-11-11 10:36 - 001403304 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-11-02 04:55 - 2016-11-06 01:11 - 003606528 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2017-11-02 04:55 - 2016-10-10 07:03 - 000410968 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2017-11-02 04:55 - 2016-10-05 22:00 - 000868864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2017-11-02 04:55 - 2016-09-30 21:39 - 001185792 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-11-02 04:55 - 2016-08-28 00:11 - 001049600 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2017-11-02 04:55 - 2016-07-31 00:36 - 002537472 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2017-11-02 04:55 - 2016-07-24 02:12 - 000954880 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-11-02 04:55 - 2016-07-08 04:34 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2017-11-02 04:55 - 2016-07-04 12:11 - 000117760 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-11-02 04:55 - 2016-06-11 11:44 - 000091416 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2017-11-02 04:55 - 2016-02-05 23:08 - 000570368 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2017-11-02 04:55 - 2016-02-05 23:07 - 000272384 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2017-11-02 04:55 - 2016-02-01 02:37 - 000108896 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2017-11-02 04:55 - 2016-02-01 01:32 - 000089600 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-11-02 04:55 - 2015-11-21 01:30 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-11-02 04:55 - 2015-10-22 23:58 - 000200704 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2017-11-02 04:55 - 2015-09-11 00:17 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-11-02 04:55 - 2015-07-22 22:15 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2017-11-02 04:55 - 2015-06-27 10:14 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-11-02 04:55 - 2015-03-14 09:11 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-11-02 04:55 - 2014-12-09 03:46 - 000485544 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2017-11-02 04:55 - 2014-11-11 01:47 - 000286528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-11-02 04:55 - 2014-10-31 11:24 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-11-02 04:55 - 2014-10-31 10:48 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-11-02 04:55 - 2014-10-29 11:05 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-11-02 04:55 - 2014-10-29 10:04 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2017-11-02 04:55 - 2014-10-29 10:01 - 000071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-11-02 04:55 - 2014-10-29 09:42 - 000325120 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2017-11-02 04:55 - 2014-10-29 09:20 - 000238592 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-11-02 04:55 - 2014-10-29 09:02 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2017-11-02 04:55 - 2014-10-29 08:46 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-11-02 04:55 - 2014-10-29 08:45 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-11-02 04:55 - 2014-10-29 08:44 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-11-02 04:54 - 2017-09-13 21:27 - 000384000 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2017-11-02 04:54 - 2017-09-10 00:38 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2017-11-02 04:54 - 2017-09-09 21:13 - 000640512 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2017-11-02 04:54 - 2017-09-09 21:13 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2017-11-02 04:54 - 2017-09-09 01:39 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-11-02 04:54 - 2017-09-08 03:22 - 000574464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-11-02 04:54 - 2017-09-08 03:22 - 000336384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-11-02 04:54 - 2017-09-08 03:21 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-11-02 04:54 - 2017-09-08 03:21 - 000187392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-11-02 04:54 - 2017-09-08 02:38 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-11-02 04:54 - 2017-08-20 00:48 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-11-02 04:54 - 2017-08-14 01:52 - 000174944 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2017-11-02 04:54 - 2017-08-14 00:40 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-11-02 04:54 - 2017-08-14 00:33 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2017-11-02 04:54 - 2017-08-12 04:34 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2017-11-02 04:54 - 2017-08-11 10:46 - 000213504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-11-02 04:54 - 2017-08-11 09:52 - 001491456 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2017-11-02 04:54 - 2017-08-11 09:41 - 000307200 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-11-02 04:54 - 2017-08-11 09:37 - 000879104 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-11-02 04:54 - 2017-08-11 09:37 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-11-02 04:54 - 2017-08-06 15:12 - 000462336 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2017-11-02 04:54 - 2017-08-01 17:23 - 000085504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-11-02 04:54 - 2017-08-01 16:25 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-11-02 04:54 - 2017-07-23 01:32 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
2017-11-02 04:54 - 2017-07-21 21:40 - 000518144 _____ C:\Windows\system32\msjetoledb40.dll
2017-11-02 04:54 - 2017-07-21 21:40 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2017-11-02 04:54 - 2017-07-17 07:55 - 003551744 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-11-02 04:54 - 2017-07-15 02:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2017-11-02 04:54 - 2017-07-13 04:25 - 000308872 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2017-11-02 04:54 - 2017-07-13 04:25 - 000066112 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-11-02 04:54 - 2017-07-09 01:30 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-11-02 04:54 - 2017-07-09 01:16 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-11-02 04:54 - 2017-07-09 01:07 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-11-02 04:54 - 2017-07-08 11:47 - 000310616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2017-11-02 04:54 - 2017-07-08 11:15 - 000083800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2017-11-02 04:54 - 2017-07-08 11:11 - 001404952 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-11-02 04:54 - 2017-07-08 11:11 - 001280440 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-11-02 04:54 - 2017-07-06 15:50 - 000095744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2017-11-02 04:54 - 2017-07-01 21:47 - 001311744 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2017-11-02 04:54 - 2017-07-01 21:47 - 000866816 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2017-11-02 04:54 - 2017-07-01 21:47 - 000616448 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2017-11-02 04:54 - 2017-07-01 21:47 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2017-11-02 04:54 - 2017-07-01 21:47 - 000375808 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2017-11-02 04:54 - 2017-07-01 21:47 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2017-11-02 04:54 - 2017-07-01 21:47 - 000310272 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2017-11-02 04:54 - 2017-07-01 21:47 - 000272896 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2017-11-02 04:54 - 2017-07-01 21:47 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2017-11-02 04:54 - 2017-07-01 21:47 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2017-11-02 04:54 - 2017-06-25 00:16 - 000352768 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2017-11-02 04:54 - 2017-06-14 01:16 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2017-11-02 04:54 - 2017-06-14 01:14 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\ProximityService.dll
2017-11-02 04:54 - 2017-06-12 05:25 - 000478720 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2017-11-02 04:54 - 2017-06-12 05:07 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2017-11-02 04:54 - 2017-06-12 04:58 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-11-02 04:54 - 2017-06-12 04:40 - 001323008 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-11-02 04:54 - 2017-06-12 04:02 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\umrdp.dll
2017-11-02 04:54 - 2017-06-07 03:03 - 000837632 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2017-11-02 04:54 - 2017-06-07 02:59 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\cnvfat.dll
2017-11-02 04:54 - 2017-06-07 02:57 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\uudf.dll
2017-11-02 04:54 - 2017-06-07 02:03 - 000143360 _____ (Microsoft Corporation) C:\Windows\system32\ulib.dll
2017-11-02 04:54 - 2017-06-07 02:02 - 000513536 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2017-11-02 04:54 - 2017-06-07 02:02 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll
2017-11-02 04:54 - 2017-06-07 02:02 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\ufat.dll
2017-11-02 04:54 - 2017-06-07 02:02 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\uexfat.dll
2017-11-02 04:54 - 2017-06-02 18:19 - 000900096 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-11-02 04:54 - 2017-05-16 02:41 - 000098656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2017-11-02 04:54 - 2017-05-15 03:04 - 000315224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-11-02 04:54 - 2017-05-13 01:05 - 000035840 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-11-02 04:54 - 2017-05-11 02:16 - 000083288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-11-02 04:54 - 2017-05-09 22:29 - 000162816 _____ (Microsoft Corporation) C:\Windows\system32\DAFWSD.dll
2017-11-02 04:54 - 2017-05-09 22:29 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2017-11-02 04:54 - 2017-05-09 22:29 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\snmptrap.exe
2017-11-02 04:54 - 2017-05-03 01:35 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2017-11-02 04:54 - 2017-05-03 01:30 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\smbwmiv2.dll
2017-11-02 04:54 - 2017-04-28 09:11 - 001060352 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-11-02 04:54 - 2017-04-28 08:49 - 000080078 _____ C:\Windows\system32\normidna.nls
2017-11-02 04:54 - 2017-04-16 17:07 - 001566032 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-11-02 04:54 - 2017-04-16 17:07 - 001213792 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-11-02 04:54 - 2017-04-16 17:07 - 000548032 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2017-11-02 04:54 - 2017-04-16 17:05 - 000612096 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-11-02 04:54 - 2017-04-16 15:47 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-11-02 04:54 - 2017-04-16 15:29 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-11-02 04:54 - 2017-04-16 15:02 - 000267776 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2017-11-02 04:54 - 2017-04-16 14:58 - 000644608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-11-02 04:54 - 2017-04-07 00:32 - 000590336 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2017-11-02 04:54 - 2017-04-06 23:39 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2017-11-02 04:54 - 2017-03-14 00:13 - 000159232 _____ (Microsoft Corporation) C:\Windows\system32\wmitomi.dll
2017-11-02 04:54 - 2017-03-14 00:06 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2017-11-02 04:54 - 2017-03-10 03:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2017-11-02 04:54 - 2017-03-05 02:15 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-11-02 04:54 - 2017-03-03 23:06 - 001501184 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-11-02 04:54 - 2017-03-03 23:04 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-11-02 04:54 - 2017-02-05 01:19 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-11-02 04:54 - 2017-02-05 01:17 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-11-02 04:54 - 2017-02-05 01:16 - 000616960 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-11-02 04:54 - 2017-02-05 01:05 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2017-11-02 04:54 - 2017-01-22 02:40 - 000756736 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-11-02 04:54 - 2017-01-22 02:40 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-11-02 04:54 - 2017-01-15 01:17 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2017-11-02 04:54 - 2017-01-11 03:09 - 001108480 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-11-02 04:54 - 2016-12-25 08:25 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2017-11-02 04:54 - 2016-12-25 07:58 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2017-11-02 04:54 - 2016-12-25 07:13 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2017-11-02 04:54 - 2016-11-13 03:38 - 000613632 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2017-11-02 04:54 - 2016-10-12 04:21 - 000399776 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2017-11-02 04:54 - 2016-10-12 00:55 - 000226816 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2017-11-02 04:54 - 2016-10-11 05:17 - 000333656 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-11-02 04:54 - 2016-10-11 02:22 - 000069976 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-11-02 04:54 - 2016-10-09 22:15 - 000198656 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2017-11-02 04:54 - 2016-10-09 22:08 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2017-11-02 04:54 - 2016-10-09 05:49 - 002410496 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2017-11-02 04:54 - 2016-10-09 05:21 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2017-11-02 04:54 - 2016-10-05 12:15 - 000245320 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-11-02 04:54 - 2016-10-05 04:21 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2017-11-02 04:54 - 2016-10-05 04:08 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2017-11-02 04:54 - 2016-09-18 01:21 - 000089600 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2017-11-02 04:54 - 2016-09-13 05:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2017-11-02 04:54 - 2016-09-09 22:02 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmi.dll
2017-11-02 04:54 - 2016-09-08 21:59 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2017-11-02 04:54 - 2016-09-04 01:21 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\iscsidsc.dll
2017-11-02 04:54 - 2016-09-04 01:10 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\iscsiexe.dll
2017-11-02 04:54 - 2016-09-03 23:58 - 000397824 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-11-02 04:54 - 2016-09-02 22:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2017-11-02 04:54 - 2016-09-01 22:30 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2017-11-02 04:54 - 2016-08-30 22:05 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2017-11-02 04:54 - 2016-08-30 10:18 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll
2017-11-02 04:54 - 2016-08-30 10:03 - 000721920 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2017-11-02 04:54 - 2016-08-26 03:40 - 000678400 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2017-11-02 04:54 - 2016-08-13 06:19 - 009323008 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-11-02 04:54 - 2016-08-13 06:17 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys
2017-11-02 04:54 - 2016-08-13 06:16 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2017-11-02 04:54 - 2016-08-13 06:16 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2017-11-02 04:54 - 2016-08-13 05:17 - 000207872 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2017-11-02 04:54 - 2016-08-12 09:58 - 001946176 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2017-11-02 04:54 - 2016-08-12 01:12 - 000082432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys
2017-11-02 04:54 - 2016-08-12 01:12 - 000077824 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys
2017-11-02 04:54 - 2016-08-12 01:12 - 000017408 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys
2017-11-02 04:54 - 2016-08-12 01:12 - 000008704 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\parvdm.sys
2017-11-02 04:54 - 2016-08-12 00:22 - 001318400 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2017-11-02 04:54 - 2016-08-03 23:36 - 001102848 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2017-11-02 04:54 - 2016-08-03 23:33 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-11-02 04:54 - 2016-07-26 21:39 - 000162850 _____ C:\Windows\system32\C_932.NLS
2017-11-02 04:54 - 2016-07-08 22:17 - 000319488 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2017-11-02 04:54 - 2016-07-08 04:18 - 000187392 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2017-11-02 04:54 - 2016-07-08 04:11 - 000185856 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2017-11-02 04:54 - 2016-07-08 03:35 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll
2017-11-02 04:54 - 2016-07-08 03:23 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2017-11-02 04:54 - 2016-07-08 03:22 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2017-11-02 04:54 - 2016-07-08 03:14 - 000628736 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2017-11-02 04:54 - 2016-06-26 01:15 - 000134144 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-11-02 04:54 - 2016-06-26 00:47 - 000367104 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-11-02 04:54 - 2016-06-26 00:03 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2017-11-02 04:54 - 2016-05-19 05:15 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2017-11-02 04:54 - 2016-05-06 00:37 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2017-11-02 04:54 - 2016-04-07 01:49 - 000120384 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-11-02 04:54 - 2016-03-12 08:47 - 000121912 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2017-11-02 04:54 - 2016-02-09 04:29 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2017-11-02 04:54 - 2016-02-03 01:19 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2017-11-02 04:54 - 2016-02-03 00:46 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2017-11-02 04:54 - 2015-11-10 08:04 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-11-02 04:54 - 2015-08-22 21:42 - 000066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-02 04:54 - 2015-08-22 21:42 - 000022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-02 04:54 - 2015-08-22 21:42 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-02 04:54 - 2015-08-22 21:42 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-02 04:54 - 2015-08-22 21:42 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-02 04:54 - 2015-08-22 21:42 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-02 04:54 - 2015-08-22 21:42 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-02 04:54 - 2015-08-22 21:42 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-02 04:54 - 2015-08-22 21:42 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-02 04:54 - 2015-08-22 21:42 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-02 04:54 - 2015-08-22 21:42 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-02 04:54 - 2015-08-22 21:42 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-02 04:54 - 2015-08-22 21:42 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-02 04:54 - 2015-08-22 21:42 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-02 04:54 - 2015-08-22 21:42 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-02 04:54 - 2015-07-17 03:50 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-11-02 04:54 - 2015-06-27 11:08 - 000239104 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-11-02 04:54 - 2015-06-16 04:44 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-11-02 04:54 - 2015-05-23 11:04 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-11-02 04:54 - 2015-02-03 07:53 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2017-11-02 04:54 - 2014-10-31 11:28 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2017-11-02 04:54 - 2014-10-31 11:28 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2017-11-02 04:54 - 2014-10-31 11:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2017-11-02 04:54 - 2014-10-31 11:26 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2017-11-02 04:54 - 2014-10-31 11:25 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2017-11-02 04:54 - 2014-10-31 11:24 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2017-11-02 04:54 - 2014-10-31 11:23 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-11-02 04:54 - 2014-10-31 11:16 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-11-02 04:54 - 2014-10-31 11:15 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-11-02 04:54 - 2014-10-31 11:14 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2017-11-02 04:54 - 2014-10-31 11:12 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-11-02 04:54 - 2014-10-31 11:03 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2017-11-02 04:54 - 2014-10-31 10:57 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-11-02 04:54 - 2014-10-31 10:56 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-11-02 04:54 - 2014-10-31 10:56 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2017-11-02 04:54 - 2014-10-31 10:53 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2017-11-02 04:54 - 2014-10-31 10:24 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2017-11-02 04:54 - 2014-10-29 11:10 - 000022848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2017-11-02 04:54 - 2014-10-29 11:05 - 000026304 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-11-02 04:54 - 2014-10-29 11:05 - 000020120 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-11-02 04:54 - 2014-10-29 10:04 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-11-02 04:54 - 2014-10-29 10:00 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-11-02 04:54 - 2014-10-29 10:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\idndl.dll
2017-11-02 04:54 - 2014-10-29 10:00 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-11-02 04:54 - 2014-10-29 10:00 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\normaliz.dll
2017-11-02 04:54 - 2014-10-29 09:58 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmiv2.dll
2017-11-02 04:54 - 2014-10-29 09:58 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2017-11-02 04:54 - 2014-10-29 09:58 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-11-02 04:54 - 2014-10-29 09:58 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\convert.exe
2017-11-02 04:54 - 2014-10-29 09:58 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\iscsied.dll
2017-11-02 04:54 - 2014-10-29 09:58 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2017-11-02 04:54 - 2014-10-29 09:57 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2017-11-02 04:54 - 2014-10-29 09:57 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-11-02 04:54 - 2014-10-29 09:56 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\sccls.dll
2017-11-02 04:54 - 2014-10-29 09:54 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2017-11-02 04:54 - 2014-10-29 09:52 - 000289280 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2017-11-02 04:54 - 2014-10-29 09:52 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2017-11-02 04:54 - 2014-10-29 09:50 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-11-02 04:54 - 2014-10-29 09:49 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2017-11-02 04:54 - 2014-10-29 09:48 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\iscsicli.exe
2017-11-02 04:54 - 2014-10-29 09:46 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\SCardDlg.dll
2017-11-02 04:54 - 2014-10-29 09:45 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2017-11-02 04:54 - 2014-10-29 09:43 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-11-02 04:54 - 2014-10-29 09:39 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2017-11-02 04:54 - 2014-10-29 09:38 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2017-11-02 04:54 - 2014-10-29 09:37 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2017-11-02 04:54 - 2014-10-29 09:35 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2017-11-02 04:54 - 2014-10-29 09:28 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2017-11-02 04:54 - 2014-10-29 09:26 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-11-02 04:54 - 2014-10-29 09:20 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\rdvvmtransport.dll
2017-11-02 04:54 - 2014-10-29 09:15 - 000199168 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2017-11-02 04:54 - 2014-10-29 09:14 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2017-11-02 04:54 - 2014-10-29 09:06 - 000021504 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-11-02 04:54 - 2014-10-29 09:05 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wmsgapi.dll
2017-11-02 04:54 - 2014-10-29 09:05 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2017-11-02 04:54 - 2014-10-29 09:04 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\NetEvtFwdr.exe
2017-11-02 04:54 - 2014-10-29 09:04 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\smphost.dll
2017-11-02 04:54 - 2014-10-29 09:00 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\delegatorprovider.dll
2017-11-02 04:54 - 2014-10-29 09:00 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi_passthru.dll
2017-11-02 04:54 - 2014-10-29 08:59 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\rastlsext.dll
2017-11-02 04:54 - 2014-10-18 14:29 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2017-11-02 04:54 - 2014-02-06 18:20 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-11-02 04:54 - 2014-02-06 18:19 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-11-02 04:53 - 2016-08-23 00:09 - 000136872 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-11-02 04:53 - 2016-08-23 00:09 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-11-02 04:53 - 2016-05-17 05:16 - 000148824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-11-02 04:53 - 2016-05-17 05:13 - 000340872 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2017-11-02 04:53 - 2015-12-29 04:31 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\WinSync.dll
2017-11-02 04:53 - 2015-05-31 03:24 - 000694272 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-11-02 04:53 - 2015-05-31 03:24 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2017-11-02 04:53 - 2014-12-09 03:46 - 000108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2017-11-02 04:53 - 2014-12-09 03:42 - 000372408 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2017-11-02 04:53 - 2014-12-09 03:42 - 000033584 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2017-11-02 04:53 - 2014-11-11 01:47 - 000069440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2017-11-02 04:53 - 2014-10-29 11:12 - 000413136 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2017-11-02 04:53 - 2014-10-29 11:07 - 000424544 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-11-02 04:53 - 2014-10-29 11:07 - 000370424 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-11-02 04:53 - 2014-10-29 11:07 - 000344536 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2017-11-02 04:53 - 2014-10-29 11:07 - 000213336 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-11-02 04:53 - 2014-10-29 11:05 - 000035616 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-11-02 04:53 - 2014-10-29 10:06 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-11-02 04:53 - 2014-10-29 10:03 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-11-02 04:53 - 2014-10-12 16:58 - 000047424 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2017-11-02 04:45 - 2017-11-02 04:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-11-02 04:45 - 2006-10-27 10:56 - 000032592 _____ (Microsoft Corporation) C:\Windows\system32\msonpmon.dll
2017-11-02 04:44 - 2017-11-02 04:44 - 000000000 ____D C:\Program Files\Microsoft Works
2017-11-02 04:43 - 2017-11-02 04:43 - 000000000 ____D C:\Windows\PCHEALTH
2017-11-02 04:43 - 2017-11-02 04:43 - 000000000 ____D C:\Program Files\Microsoft Visual Studio
2017-11-02 04:43 - 2017-11-02 04:43 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2017-11-02 04:41 - 2017-11-02 04:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
2017-11-02 04:41 - 2017-11-02 04:41 - 000000000 ____D C:\Program Files\Microsoft Visual Studio 8
2017-11-02 04:40 - 2017-11-02 04:40 - 000000000 __RHD C:\MSOCache
2017-11-02 04:40 - 2017-11-02 04:40 - 000000000 ____D C:\Users\Earl\AppData\Local\Microsoft Help
2017-11-02 04:02 - 2017-11-02 04:02 - 000000000 __SHD C:\Users\Earl\AppData\LocalLow\EmieUserList
2017-11-02 04:02 - 2017-11-02 04:02 - 000000000 __SHD C:\Users\Earl\AppData\LocalLow\EmieSiteList
2017-11-02 04:02 - 2017-11-02 04:02 - 000000000 __SHD C:\Users\Earl\AppData\Local\EmieUserList
2017-11-02 04:02 - 2017-11-02 04:02 - 000000000 __SHD C:\Users\Earl\AppData\Local\EmieSiteList
2017-11-02 03:36 - 2018-01-03 07:15 - 000000000 ____D C:\Users\Earl\Desktop\pics crosses etc
2017-11-02 03:36 - 2017-12-31 10:21 - 000000000 ____D C:\Users\Earl\Documents\page stuff
2017-11-02 03:36 - 2017-12-05 11:50 - 000000000 ____D C:\Users\Earl\Desktop\Page Maker
2017-11-02 03:36 - 2017-10-26 15:18 - 000037376 _____ C:\Users\Earl\Documents\eva air.pmd
2017-11-02 03:36 - 2017-10-16 15:56 - 001146880 _____ C:\Users\Earl\Documents\TRAN S FER.pmd
2017-11-02 03:36 - 2017-10-15 16:52 - 000165376 _____ C:\Users\Earl\Documents\TSIKO WARD.pmd
2017-11-02 03:36 - 2017-10-15 15:10 - 000184832 _____ C:\Users\Earl\Documents\8 up wide.pmd
2017-11-02 03:36 - 2017-10-15 09:03 - 008936448 _____ C:\Users\Earl\Documents\family portrait.pmd
2017-11-02 03:36 - 2017-10-14 17:44 - 002426368 _____ C:\Users\Earl\Documents\H CLOCK N STICKER.pmd
2017-11-02 03:36 - 2017-10-14 08:42 - 005934080 _____ C:\Users\Earl\Documents\GOOD HUGGOS.pmd
2017-11-02 03:36 - 2017-10-12 02:06 - 002483200 _____ C:\Users\Earl\Documents\santa x mas letter.pmd
2017-11-02 03:36 - 2017-10-10 16:14 - 001297408 _____ C:\Users\Earl\Documents\LADYS NITE.pmd
2017-11-02 03:36 - 2017-10-08 08:33 - 000000000 ___HD C:\Users\Earl\Documents\.tmp.drivedownload
2017-11-02 03:36 - 2017-10-03 06:37 - 000001044 _____ C:\Users\Earl\Documents\note pad.txt
2017-11-02 03:36 - 2017-10-01 12:55 - 000199680 _____ C:\Users\Earl\Documents\WARRIORS LONG.pmd
2017-11-02 03:36 - 2017-09-28 04:06 - 000188928 _____ C:\Users\Earl\Documents\COMFORTER.pmd
2017-11-02 03:36 - 2017-09-27 00:13 - 000297472 _____ C:\Users\Earl\Documents\fridays card.pmd
2017-11-02 03:36 - 2017-09-13 07:11 - 000289792 _____ C:\Users\Earl\Documents\santa earl card.pmd
2017-11-02 03:36 - 2017-09-10 08:48 - 000052700 _____ C:\Users\Earl\Documents\cc_20170910_084759.reg
2017-11-02 03:36 - 2017-09-02 09:01 - 000151552 _____ C:\Users\Earl\Documents\throw away ticket.pmd
2017-11-02 03:36 - 2017-09-02 08:36 - 000238080 _____ C:\Users\Earl\Documents\QUOTE JOHN WOODEN.pmd
2017-11-02 03:36 - 2017-04-17 14:03 - 000130560 _____ C:\Users\Earl\Documents\circle uke hole.pmd
2017-11-02 03:36 - 2017-04-08 10:50 - 000084992 _____ C:\Users\Earl\Documents\geezers.pmd
2017-11-02 03:36 - 2017-04-08 09:52 - 000105472 _____ C:\Users\Earl\Documents\PHIL FLAG.pmd
2017-11-02 03:36 - 2017-03-31 12:29 - 000177664 _____ C:\Users\Earl\Documents\hog kong paua sheets.pmd
2017-11-02 03:36 - 2017-03-30 01:01 - 000082944 _____ C:\Users\Earl\Documents\DIABETES DRUG.pmd
2017-11-02 03:36 - 2016-11-24 10:03 - 000174080 _____ C:\Users\Earl\Documents\New PageMaker 7.0 Publication.pmd
2017-11-02 03:36 - 2016-11-23 11:11 - 001227776 _____ C:\Users\Earl\Documents\zarks.pmd
2017-11-02 03:34 - 2017-12-18 02:33 - 000000000 ____D C:\Users\Earl\Desktop\old folder
2017-11-02 03:34 - 2017-11-02 03:34 - 000000000 ____D C:\Users\Earl\Desktop\Acrobat Reader 5.0.5
2017-11-02 03:34 - 2017-10-03 18:27 - 000001084 _____ C:\Users\Earl\Desktop\x mas pins etc..lnk
2017-11-02 03:34 - 2017-09-28 04:03 - 000000917 _____ C:\Users\Earl\Desktop\page stuff.lnk
2017-11-02 02:35 - 2017-11-02 05:07 - 000000000 ____D C:\ProgramData\ASUS
2017-11-02 02:20 - 2017-11-02 02:20 - 000000000 ____D C:\Users\Earl\AppData\Roaming\WebStorage
2017-11-02 02:16 - 2017-11-02 02:16 - 000000000 ____D C:\Users\Earl\AppData\Roaming\Macromedia
2017-11-02 02:14 - 2018-01-03 08:04 - 000000093 _____ C:\Users\Earl\AppData\Roaming\sp_data.sys
2017-11-02 02:14 - 2017-12-04 02:29 - 000000000 ____D C:\Users\Earl\AppData\Local\VirtualStore
2017-11-02 02:14 - 2017-11-17 12:35 - 000000000 ____D C:\Users\Earl\AppData\Roaming\Adobe
2017-11-02 02:14 - 2017-11-09 20:29 - 000000000 ____D C:\Users\Earl
2017-11-02 02:14 - 2017-11-05 21:44 - 000000000 ____D C:\Users\Earl\AppData\Local\Packages
2017-11-02 02:14 - 2017-11-02 02:14 - 000001448 _____ C:\Users\Earl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-11-02 02:14 - 2017-11-02 02:14 - 000000144 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-11-02 02:14 - 2017-11-02 02:14 - 000000020 ___SH C:\Users\Earl\ntuser.ini
2017-11-02 02:14 - 2017-11-02 02:14 - 000000000 __SHD C:\Users\Earl\IntelGraphicsProfiles
2017-11-02 02:14 - 2014-03-18 15:39 - 000000369 _____ C:\Users\Earl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2017-11-02 02:14 - 2014-03-18 15:39 - 000000369 _____ C:\Users\Earl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2017-11-02 02:13 - 2017-11-02 02:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-02 02:13 - 2017-11-02 02:13 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-03 08:11 - 2014-03-18 15:40 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI
2018-01-03 08:11 - 2013-08-22 14:21 - 000000000 ____D C:\Windows\inf
2018-01-03 08:04 - 2013-08-22 15:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-03 08:04 - 2013-08-22 14:13 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-01-03 04:12 - 2013-08-22 16:17 - 000000000 ____D C:\Windows\system32\NDF
2018-01-03 04:04 - 2013-08-22 16:17 - 000000000 ____D C:\Windows\LiveKernelReports
2018-01-02 19:00 - 2013-08-22 14:13 - 000262144 ___SH C:\Windows\system32\config\ELAM
2017-12-29 08:36 - 2013-08-22 16:05 - 000000000 ____D C:\Windows\CbsTemp
2017-12-21 23:49 - 2013-08-22 16:17 - 000000000 ____D C:\Windows\rescache
2017-12-06 00:45 - 2015-04-25 02:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-12-05 14:19 - 2013-08-22 16:17 - 000000000 ____D C:\Windows\AppReadiness
2017-12-05 00:23 - 2013-08-22 16:18 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-12-05 00:23 - 2013-08-22 16:18 - 000177656 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-12-04 22:19 - 2015-04-25 03:04 - 000000000 ____D C:\ProgramData\McAfee
2017-12-04 22:10 - 2013-08-22 16:17 - 000000000 ___HD C:\Windows\ELAMBKUP

==================== Files in the root of some directories =======

2017-11-02 02:14 - 2018-01-03 08:04 - 000000093 _____ () C:\Users\Earl\AppData\Roaming\sp_data.sys

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Firmware Boot Manager
---------------------
identifier {fwbootmgr}
displayorder {bootmgr}
{60fef016-2ea4-11e7-8ef9-806e6f6e6963}
{0649a3f5-eab9-11e4-9018-de49a8259186}
{0649a3f6-eab9-11e4-9018-de49a8259186}
{0649a3f7-eab9-11e4-9018-de49a8259186}
timeout 1

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {current}
resumeobject {1f33132e-bf37-11e7-95ff-838180f36784}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Firmware Application (101fffff)
-------------------------------
identifier {0649a3f5-eab9-11e4-9018-de49a8259186}
description UEFI:CD/DVD Drive
isolatedcontext Yes

Firmware Application (101fffff)
-------------------------------
identifier {0649a3f6-eab9-11e4-9018-de49a8259186}
description UEFI:Removable Device
isolatedcontext Yes

Firmware Application (101fffff)
-------------------------------
identifier {0649a3f7-eab9-11e4-9018-de49a8259186}
description UEFI:Network Device
isolatedcontext Yes

Firmware Application (101fffff)
-------------------------------
identifier {60fef016-2ea4-11e7-8ef9-806e6f6e6963}
device partition=\Device\HarddiskVolume1
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
isolatedcontext Yes

Windows Boot Loader
-------------------
identifier {0649a3fb-eab9-11e4-9018-de49a8259186}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{0649a3fc-eab9-11e4-9018-de49a8259186}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-US
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
isolatedcontext Yes
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{0649a3fc-eab9-11e4-9018-de49a8259186}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Windows Boot Loader
-------------------
identifier {0649a3fd-eab9-11e4-9018-de49a8259186}
device ramdisk=[\Device\HarddiskVolume4]\sources\boot.wim,{ramdiskoptions}
path \windows\system32\boot\winload.efi
description WinPE
isolatedcontext Yes
osdevice ramdisk=[\Device\HarddiskVolume4]\sources\boot.wim,{ramdiskoptions}
systemroot \windows
nx OptIn
detecthal Yes
winpe Yes

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \Windows\system32\winload.efi
description Windows 8.1
locale en-US
inherit {bootloadersettings}
recoverysequence {0649a3fb-eab9-11e4-9018-de49a8259186}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {1f33132e-bf37-11e7-95ff-838180f36784}
nx OptIn
bootmenupolicy Standard
detecthal Yes

Resume from Hibernate
---------------------
identifier {1f33132e-bf37-11e7-95ff-838180f36784}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
recoverysequence {0649a3fb-eab9-11e4-9018-de49a8259186}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
pae Yes
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems No

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {0649a3fc-eab9-11e4-9018-de49a8259186}
description Windows Recovery
isolatedcontext Yes
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi

Setup Ramdisk Options
---------------------
identifier {ramdiskoptions}
description Ramdisk options
isolatedcontext Yes
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \boot\boot.sdi


LastRegBack: 2017-12-30 01:14

==================== End of FRST.txt ===========

#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,965 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:43 AM

Posted 03 January 2018 - 08:25 AM

Hi,

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKU\S-1-5-21-3686689766-4104429596-1712315094-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-3686689766-4104429596-1712315094-1001\...\Policies\Explorer\DisallowRun: [1] Mshta.exe
HKU\S-1-5-21-3686689766-4104429596-1712315094-1001\...\Policies\Explorer\DisallowRun: [2] powershell.exe
HKU\S-1-5-21-3686689766-4104429596-1712315094-1001\...\Policies\Explorer\DisallowRun: [3] bitsadmin.exe
SearchScopes: HKLM -> DefaultScope value is missing
CHR Extension: (Flash Video Downloader) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2017-11-15]
CHR Extension: (Poppit!) - C:\Users\Earl\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2017-11-15]
CHR HKLM\...\Chrome\Extension: [pmagdleikobihfikldcpmgfjcppcddnf] - hxxps://clients2.google.com/service/update2/crx
U0 msahci; system32\drivers\msahci.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam32.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard32.sys [X]

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.

Please let me know what problem persists with this computer.

p.s.

Please post the Fixlog.txt and include the Addition.txt log that was created by the Farbar program.

#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,965 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:43 AM

Posted 09 January 2018 - 08:40 AM

Hi,

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/


https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
Simple and easy ways to keep your computer safe and secure on the Internet.
===




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users