Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

dad allowed remote access, to scammer


  • This topic is locked This topic is locked
8 replies to this topic

#1 pylestone

pylestone

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:45 AM

Posted 25 January 2018 - 05:52 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.01.2018
Ran by dennis (administrator) on BIGSUE (25-01-2018 17:08:31)
Running from F:\
Loaded Profiles: dennis (Available Profiles: dennis & Administrator)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(HP) C:\Windows\System32\HP3DDGService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(The Chromium Authors) C:\Users\dennis\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\dennis\AppData\Local\chromium\Application\chrome.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(The Chromium Authors) C:\Users\dennis\AppData\Local\chromium\Application\chrome.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\BrownyScn\Brother\BrStMonScn.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(The Chromium Authors) C:\Users\dennis\AppData\Local\chromium\Application\chrome.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\BrownyScn\ScannerStatusMonitorService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(The Chromium Authors) C:\Users\dennis\AppData\Local\chromium\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8496344 2015-11-13] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [393200 2017-10-20] ()
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [866224 2017-03-16] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-10-20] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-05-22] (CyberLink Corp.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-05-03] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-09-25] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrScnStsMon00] => C:\Program Files (x86)\BrownyScn\Brother\BrStMonScn.exe [3048448 2013-05-07] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.)
HKU\S-1-5-21-3888258802-3760485577-602093225-1001\...\Run: [HP Officejet 4630 series (NET)] => C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3888258802-3760485577-602093225-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1976040 2018-01-03] (TomTom)
HKU\S-1-5-21-3888258802-3760485577-602093225-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-3888258802-3760485577-602093225-1001\...\Run: [Chromium] => c:\users\dennis\appdata\local\chromium\application\chrome.exe [828416 2017-01-20] (The Chromium Authors)
HKU\S-1-5-21-3888258802-3760485577-602093225-1001\...\Run: [GoogleChromeAutoLaunch_F8949DE433A06B1B9BDA2A0B22EC3E7D] => C:\Users\dennis\AppData\Local\chromium\Application\chrome.exe [828416 2017-01-20] (The Chromium Authors)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{7d1215bc-4196-430b-8211-f9ca0151e59e}: [DhcpNameServer] 192.168.2.1 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{c4ffbd94-3490-4c1e-85d8-bd4498976c59}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-3888258802-3760485577-602093225-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wnf_coinisre_17_06_ssg01&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDyEzztC0CtC0FtCzyyB0Dzy0E0FyCtN0D0Tzu0StCzzyCyEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StA0DzztC0AtDyDtDtGyByE0CtDtG0DtB0E0BtGyCyDzyzytGyD0DyEtAtC0AtAyD0EtByDyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtA0EtAyCyCyCtGtCyBtD0DtGyE0DtD0FtGzy0ByEzytG0B0C0ByDyCzztByD0EyDyDzy2QtN0A0LzuyE%26cr%3D1311317759%26a%3Dwnf_coinisre_17_06_ssg01%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKU\S-1-5-21-3888258802-3760485577-602093225-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
SearchScopes: HKLM -> {1B460A68-29B0-489F-893D-15C01F601B98} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {1B460A68-29B0-489F-893D-15C01F601B98} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3888258802-3760485577-602093225-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_851a73ac8455b40bf3&param1=ArFaIWJoNqArQGMVHFFoNqAqBbFaISEaQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8NVU9ISoUvmk9JaYWwVNdImIWvmo4JqYVvmpdIGYTvFM9GqYVNUI3wGYGwVM3vmk3vmo9GqUNNos3wCIYwVA9JmoVwVA9J6ITvFI4ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6oVvFQ9JmoUvFNdIWYYNVI9I6IWvFI3vmoUwVxdJCIWvmk3vCISwVM4JmoWNVM9I6IXNVRdICIWwVQ4JaYWvmo9JmIWvFM4JqQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVA9J6IYNVE9JCoWvFM4J6ISwVM4JmIVNVI9I6oUNVI9IWYTwVw3vGYXvFE3vCISNVRdJaYXvFI4J6k3wVQ4IWYUvFI4ISk4NoU9GqYYNVc3wCoUQGR7B6RoN9JcMGJaLWVaMGF6QGR7BHFaISopzU0aCaV6CaZ4C78kBrFbMn0aC6AoxrFaIWVdOqZoNqAexbFaIUwkynIew6NoNpRcNXFbJpseyDF%3D&param2=NqZbLGt7MGN%3D&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3888258802-3760485577-602093225-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_851a73ac8455b40bf3&param1=ArFaIWJoNqArQGMVHFFoNqAqBbFaISEaQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8NVU9ISoUvmk9JaYWwVNdImIWvmo4JqYVvmpdIGYTvFM9GqYVNUI3wGYGwVM3vmk3vmo9GqUNNos3wCIYwVA9JmoVwVA9J6ITvFI4ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6oVvFQ9JmoUvFNdIWYYNVI9I6IWvFI3vmoUwVxdJCIWvmk3vCISwVM4JmoWNVM9I6IXNVRdICIWwVQ4JaYWvmo9JmIWvFM4JqQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVA9J6IYNVE9JCoWvFM4J6ISwVM4JmIVNVI9I6oUNVI9IWYTwVw3vGYXvFE3vCISNVRdJaYXvFI4J6k3wVQ4IWYUvFI4ISk4NoU9GqYYNVc3wCoUQGR7B6RoN9JcMGJaLWVaMGF6QGR7BHFaISopzU0aCaV6CaZ4C78kBrFbMn0aC6AoxrFaIWVdOqZoNqAexbFaIUwkynIew6NoNpRcNXFbJpseyDF%3D&param2=NqZbLGt7MGN%3D&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3888258802-3760485577-602093225-1001 -> {1B460A68-29B0-489F-893D-15C01F601B98} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3888258802-3760485577-602093225-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3888258802-3760485577-602093225-1001 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wnf_coinisre_17_06_ssg01&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDyEzztC0CtC0FtCzyyB0Dzy0E0FyCtN0D0Tzu0StCzzyCyEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StA0DzztC0AtDyDtDtGyByE0CtDtG0DtB0E0BtGyCyDzyzytGyD0DyEtAtC0AtAyD0EtByDyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtA0EtAyCyCyCtGtCyBtD0DtGyE0DtD0FtGzy0ByEzytG0B0C0ByDyCzztByD0EyDyDzy2QtN0A0LzuyE%26cr%3D1311317759%26a%3Dwnf_coinisre_17_06_ssg01%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Toolbar: HKU\S-1-5-21-3888258802-3760485577-602093225-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
Chrome:
=======
CHR NewTab: Default ->  Active:"chrome-extension://kpocjpoifmommoiiiamepombpeoaehfh/dynamicNewTab.html", Not-active:"chrome-extension://kpocjpoifmommoiiiamepombpeoaehfh/stubby.html"
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default [2017-10-19]
CHR Extension: (Slides) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-19]
CHR Extension: (Docs) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]
CHR Extension: (Google Drive) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-25]
CHR Extension: (Norton Security Toolbar) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2016-01-25]
CHR Extension: (YouTube) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-25]
CHR Extension: (Google Search) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-25]
CHR Extension: (Sheets) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-19]
CHR Extension: (Google Docs Offline) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-06]
CHR Extension: (Norton Identity Safe) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-01-25]
CHR Extension: (EasyPDFCombine) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh [2017-10-19]
CHR Extension: (Search Manager) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-10-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-19]
CHR Extension: (Gmail) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-25]
CHR Extension: (Chrome Media Router) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-19]
CHR HKLM\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3888258802-3760485577-602093225-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-06-25] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [294664 2013-06-25] (CyberLink)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2017-03-16] ()
R2 hp3ddgsrv; C:\WINDOWS\system32\HP3DDGService.exe [130072 2017-10-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-05-03] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-11-13] (Realtek Semiconductor)
R3 ScannerStatusMonitorService; C:\Program Files (x86)\BrownyScn\ScannerStatusMonitorService.exe [276992 2013-05-08] (Brother Industries, Ltd.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [54296 2017-10-03] (HP)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-28] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-28] (Symantec Corporation)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [40472 2017-10-03] (HP)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S1 MpKsl2a2ccae3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8F6D2CA4-BB06-4228-A775-5189EDBD5EA4}\MpKsl2a2ccae3.sys [58120 2018-01-18] () [File not signed]
R1 MpKsle39c5e55; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8F6D2CA4-BB06-4228-A775-5189EDBD5EA4}\MpKsle39c5e55.sys [58120 2018-01-24] (Microsoft Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [6804480 2017-05-03] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-27] (Synaptics Incorporated)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2017-09-29] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
========================== Drivers MD5 =======================
C:\WINDOWS\System32\drivers\1394ohci.sys 08312DEEF0D3F8647AA53AD90A69094E
C:\WINDOWS\System32\drivers\3ware.sys 645009E711BBF117CCEE917A03FB0CDD
C:\WINDOWS\system32\DRIVERS\Accelerometer.sys B8712F335FAC6605A23B161B0653FA2E
C:\WINDOWS\System32\drivers\ACPI.sys 69481E5474C7E61CDB3FE6A8A0F3B1B4
C:\WINDOWS\System32\drivers\AcpiDev.sys 44EA35A4B397898A83BF1B9B4B8DAE35
C:\WINDOWS\System32\Drivers\acpiex.sys 91D113A1532B8AB1E25B7DE5AB3C2F83
C:\WINDOWS\System32\drivers\acpipagr.sys 620BB2682BA625DF037072D89F44F6EE
C:\WINDOWS\System32\drivers\acpipmi.sys B9805A3C479390CEAEA5AEF5E4A90A2E
C:\WINDOWS\System32\drivers\acpitime.sys ABD4EB55C661143B015BD0B9B47B235C
C:\WINDOWS\System32\drivers\ADP80XX.SYS 8C58BD711FAD5F11E8CFDBC5CED973A5
C:\WINDOWS\system32\drivers\afd.sys 7AE4EBDC221235BF9E1008B515C0B8DB
C:\WINDOWS\System32\DRIVERS\ahcache.sys 56166D110D3ECFFC595E5FA02D9BA491
C:\WINDOWS\System32\drivers\amdk8.sys 62619E31AFF88F906A7E793AC4A9FF51
C:\WINDOWS\System32\drivers\amdppm.sys 735142DD039BEB35632765C41FC6E397
C:\WINDOWS\System32\drivers\amdsata.sys F1C16AABA27E9E153AEC7BD2AB853F30
C:\WINDOWS\System32\drivers\amdsbs.sys C834D0F1ECB8473E9E6D18EE1BCEECB2
C:\WINDOWS\System32\drivers\amdxata.sys 49203D2FFE30CBB36BE66A0E70F3D954
C:\WINDOWS\System32\drivers\appid.sys 3692C75C47285D388C886D162F54C430
C:\WINDOWS\System32\drivers\applockerfltr.sys 1E085E2302D568F0CE041732B3E887B0
C:\WINDOWS\System32\drivers\arcsas.sys B42C83DE28776B80DBA1310C56DD4F74
C:\WINDOWS\System32\drivers\asyncmac.sys C2151380227CD1F7DDA2401C1F151367
C:\WINDOWS\System32\drivers\atapi.sys 6191B9B2EE0E8CB957C683B9B341CC86
C:\WINDOWS\System32\drivers\bxvbda.sys A921805C1ED3253DF48FCA4D724173EB
C:\WINDOWS\System32\drivers\bam.sys 763CF81762483E244BAEB83DEFFC53F3
C:\WINDOWS\System32\drivers\BasicDisplay.sys 2A7267AA15E508F6D05A5B562F1FD1CE
C:\WINDOWS\System32\drivers\BasicRender.sys 2E1EE0F10FAF1250D1AC05BFB0E6BD3D
C:\WINDOWS\System32\drivers\bcmfn2.sys 739D089777D2B66DBE7201E5EA4BA2D7
C:\Windows\System32\Drivers\Beep.sys EDDAA3A563E7EB71C991FE91249C7D81
C:\WINDOWS\System32\DRIVERS\bowser.sys D030A1203680D66716F4E74053468627
C:\WINDOWS\system32\DRIVERS\BrSerIb.sys 63A00CDBEB300522C49EC7CA77324060
C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys BBCFD6C6EF66449F55AF1BFDB08C9B12
C:\WINDOWS\System32\drivers\BthAvrcpTg.sys A4863B7B1F0DB513D6E34547BACC211A
C:\WINDOWS\System32\drivers\bthhfenum.sys 9C9EE272C11252C651C5DE6A1AC1EDAA
C:\WINDOWS\System32\drivers\BthHFHid.sys 69734E386826ED857C889330F35B4D9C
C:\WINDOWS\System32\drivers\bthmodem.sys A94AFAEA86F5F792BB4ECA095B231464
C:\WINDOWS\System32\drivers\bttflt.sys 39E7437FC59CDD7A303ABD514E462E8B
C:\WINDOWS\System32\drivers\buttonconverter.sys 522888590B0C19BC8128119060AE7901
C:\WINDOWS\System32\drivers\CAD.sys 2AB01CE5E233A6FBA3E91BD57772AA4B
C:\WINDOWS\System32\drivers\capimg.sys F6F97879F53AD57194C6BC8272FD73EA
C:\WINDOWS\System32\DRIVERS\cdfs.sys 9E82A95D77AC78C84BA75FF896B060BF
C:\WINDOWS\System32\drivers\cdrom.sys 6D83565C1652E80447EDEA6947FA89D7
C:\WINDOWS\System32\drivers\cht4sx64.sys D81954CE5E016FD716EDDB2B2FD9BA58
C:\WINDOWS\System32\drivers\cht4vx64.sys F9A8570805807FFD66488F0A858E1308
C:\WINDOWS\System32\drivers\circlass.sys 9798D58461706930190F1F2F6BF21D80
C:\WINDOWS\System32\drivers\cldflt.sys 3B5973C9D50DE90CEB6D7DC85216AA86
C:\WINDOWS\System32\drivers\CLFS.sys 59D46CE57A49353A733D162DBA65A4FA
C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys 3E76A1547F2448BCEE3D2F4AE3931AB5
C:\WINDOWS\system32\DRIVERS\clwvd.sys 39F71BF21E7F8EBE9B4810BC95EE26D6
C:\WINDOWS\System32\drivers\CmBatt.sys 2BA3BA38B5A6A667B0EAEC477276707B
C:\WINDOWS\System32\Drivers\cng.sys B3CC988A9D8B8EC66ED2B7B7B3413652
C:\WINDOWS\System32\DRIVERS\cnghwassist.sys C65AF00EF12A1755E7CA370B0C71935D
C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys A50300498D56B2448F3593D25478D508
C:\WINDOWS\System32\drivers\condrv.sys 65602B0DB49199647FECB2D1212147BE
C:\WINDOWS\System32\drivers\dam.sys 72BE43ABD786E86AAE7EA2193201E100
C:\WINDOWS\System32\Drivers\dfsc.sys 9910E9CFF5ECDCB225F82E72CE9DE459
C:\WINDOWS\System32\drivers\disk.sys 811173C821171BB910219E53C7FD97AD
C:\WINDOWS\System32\drivers\dmvsc.sys 569FE16775E15A49DC904DE20BF8CAA0
C:\WINDOWS\System32\drivers\drmkaud.sys F4800922F4ABA619585CE320A72E6389
C:\WINDOWS\System32\drivers\dxgkrnl.sys 0DF6B436F579E1DD23C8EBD61EE749E8
C:\WINDOWS\System32\drivers\evbda.sys C99D40C97841E0A7F0F90B8629593A97
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 93EA893A8C2C561648A559E48C723412
C:\WINDOWS\System32\drivers\EhStorClass.sys 260BBD6B1ED06298E509B452354EDB91
C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys F3BEBDC1B9DBA32F183079EAE6244837
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 8400C9E33B68C556BF63AEF490EB145C
C:\WINDOWS\System32\drivers\errdev.sys 1B63CA857FD03FD0A5A1379F2996784F
C:\Windows\System32\Drivers\exfat.sys F1ACA42D448E3986565EA54275EEEA65
C:\Windows\System32\Drivers\fastfat.sys 0AF4B36754A6EAE794EE4398E219A9E1
C:\WINDOWS\System32\drivers\fdc.sys 7CD8426A33F06EB72BFEC51F7C264AF8
C:\WINDOWS\System32\drivers\filecrypt.sys DE51BBBCF358188F9736F031546F9908
C:\WINDOWS\System32\drivers\fileinfo.sys 822F664952B0F8D11BB6BD2F11779602
C:\WINDOWS\System32\drivers\filetrace.sys 5A4935682A0D47A4EAC4BE3C2ACF74D6
C:\WINDOWS\System32\drivers\flpydisk.sys 60641F22D1D38EAD197C25F0339C9712
C:\WINDOWS\System32\drivers\fltmgr.sys 56F9EAA7099159759B2F6C523007A13F
C:\WINDOWS\System32\drivers\FsDepends.sys 5D8A0E58E3F82583697E3F07052435AA
C:\Windows\System32\Drivers\Fs_Rec.sys BB82CC2F51F7C3D5DCD13FA3B040D8F8
C:\WINDOWS\System32\DRIVERS\fvevol.sys 69C669540A850553AF9589DB05A2A7D0
C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\WINDOWS\System32\drivers\vmgencounter.sys 3B5DDF1061930A0A891FA63DB0CB878B
C:\WINDOWS\System32\drivers\genericusbfn.sys 8B34E3F794F652082D7E8AF112F71681
C:\WINDOWS\System32\Drivers\msgpioclx.sys 127C23F4720C8902A3AB0FEE12205317
C:\WINDOWS\System32\drivers\gpuenergydrv.sys C7DEA3458E50B691E69EFF0B47CBCCDB
C:\WINDOWS\System32\drivers\HDAudBus.sys 99A34FD1F6431A10D8C3BB50E170D0F2
C:\WINDOWS\System32\drivers\HidBatt.sys 2443FC6EEB9CF092B62127D867901B02
C:\WINDOWS\System32\drivers\hidbth.sys 205043CDC16ADE85E252DD54AE925161
C:\WINDOWS\System32\drivers\hidi2c.sys B521DDDC9038C066B1B957BF063A531A
C:\WINDOWS\System32\drivers\hidinterrupt.sys 5AC0EBFA76E93273A806176D3178E986
C:\WINDOWS\System32\drivers\hidir.sys 366AC0E05EBF5D5C375F65CD8BC7F0DF
C:\WINDOWS\System32\drivers\hidusb.sys 7CB54D02746024648FCE184FC3F941FF
C:\WINDOWS\System32\DRIVERS\hpdskflt.sys 38ED231A9E3176E1E0272BF5AD4860E8
C:\WINDOWS\System32\drivers\HpSAMD.sys 835FB95D85D362057A72D21A48C2C7F8
C:\WINDOWS\System32\drivers\HTTP.sys 717D6E92D0143BCC4C36976BFFD94753
C:\WINDOWS\System32\drivers\hvservice.sys 9F2CFC90306532866C62BDCDFD2532AA
C:\WINDOWS\System32\Drivers\mshwnclx.sys 3737FE486929AFC48F1D10677B698E52
C:\WINDOWS\System32\drivers\hwpolicy.sys 3C65EBF7F1BFD98426C355D66876ECEE
C:\WINDOWS\System32\drivers\hyperkbd.sys 7E00234C67A322988AFEA717D5609C9E
C:\WINDOWS\System32\drivers\HyperVideo.sys FBF5BB641DE99AE1DF4835E88D4F8993
C:\WINDOWS\System32\drivers\i8042prt.sys 56FF074E50F9042FD2856AB3418F4B18
C:\WINDOWS\System32\drivers\iagpio.sys B5EC43755E62591197DE5CBBDAA9FEB7
C:\WINDOWS\System32\drivers\iai2c.sys D8CA23F9C5FEF44296FDE1E005C06EC0
C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys 7B769C9D19C013F94874C4B15D59A005
C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys E0F1B3A2A70FABE3BE1C9140BB55E607
C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys 89A869BCC0588A3009ECB875B09ECD39
C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys 2E693DF3C02A0859DB8DE25772751100
C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 16A10CCEDCF5AC4CAAE43DC9FC40392F
C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys EB82A11613326691508D9ED9A4FE29E7
C:\WINDOWS\System32\drivers\iaStorA.sys 0A34D806EF2767E62CAFEA1A150A8830
C:\WINDOWS\System32\drivers\iaStorAV.sys 435883A27A376B125BD4DF888417C85F
C:\WINDOWS\System32\drivers\iaStorV.sys 7118E4390C4ACDE61E280CE52BCAF44E
C:\WINDOWS\System32\drivers\ibbus.sys 9DBE8C359ABACE1BE1BBAB687D114506
C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 32F5DCDDC3D4DF6DDA96CD29C8FC51A4
C:\WINDOWS\System32\drivers\IndirectKmd.sys 42CAF6216A6E516DC56BA319ACC7EEC5
C:\WINDOWS\system32\drivers\intelaud.sys 5950F69F9B345952F3C2275C39EA393B
C:\WINDOWS\system32\drivers\RTKVHD64.sys 09BA0096C574C5600B6A7A8D7049A7E4
C:\WINDOWS\system32\DRIVERS\IntcDAud.sys E300D1E37B737ED14F7A08CD5604E5D9
C:\WINDOWS\System32\drivers\intelide.sys 40943C1CD031ACE06A8374AD56B9E5EA
C:\WINDOWS\System32\drivers\intelpep.sys 327D9CCF5492543AEF3979F9EEAD02BE
C:\WINDOWS\System32\drivers\intelppm.sys 10F2757836F41BFAEA2AE19F6FE869B2
C:\WINDOWS\System32\drivers\invdimm.sys 8387E90B551B9B7F32EDC69909591E9E
C:\WINDOWS\System32\drivers\iorate.sys E207078E0E1BB3524277DB9077E4148E
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys FD8F64B7B345E539F2EA7F72846F83B4
C:\WINDOWS\System32\drivers\IPMIDrv.sys 8AAB863E72A4F9C578FED2EE3541545B
C:\WINDOWS\System32\drivers\ipnat.sys 7BEC2AF23F586EFF0DB4DBF4331B0C70
C:\WINDOWS\System32\drivers\ipt.sys 35A54F19E703D4FE5919F812F6CC5D0A
C:\WINDOWS\system32\drivers\irda.sys 359CDDBC825959DA28FA886B3C271B53
C:\WINDOWS\System32\drivers\irenum.sys F88664A2A82DDA456180FFF95A771765
C:\WINDOWS\System32\drivers\isapnp.sys 2296B158C43C306B0AC5B4D57EA9F0E1
C:\WINDOWS\System32\drivers\msiscsi.sys 2DC0765992CFECE3B13F3BFD20E69DCC
C:\WINDOWS\System32\drivers\iwdbus.sys F1D3A377ED9BA1CA449824C41CAF104C
C:\WINDOWS\System32\drivers\kbdclass.sys E320F986BBE0CD9324EA0A193EBF29B1
C:\WINDOWS\System32\drivers\kbdhid.sys AFF5DDCC1A79217C9526FF5E01A69E89
C:\WINDOWS\System32\drivers\kdnic.sys 916E62AF3386F7A74603E5C545F6FF2D
C:\WINDOWS\System32\Drivers\ksecdd.sys 69FA8BEBADF807089FEFCD3F59CFAC1E
C:\WINDOWS\System32\Drivers\ksecpkg.sys C1081E2B36F77781167FD9401119B98E
C:\WINDOWS\system32\drivers\ksthunk.sys DD8C4726127CFE313233372D70787C37
C:\WINDOWS\System32\drivers\lltdio.sys CB5A6E117502156794F0DA9E61506006
C:\WINDOWS\System32\drivers\lsi_sas.sys 20048BEE892138A745B1C23EBB0E069F
C:\WINDOWS\System32\drivers\lsi_sas2i.sys 9EAB16572B576979D585DDEDB12417CD
C:\WINDOWS\System32\drivers\lsi_sas3i.sys 3B7B359C0870317106DF3438D4FF491D
C:\WINDOWS\System32\drivers\lsi_sss.sys 2DE03BA338A4B0ACDB416A30F1C7D56F
C:\WINDOWS\system32\drivers\luafv.sys 9A497169E145FCE2D8AA7DBC67377F64
C:\WINDOWS\System32\drivers\mausbhost.sys BF56CB9D02DEE8CA9CBA50220BE16F15
C:\WINDOWS\System32\drivers\mausbip.sys 01BDEE1FFF6D2216797DFEE4ABD937D9
C:\WINDOWS\System32\drivers\megasas.sys C7B8B5053D646CBD30BE1BA6B487D396
C:\WINDOWS\System32\drivers\MegaSas2i.sys EB8ED3204499DDB2D3BA094A4563EE3E
C:\WINDOWS\System32\drivers\megasr.sys F1C1D4E752DE1D58295040E5BE8813AF
C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys E0EF6C1399A9B1AAA0B28590411BED04
C:\WINDOWS\System32\drivers\mlx4_bus.sys 16B078D1089FEA98710C9D07C152DCEE
C:\WINDOWS\system32\drivers\mmcss.sys 20C57CE47B1A877C48A4B68E9A4E21FA
C:\WINDOWS\System32\drivers\modem.sys A4467A5C080318F0CCCF5ED463821F8B
C:\WINDOWS\System32\drivers\monitor.sys 78BE85C1F1C7F3AF6C87BCE127007D5A
C:\WINDOWS\System32\drivers\mouclass.sys 8E262B34A8BD184B4B3025AA8C396B00
C:\WINDOWS\System32\drivers\mouhid.sys C094A555F148495EA130D3BBC5232D5E
C:\WINDOWS\System32\drivers\mountmgr.sys 6434BC884502E95EEA2379C92DD22B60
C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8F6D2CA4-BB06-4228-A775-5189EDBD5EA4}\MpKsl2a2ccae3.sys FD4BC5A31AE7C81B7D34BB8A78371B6D
C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8F6D2CA4-BB06-4228-A775-5189EDBD5EA4}\MpKsle39c5e55.sys BF2513029E231BE96D82F7C3ABFF87F4
C:\WINDOWS\System32\drivers\mpsdrv.sys F36E4074C66DD31855A8D79EF0AE8066
C:\WINDOWS\system32\drivers\mrxdav.sys 215D672CB71987CD98EB2298EFB84DDC
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 34898F29BF0E9A84E183046318D17814
C:\WINDOWS\System32\DRIVERS\mrxsmb10.sys 6537678DEEA2A5B079052D75E21E46DA
C:\WINDOWS\System32\DRIVERS\mrxsmb20.sys 87FF93E7420C9068C0D5B2F3109809F4
C:\WINDOWS\System32\drivers\bridge.sys 167408B38458ECAE545C57527BC99024
C:\Windows\System32\Drivers\Msfs.sys AE111778CA6AC08862B3C713F0413333
C:\WINDOWS\System32\drivers\msgpiowin32.sys 6DDDFCAB646BBBCFC583135C4430E10F
C:\WINDOWS\System32\drivers\mshidkmdf.sys 01C6A86BEA8279E557A5056148F068BF
C:\WINDOWS\System32\drivers\mshidumdf.sys F65ABC7DE945047147F17330F79732CB
C:\WINDOWS\System32\drivers\msisadrv.sys 05B23012427801E710BDD12720B9020B
C:\WINDOWS\System32\drivers\MSKSSRV.sys B25B2CD3E052D68075A3814AAA0C6421
C:\WINDOWS\System32\drivers\mslldp.sys C3F5EA6B9041A30B4F11BE2E7863E487
C:\WINDOWS\System32\drivers\MSPCLOCK.sys 601D666820F0408B896791D19BE6D258
C:\WINDOWS\System32\drivers\MSPQM.sys 46E61FBA0097E48E5628C74A3F72233A
C:\Windows\System32\Drivers\MsRPC.sys 4EB9B77179BDEE89C496E60D4BF85CC1
C:\WINDOWS\System32\drivers\mssmbios.sys CBD56E0B55FB3672BA80382EC2F8835C
C:\WINDOWS\System32\drivers\MSTEE.sys 5734B2A36D3BB13A638E5305EEEC582D
C:\WINDOWS\System32\drivers\MTConfig.sys 85270E0DC6907C6B99F72A36F17AED34
C:\WINDOWS\System32\Drivers\mup.sys DB5B1539F5EBB3DD3A7ED25ADBC4D6D9
C:\WINDOWS\System32\drivers\mvumis.sys 3C57FF3BCF496D24C39C2198158864BB
C:\WINDOWS\System32\DRIVERS\nwifi.sys 8A9CD53B0FBE679116638120CCBB201E
C:\WINDOWS\System32\drivers\ndfltr.sys 77B047B109CE758A017F58FAE5038D0D
C:\WINDOWS\System32\drivers\ndis.sys 7FF306C78B0DC31192657B47539D5688
C:\WINDOWS\System32\drivers\ndiscap.sys 067AE5BA349CC35AF8975D22DC483DDF
C:\WINDOWS\System32\drivers\NdisImPlatform.sys 6FC4D7EB5D38CFB7966405036116F065
C:\WINDOWS\System32\DRIVERS\ndistapi.sys ED7CC4E16B76B2603C9F827188EA63B4
C:\WINDOWS\System32\drivers\ndisuio.sys 8D977AFC195A3F4B15B05D02B2BD0292
C:\WINDOWS\System32\drivers\NdisVirtualBus.sys DC1D26D62F40B7552BCF49D92774F0C5
C:\WINDOWS\System32\drivers\ndiswan.sys 66F56AC744101DB870934D0EB31C2426
C:\WINDOWS\System32\DRIVERS\ndiswan.sys 66F56AC744101DB870934D0EB31C2426
C:\WINDOWS\System32\DRIVERS\NDProxy.sys 8ABF5B8D5839F8DAE2E0D3165AE732F6
C:\WINDOWS\System32\drivers\Ndu.sys A791792DC412CCD83DA0AF6871682552
C:\WINDOWS\System32\drivers\NetAdapterCx.sys BE79982A50AC88BC0765F3AFECFCB596
C:\WINDOWS\System32\drivers\netbios.sys E899D26A0C2555AC30ACDD526056E51F
C:\WINDOWS\System32\DRIVERS\netbt.sys 7FC54F2AF5EC52C7AC05AD90FFC757E6
C:\WINDOWS\System32\drivers\netvsc.sys 680EB4AEA08EAC80C384E90E430DF16D
C:\Windows\System32\Drivers\Npfs.sys 84EB8F01B140618518AFF30B9951F132
C:\WINDOWS\System32\drivers\npsvctrig.sys 5CB8082E51DE7D19042F0FF8C517CB0D
C:\WINDOWS\System32\drivers\nsiproxy.sys 958921BB7AE2671983743FDA0DD587C4
C:\Windows\System32\Drivers\NTFS.sys E20EC8E25969ABD9F5FED6EDEA57EC0C
C:\Windows\System32\Drivers\Null.sys 0D1E03A5F87F4DE04D97622C686910A2
C:\WINDOWS\System32\drivers\nvdimmn.sys 532F27A2B62D70C327E763F035AED6C1
C:\WINDOWS\System32\drivers\nvraid.sys 7E04652EB1A476BC0A72ECDC613AF0C5
C:\WINDOWS\System32\drivers\nvstor.sys 880B3E874914DAEF97119876543AE117
C:\WINDOWS\System32\drivers\parport.sys 2E07EC2C1622F5E7B535D62DCD61F3AB
C:\WINDOWS\System32\drivers\partmgr.sys 023DDF9DE429B2E6F0BADA72AA98EF8B
C:\WINDOWS\System32\drivers\pci.sys 9BF965EE361849567DB1664BEDFA9569
C:\WINDOWS\System32\drivers\pciide.sys E5AF806815ED797086629741F29E4156
C:\WINDOWS\System32\drivers\pcmcia.sys 2A631D447B988AFBE847CBAA8E5CC298
C:\WINDOWS\System32\drivers\pcw.sys ACD510CF2B631A2D36B2CFB7D31E22FD
C:\WINDOWS\System32\drivers\pdc.sys 1796112EB89559910BC18865A29C8894
C:\WINDOWS\System32\drivers\peauth.sys F21127EDE5D72090A1B029AFF4AFFD17
C:\WINDOWS\System32\drivers\percsas2i.sys 35FD028E4323018202C0B7D115FD3AEF
C:\WINDOWS\System32\drivers\percsas3i.sys F9F3D8BE9BC9241CC726197261362AC4
C:\WINDOWS\System32\drivers\pmem.sys 36D43EA5517F3F4AAAC8EE061C957EF1
C:\WINDOWS\System32\drivers\pnpmem.sys 59048555B59FD69287CFAB6022B5CC86
C:\WINDOWS\System32\drivers\raspptp.sys AACA74DEF7BE3DED322411787494878B
C:\WINDOWS\System32\drivers\processr.sys B1111C47F128C946BDC87A18E44007EB
C:\WINDOWS\System32\drivers\pacer.sys 5818FE76C3C6AE0CA723EBE483BF447F
C:\WINDOWS\system32\drivers\qwavedrv.sys 16F9A6B593B52EB18F7ECB9D251BDF7A
C:\WINDOWS\System32\DRIVERS\ramdisk.sys 13600C467512147E99052806F2C1307A
C:\WINDOWS\System32\DRIVERS\rasacd.sys F57D1DE0C9522BCD590A69D044641B5A
C:\WINDOWS\System32\drivers\AgileVpn.sys ED0EE10911C16AD8B21B9003C90E968F
C:\WINDOWS\System32\drivers\rasl2tp.sys E0220BB6580D34001D4D1D133052DAA4
C:\WINDOWS\System32\DRIVERS\raspppoe.sys 12EE1D92F4E5FAE4B6F65195A2016CE5
C:\WINDOWS\System32\drivers\rassstp.sys 91CE469015979E5B3C3DBC2C41A476E8
C:\WINDOWS\System32\DRIVERS\rdbss.sys 4525664EFB5EB71D4B155405F78D93DB
C:\WINDOWS\System32\drivers\rdpbus.sys 8A5285B38A203D15110E142DE68406DD
C:\WINDOWS\System32\drivers\rdpdr.sys DF83769C92527DB50653F8FB57D001FF
C:\WINDOWS\System32\drivers\rdpvideominiport.sys 4D1A63ACEC42A88E52AFC4E84A8CE9EE
C:\WINDOWS\System32\drivers\rdyboost.sys 12AF835862F2B6B2FB9DEA8BA2288587
C:\Windows\System32\Drivers\ReFS.sys FB0577F6BC9E07549CEACF5224327499
C:\Windows\System32\Drivers\ReFSv1.sys 4136BCA61BCDCC79DCE145F9CB639CD6
C:\WINDOWS\System32\drivers\rhproxy.sys BBC228CA2F96B784B01FE7F1C5E3CFBB
C:\WINDOWS\System32\drivers\rspndr.sys 27B80E5766B114621980F82FB78E912A
C:\WINDOWS\System32\drivers\Rt630x64.sys CFE738C524F35B6E523A4D0F54840C30
C:\WINDOWS\system32\DRIVERS\RtsPer.sys 53FC65C60661B26BB8A47750306FEDF5
C:\WINDOWS\system32\DRIVERS\rtwlane.sys 8245240721FE1614ADA6E4A22CD2FFCD
C:\WINDOWS\System32\drivers\vms3cap.sys F0FA6B67B16EEFDEF8E8AFAD47A4F9B8
C:\WINDOWS\System32\drivers\sbp2port.sys 324FA3C337EB54B43448F7B08444DC8D
C:\WINDOWS\System32\DRIVERS\scfilter.sys 62A33CE69DB508BCEC63F4D3BFF400CE
C:\WINDOWS\System32\drivers\scmbus.sys 7B057373146CC4E5A1F1DA665EA55DC7
C:\WINDOWS\System32\drivers\sdbus.sys 0FB6CCFA52FE5AD0B8D86E8AB370EF34
C:\WINDOWS\System32\drivers\SDFRd.sys 6D3853838864886B4F10B074282772E0
C:\WINDOWS\System32\drivers\sdstor.sys C289832A3174DC9D393C7603C511DF79
C:\WINDOWS\System32\drivers\SerCx.sys 75A27472AFD009255DBDE52038E3BDB5
C:\WINDOWS\System32\drivers\SerCx2.sys 84005F54308109A022413D628E966412
C:\WINDOWS\System32\drivers\serenum.sys 40384793F74CFFA45BCC38DF65E978EC
C:\WINDOWS\System32\drivers\serial.sys 699470AD24D67908991A777716A352FD
C:\WINDOWS\System32\drivers\sermouse.sys 92453F065F52A8EF0328A926B2C9502F
C:\WINDOWS\System32\drivers\sfloppy.sys 1D8920C40F19B5FBA5F4897779840AD1
C:\WINDOWS\System32\drivers\SiSRaid2.sys A871F9CC9CF388DC7193D22EF8D8C8DF
C:\WINDOWS\System32\drivers\sisraid4.sys D30FC341550CC364880950152AE8B1C5
C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys 4193B29035FF31655A2A2D820FDEFCCA
C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys C67697A38E6D646F97EFF462DED68CF3
C:\WINDOWS\System32\drivers\spaceport.sys B2ABF0F8A49752B5CD9DEE2EADF7416A
C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys CCECE7E96B4F7B0E9F0FC82F6DADA917
C:\WINDOWS\System32\drivers\SpbCx.sys 545507AF670BC88B89200A118513ED9A
C:\WINDOWS\System32\DRIVERS\srv.sys 485BABF47A46EB298AB11E447B0D800C
C:\WINDOWS\System32\DRIVERS\srv2.sys 41181D890542EB0E8D9822F73F9FD5D7
C:\WINDOWS\System32\DRIVERS\srvnet.sys 43480B3EE4D23F5AA8EE7C6D83B09487
C:\WINDOWS\System32\drivers\stexstor.sys 162A805E13B3C0DD06AE8B6FC1900156
C:\WINDOWS\system32\DRIVERS\serscan.sys 0690CE515A295BD101415C7E411C43F3
C:\WINDOWS\System32\drivers\storahci.sys DD1F00B80DDD12252B7B228ABCE181A9
C:\WINDOWS\System32\drivers\vmstorfl.sys A12CFAAA0F113A25D8CEFE58B1CBB207
C:\WINDOWS\System32\drivers\stornvme.sys B6F8D1FA73F6E102AEA60D2BBD1DDF78
C:\WINDOWS\System32\drivers\storqosflt.sys 57377953F5688158054BC8CB5A243115
C:\WINDOWS\System32\drivers\storufs.sys B59D29E535AF7E82717C2AD2C57EEC67
C:\WINDOWS\System32\drivers\storvsc.sys 9B431079624306B5659B3B7208A71C75
C:\WINDOWS\System32\drivers\swenum.sys 027B27E4B9DB3931D64159B81BD915A0
C:\WINDOWS\System32\drivers\Synth3dVsc.sys AB15F9FDCD11D5283891BC956E8C5C95
C:\WINDOWS\system32\DRIVERS\SynTP.sys 347F4B8DC1CAA234474AE79BF5207E2B
C:\WINDOWS\System32\drivers\tcpip.sys 9900BD38D592CF4EE6F2EAE3847A24D8
C:\WINDOWS\System32\drivers\tcpip.sys 9900BD38D592CF4EE6F2EAE3847A24D8
C:\WINDOWS\System32\drivers\tcpipreg.sys 74A1BF4093FA7B7D6C9366A39911A78E
C:\WINDOWS\system32\DRIVERS\tdx.sys 571D82ABAC428D902ACA0CF60373C039
C:\WINDOWS\System32\drivers\terminpt.sys B4B68E1DB59456419D9E49645729502A
C:\WINDOWS\System32\drivers\tpm.sys 1658D060057C85DEC82BFCB018C4C22F
C:\WINDOWS\System32\drivers\TsUsbFlt.sys 8D811209E34358EAD3FD8E40F657E59C
C:\WINDOWS\System32\drivers\TsUsbGD.sys 68DE1735FB020AE8948BD7B60F2EBD3B
C:\WINDOWS\System32\drivers\tunnel.sys ACD39B0E5CFDA7B1AB7DF33FC5CC0E46
C:\WINDOWS\System32\drivers\uaspstor.sys 04FC2C7F73AE58BF0DD674164E28A6DF
C:\WINDOWS\System32\Drivers\UcmCx.sys E437FC4B1833F6B745184F78C4921FB8
C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys 950A3E42167904CAB9AA64863C31CEB5
C:\WINDOWS\System32\drivers\UcmUcsi.sys 149CBBB74DFC3E52F242029A27B0F8EB
C:\WINDOWS\System32\drivers\ucx01000.sys E6E91B3980A495D2A9D28A09580EA993
C:\WINDOWS\System32\drivers\udecx.sys DACA289DFFA7658C04FEF6DCFA2AA9CE
C:\WINDOWS\System32\DRIVERS\udfs.sys 12383D410AEF99AD6979A8EFD3D61888
C:\WINDOWS\System32\drivers\UEFI.sys AB7FE51D818B6059C2F56FA62268CCAC
C:\WINDOWS\System32\drivers\ufx01000.sys 58447F28E697A93521DD20530A8D50ED
C:\WINDOWS\System32\drivers\UfxChipidea.sys 69ED2D00A7787D9D84E6C90CE0B02B2D
C:\WINDOWS\System32\drivers\ufxsynopsys.sys F061EC57330FBC597A4E7298BE667780
C:\WINDOWS\System32\drivers\umbus.sys D40BCED160D332005AF612E1228825E6
C:\WINDOWS\System32\drivers\umpass.sys 64CF24D7B1FA4975C52A31BF4C82EB73
C:\WINDOWS\System32\drivers\urschipidea.sys ACE4C3B4C7D17B154FFC5BBE5F7A9835
C:\WINDOWS\System32\drivers\urscx01000.sys ECE40EB976A5ACB366808AECF6B235BA
C:\WINDOWS\System32\drivers\urssynopsys.sys EB738F830D3E7EA62A218F101EF91FD4
C:\WINDOWS\System32\Drivers\usbaapl64.sys F957092C63CD71D85903CA0D8370F473
C:\WINDOWS\System32\drivers\usbccgp.sys B43E28E5CF868517EEC0923AB2BC366B
C:\WINDOWS\System32\drivers\usbcir.sys 1080D80B5F6D249F23BAE1C0C36233A4
C:\WINDOWS\System32\drivers\usbehci.sys EE162DA2C92026A5B96ED89737975AA8
C:\WINDOWS\System32\drivers\usbhub.sys C27FEE9758E3BEDE4D48B5EDBE1122CF
C:\WINDOWS\System32\drivers\UsbHub3.sys 4FA9C956E569D0D380C2859542361780
C:\WINDOWS\System32\drivers\usbohci.sys 44B954306BB2B311E070EDA276FECAB1
C:\WINDOWS\System32\drivers\usbprint.sys EEF26F9034F0608B93D4D239534BB0BA
C:\WINDOWS\System32\drivers\usb80236.sys 034782171B85B5FA747256017949269B
C:\WINDOWS\System32\drivers\usbser.sys 913CFF365DB1803525DBD2AA8B8188B4
C:\WINDOWS\System32\drivers\USBSTOR.SYS 441CAE778B6A1FF6E618E37814A7A52A
C:\WINDOWS\System32\drivers\usbuhci.sys 2D6BB2157B37B2D9DABF8C218F2A805B
C:\WINDOWS\System32\Drivers\usbvideo.sys 68788AE61B2E6A7D97CAD73B632F5BF5
C:\WINDOWS\System32\drivers\USBXHCI.SYS 41E5A6188180DC72BCECA999ED2532D4
C:\WINDOWS\System32\drivers\vdrvroot.sys C77C537077822D8EA529AD4EBFD971D6
C:\WINDOWS\System32\drivers\VerifierExt.sys 9D4EEE333603F3675685F644053499D5
C:\WINDOWS\System32\drivers\vhdmp.sys 9240C24121E3A581F8BC198413AEA06E
C:\WINDOWS\System32\drivers\vhf.sys E10FEBB566E1F0A3936AB304F338637E
C:\WINDOWS\System32\drivers\vmbus.sys 079B4378614A40A308F9C721A50C7B87
C:\WINDOWS\System32\drivers\VMBusHID.sys DC9E0600B356258E31403789119C78A9
C:\WINDOWS\System32\drivers\vmgid.sys B24F74B2710B66F647419697BDB9E163
C:\WINDOWS\System32\drivers\vnvdimm.sys D81F6B790519A60F3D1788B45D04B749
C:\WINDOWS\System32\drivers\volmgr.sys C9052650BBF2124CD525A26D5C2A6671
C:\WINDOWS\System32\drivers\volmgrx.sys 6D6CACED512C1EF1FEAC215E37E3A9BC
C:\WINDOWS\System32\drivers\volsnap.sys 5B27846CF4B1C21AFB3A35A8336BA02F
C:\WINDOWS\System32\drivers\volume.sys 72A95A844D6BAF2924A4C15BEDFD6BCA
C:\WINDOWS\System32\drivers\vpci.sys 702273C7C1BE9D366BAF1305D382F03C
C:\WINDOWS\System32\drivers\vsmraid.sys 075CE3C9E77D2666AFA888951E5F07A9
C:\WINDOWS\System32\drivers\vstxraid.sys 26D00E85BE4726B114335250FCDEDA89
C:\WINDOWS\System32\drivers\vwifibus.sys 3DFDB573E4D49EA8F416B573525B7A86
C:\WINDOWS\System32\drivers\vwififlt.sys A40FA64655AB5B8773A96A821616C5FC
C:\WINDOWS\System32\drivers\vwifimp.sys 0D34F98DBDF09D239533AC345C360F03
C:\WINDOWS\System32\drivers\wacompen.sys 5B5430522E0BDF2A753D758710BE7C5E
C:\WINDOWS\System32\DRIVERS\wanarp.sys 1FC3A8FB032B62A88283BC8113FDF1C5
C:\WINDOWS\System32\DRIVERS\wanarp.sys 1FC3A8FB032B62A88283BC8113FDF1C5
C:\WINDOWS\system32\drivers\wcifs.sys 520E4FD6B5BF5349DD1499F2AEFB7C50
C:\WINDOWS\system32\drivers\wcnfs.sys 9DE3FDFF295F2534DF0A8B6FC4F06355
C:\WINDOWS\System32\drivers\WdBoot.sys 6FD8F1FBED780A7F3DF329C834E52AC5
C:\WINDOWS\System32\drivers\Wdf01000.sys FCC960498E3CD899F0A429F7CF9E77AD
C:\WINDOWS\System32\drivers\WdFilter.sys 7D182F0F227FC141C5D2085175BE05F6
C:\WINDOWS\System32\DRIVERS\wdiwifi.sys 2D50C46EFE924BC24F63A45D2DB1AA3A
C:\WINDOWS\System32\Drivers\WdNisDrv.sys 0D38C257A7B34A818726BA2F323B196E
C:\WINDOWS\System32\drivers\wdnsfltr.sys DF58AA71FBA55E15F572C93447696DEC
C:\WINDOWS\System32\drivers\wfplwfs.sys 8E101DF42D36E04EC610581BA478B38F
C:\WINDOWS\System32\drivers\wimmount.sys C8D3FC38426E990E2787771678B19C6D
C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys 0484B0D01EA6F7017519EBDDBADE759D
C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys 813EE0F4D4B8D599DB1968682D080732
C:\WINDOWS\System32\drivers\winmad.sys E23475E9150E6A50B12DB176EA5CDD56
C:\WINDOWS\System32\drivers\winnat.sys EABEF39BBEEDB3845C36893931DADCD1
C:\WINDOWS\System32\drivers\WinUSB.SYS E92F3539C4758F6A9F4B80CBAC75B3E6
C:\WINDOWS\System32\drivers\winverbs.sys 59126AFCC64270747B5CC9B44A4A48F4
C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys 4F2A80D65AE6F845776E2F06AE6782ED
C:\WINDOWS\System32\drivers\wmiacpi.sys E8C793ED028E132771988760819E3754
C:\Windows\System32\Drivers\Wof.sys 8D6E6F6C233AF450C50FA615530B44D2
C:\WINDOWS\System32\drivers\WpdUpFltr.sys 9EAE1EF282864674355B4B81DF6AE935
C:\WINDOWS\system32\drivers\ws2ifsl.sys 367B3ED0C688AFE28C376B0230814567
C:\WINDOWS\System32\drivers\WSDPrint.sys 7B44553610A89F2011CF69BEA9AFD4CB
C:\WINDOWS\system32\DRIVERS\WSDScan.sys 8068DC839C3729FFC70821FBEF05D5ED
C:\WINDOWS\System32\drivers\WudfPf.sys BD5E68B369DF3453A0A87663C6C5476D
C:\WINDOWS\System32\drivers\WudfRd.sys A86A249314FD0A780214028B0C31A386
C:\WINDOWS\system32\DRIVERS\WUDFRd.sys A86A249314FD0A780214028B0C31A386
C:\WINDOWS\System32\drivers\xboxgip.sys 2244A4CEFE8F9C74091369ACE2E9EBC6
C:\WINDOWS\System32\drivers\xinputhid.sys 4A91B49C6B1E41151D47CB919ADF013A
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Three Months Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-25 16:57 - 2018-01-25 17:08 - 000000000 ____D C:\FRST
2018-01-25 16:28 - 2018-01-25 16:28 - 000000810 _____ C:\Users\dennis\Downloads\3D Objects - Shortcut.lnk
2018-01-18 17:58 - 2018-01-18 17:58 - 000000000 ____D C:\Users\dennis\Desktop\computer repair
2018-01-18 17:55 - 2018-01-18 17:58 - 000000000 ____D C:\Users\dennis\Desktop\scuba
2018-01-18 17:27 - 2018-01-18 17:27 - 000000000 ____D C:\Users\dennis\AppData\Local\GoToAssist Remote Support Customer
2018-01-18 17:27 - 2018-01-18 17:27 - 000000000 ____D C:\Users\dennis\AppData\Local\GoTo Opener
2018-01-12 21:58 - 2018-01-12 21:58 - 000000000 ____D C:\Users\dennis\AppData\Local\cache
2018-01-11 08:51 - 2018-01-01 12:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-01-11 08:51 - 2018-01-01 07:51 - 001055128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-01-11 08:51 - 2018-01-01 07:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-01-11 08:51 - 2018-01-01 07:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-01-11 08:51 - 2018-01-01 07:49 - 008605080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-11 08:51 - 2018-01-01 07:49 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-11 08:51 - 2018-01-01 07:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-01-11 08:51 - 2018-01-01 07:47 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-01-11 08:51 - 2018-01-01 07:46 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-11 08:51 - 2018-01-01 07:45 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-11 08:51 - 2018-01-01 07:45 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-01-11 08:51 - 2018-01-01 07:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-11 08:51 - 2018-01-01 07:42 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-01-11 08:51 - 2018-01-01 07:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-01-11 08:51 - 2018-01-01 07:41 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-01-11 08:51 - 2018-01-01 07:40 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-01-11 08:51 - 2018-01-01 07:39 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-01-11 08:51 - 2018-01-01 07:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-01-11 08:51 - 2018-01-01 07:38 - 003904808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-01-11 08:51 - 2018-01-01 07:37 - 001426664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-01-11 08:51 - 2018-01-01 07:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-01-11 08:51 - 2018-01-01 07:35 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-01-11 08:51 - 2018-01-01 07:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-01-11 08:51 - 2018-01-01 07:33 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-01-11 08:51 - 2018-01-01 07:32 - 004481240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-01-11 08:51 - 2018-01-01 07:27 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-01-11 08:51 - 2018-01-01 07:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-11 08:51 - 2018-01-01 07:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-01-11 08:51 - 2018-01-01 07:25 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-01-11 08:51 - 2018-01-01 06:46 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-01-11 08:51 - 2018-01-01 06:45 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-01-11 08:51 - 2018-01-01 06:42 - 006479552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-01-11 08:51 - 2018-01-01 06:42 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-01-11 08:51 - 2018-01-01 06:42 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-01-11 08:51 - 2018-01-01 06:37 - 025247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-01-11 08:51 - 2018-01-01 06:24 - 003668480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-01-11 08:51 - 2018-01-01 06:23 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-01-11 08:51 - 2018-01-01 06:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-01-11 08:51 - 2018-01-01 06:21 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-01-11 08:51 - 2018-01-01 06:20 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-11 08:51 - 2018-01-01 06:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-01-11 08:51 - 2018-01-01 06:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-01-11 08:51 - 2018-01-01 06:18 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-01-11 08:51 - 2018-01-01 06:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-01-11 08:51 - 2018-01-01 06:17 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-11 08:51 - 2018-01-01 06:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-11 08:51 - 2018-01-01 06:16 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-01-11 08:51 - 2018-01-01 06:16 - 000812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-01-11 08:51 - 2018-01-01 06:16 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-01-11 08:51 - 2018-01-01 06:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-11 08:51 - 2018-01-01 06:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-11 08:51 - 2018-01-01 06:14 - 023655936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-11 08:51 - 2018-01-01 06:14 - 002465280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-01-11 08:51 - 2018-01-01 06:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-01-11 08:51 - 2018-01-01 06:13 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-11 08:51 - 2018-01-01 06:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-11 08:51 - 2018-01-01 06:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-01-11 08:51 - 2018-01-01 06:12 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-11 08:51 - 2018-01-01 06:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-01-11 08:51 - 2018-01-01 06:11 - 008108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-01-11 08:51 - 2018-01-01 06:11 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-11 08:51 - 2018-01-01 06:11 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-01-11 08:51 - 2018-01-01 06:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-11 08:51 - 2018-01-01 06:09 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-01-11 08:51 - 2018-01-01 06:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-11 08:51 - 2018-01-01 06:08 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-01-11 08:51 - 2018-01-01 06:08 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-01-11 08:50 - 2018-01-01 07:54 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-11 08:50 - 2018-01-01 07:53 - 001090984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-11 08:50 - 2018-01-01 07:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-01-11 08:50 - 2018-01-01 07:51 - 001414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-11 08:50 - 2018-01-01 07:51 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-11 08:50 - 2018-01-01 07:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-01-11 08:50 - 2018-01-01 07:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-01-11 08:50 - 2018-01-01 07:50 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-01-11 08:50 - 2018-01-01 07:50 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-01-11 08:50 - 2018-01-01 07:49 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-01-11 08:50 - 2018-01-01 07:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-01-11 08:50 - 2018-01-01 07:48 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-01-11 08:50 - 2018-01-01 07:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-01-11 08:50 - 2018-01-01 07:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-01-11 08:50 - 2018-01-01 07:46 - 002709704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-11 08:50 - 2018-01-01 07:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-01-11 08:50 - 2018-01-01 07:46 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-01-11 08:50 - 2018-01-01 07:43 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-01-11 08:50 - 2018-01-01 07:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-11 08:50 - 2018-01-01 07:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-01-11 08:50 - 2018-01-01 07:42 - 001029016 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-01-11 08:50 - 2018-01-01 07:42 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-01-11 08:50 - 2018-01-01 07:42 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-01-11 08:50 - 2018-01-01 07:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-01-11 08:50 - 2018-01-01 07:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-01-11 08:50 - 2018-01-01 07:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-11 08:50 - 2018-01-01 07:39 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-11 08:50 - 2018-01-01 07:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-01-11 08:50 - 2018-01-01 07:38 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-01-11 08:50 - 2018-01-01 07:38 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-01-11 08:50 - 2018-01-01 07:38 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-01-11 08:50 - 2018-01-01 07:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2018-01-11 08:50 - 2018-01-01 07:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-01-11 08:50 - 2018-01-01 07:36 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-01-11 08:50 - 2018-01-01 07:36 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-01-11 08:50 - 2018-01-01 07:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-01-11 08:50 - 2018-01-01 07:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-01-11 08:50 - 2018-01-01 07:35 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-01-11 08:50 - 2018-01-01 07:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-01-11 08:50 - 2018-01-01 07:34 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-01-11 08:50 - 2018-01-01 07:34 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-01-11 08:50 - 2018-01-01 07:33 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-01-11 08:50 - 2018-01-01 07:32 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-01-11 08:50 - 2018-01-01 07:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-01-11 08:50 - 2018-01-01 07:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-01-11 08:50 - 2018-01-01 07:23 - 021352144 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-11 08:50 - 2018-01-01 07:21 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-01-11 08:50 - 2018-01-01 07:21 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-01-11 08:50 - 2018-01-01 07:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-01-11 08:50 - 2018-01-01 07:03 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-01-11 08:50 - 2018-01-01 07:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-01-11 08:50 - 2018-01-01 07:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-01-11 08:50 - 2018-01-01 07:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-01-11 08:50 - 2018-01-01 06:53 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-01-11 08:50 - 2018-01-01 06:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-01-11 08:50 - 2018-01-01 06:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-01-11 08:50 - 2018-01-01 06:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-01-11 08:50 - 2018-01-01 06:45 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-01-11 08:50 - 2018-01-01 06:45 - 002192624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-11 08:50 - 2018-01-01 06:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-01-11 08:50 - 2018-01-01 06:43 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-11 08:50 - 2018-01-01 06:42 - 004644912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-01-11 08:50 - 2018-01-01 06:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-01-11 08:50 - 2018-01-01 06:42 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-01-11 08:50 - 2018-01-01 06:42 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-01-11 08:50 - 2018-01-01 06:42 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-01-11 08:50 - 2018-01-01 06:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-11 08:50 - 2018-01-01 06:25 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-01-11 08:50 - 2018-01-01 06:25 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-01-11 08:50 - 2018-01-01 06:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-01-11 08:50 - 2018-01-01 06:25 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-01-11 08:50 - 2018-01-01 06:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-01-11 08:50 - 2018-01-01 06:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-01-11 08:50 - 2018-01-01 06:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-01-11 08:50 - 2018-01-01 06:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-01-11 08:50 - 2018-01-01 06:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-01-11 08:50 - 2018-01-01 06:23 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-01-11 08:50 - 2018-01-01 06:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-01-11 08:50 - 2018-01-01 06:23 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-01-11 08:50 - 2018-01-01 06:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-01-11 08:50 - 2018-01-01 06:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-01-11 08:50 - 2018-01-01 06:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-01-11 08:50 - 2018-01-01 06:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-01-11 08:50 - 2018-01-01 06:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-01-11 08:50 - 2018-01-01 06:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-01-11 08:50 - 2018-01-01 06:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-01-11 08:50 - 2018-01-01 06:21 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-01-11 08:50 - 2018-01-01 06:21 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-01-11 08:50 - 2018-01-01 06:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-01-11 08:50 - 2018-01-01 06:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-01-11 08:50 - 2018-01-01 06:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-01-11 08:50 - 2018-01-01 06:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-01-11 08:50 - 2018-01-01 06:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-01-11 08:50 - 2018-01-01 06:20 - 018917888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-01-11 08:50 - 2018-01-01 06:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-01-11 08:50 - 2018-01-01 06:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 008014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-01-11 08:50 - 2018-01-01 06:19 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-01-11 08:50 - 2018-01-01 06:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-01-11 08:50 - 2018-01-01 06:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-01-11 08:50 - 2018-01-01 06:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 006564864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-01-11 08:50 - 2018-01-01 06:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 003676672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-01-11 08:50 - 2018-01-01 06:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-01-11 08:50 - 2018-01-01 06:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-01-11 08:50 - 2018-01-01 06:14 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-01-11 08:50 - 2018-01-01 06:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-01-11 08:50 - 2018-01-01 06:14 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-01-11 08:50 - 2018-01-01 06:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-01-11 08:50 - 2018-01-01 06:13 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-11 08:50 - 2018-01-01 06:13 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-01-11 08:50 - 2018-01-01 06:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-11 08:50 - 2018-01-01 06:13 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-01-11 08:50 - 2018-01-01 06:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-01-11 08:50 - 2018-01-01 06:12 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-01-11 08:50 - 2018-01-01 06:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-01-11 08:50 - 2018-01-01 06:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-01-11 08:50 - 2018-01-01 06:12 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-01-11 08:50 - 2018-01-01 06:11 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-11 08:50 - 2018-01-01 06:11 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-01-11 08:50 - 2018-01-01 06:11 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-01-11 08:50 - 2018-01-01 06:11 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-11 08:50 - 2018-01-01 06:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-01-11 08:50 - 2018-01-01 06:11 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-01-11 08:50 - 2018-01-01 06:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-01-11 08:50 - 2018-01-01 06:11 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-01-11 08:50 - 2018-01-01 06:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-11 08:50 - 2018-01-01 06:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-01-11 08:50 - 2018-01-01 06:10 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-01-11 08:50 - 2018-01-01 06:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-01-11 08:50 - 2018-01-01 06:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-01-11 08:50 - 2018-01-01 06:09 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-01-11 08:50 - 2018-01-01 06:09 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-01-11 08:50 - 2018-01-01 06:08 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-01-11 08:50 - 2018-01-01 06:08 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-11 08:50 - 2018-01-01 06:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-01-11 08:50 - 2018-01-01 06:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-01-11 08:50 - 2018-01-01 06:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-01-11 08:50 - 2018-01-01 06:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-01-11 08:50 - 2018-01-01 06:05 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-01-10 21:54 - 2017-12-22 08:45 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-01-10 21:54 - 2017-12-22 08:45 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-30 22:00 - 2017-12-30 22:00 - 000000000 ___HD C:\Users\dennis\MicrosoftEdgeBackups
2017-12-30 21:24 - 2017-11-26 15:32 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-12-30 21:23 - 2017-12-08 01:52 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-30 21:23 - 2017-12-07 18:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-12-30 21:23 - 2017-12-07 18:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-12-30 21:23 - 2017-12-07 18:28 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-12-30 21:23 - 2017-12-07 18:22 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-12-30 21:23 - 2017-12-07 18:16 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-12-30 21:23 - 2017-12-07 18:15 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-12-30 21:23 - 2017-12-07 17:55 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-12-30 21:23 - 2017-12-07 17:31 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-12-30 21:23 - 2017-12-07 17:10 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-30 21:23 - 2017-12-07 17:06 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2017-12-30 21:23 - 2017-12-07 17:05 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-30 21:23 - 2017-12-07 17:04 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2017-12-30 21:23 - 2017-12-07 17:04 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-12-30 21:23 - 2017-12-07 17:02 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-30 21:23 - 2017-12-07 17:02 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-12-30 21:23 - 2017-12-07 17:01 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-12-30 21:23 - 2017-12-07 17:00 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-30 21:23 - 2017-12-07 16:59 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-30 21:23 - 2017-12-07 16:59 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-30 21:23 - 2017-12-07 16:59 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-12-30 21:23 - 2017-12-07 16:58 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-12-30 21:23 - 2017-12-07 16:56 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-30 21:23 - 2017-11-26 15:35 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-12-30 21:23 - 2017-11-26 15:15 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-12-30 21:23 - 2017-11-26 08:45 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-12-30 21:23 - 2017-11-26 08:38 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-12-30 21:23 - 2017-11-26 08:30 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-12-30 21:23 - 2017-11-26 08:29 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-12-30 21:23 - 2017-11-26 08:29 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-12-30 21:23 - 2017-11-26 08:29 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-12-30 21:23 - 2017-11-26 08:29 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-12-30 21:23 - 2017-11-26 08:29 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-12-30 21:23 - 2017-11-26 08:28 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-12-30 21:23 - 2017-11-26 08:28 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-12-30 21:23 - 2017-11-26 08:28 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-12-30 21:23 - 2017-11-26 08:27 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-12-30 21:23 - 2017-11-26 08:27 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-12-30 21:23 - 2017-11-26 08:27 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-12-30 21:23 - 2017-11-26 08:23 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-12-30 21:23 - 2017-11-26 08:23 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-12-30 21:23 - 2017-11-26 08:21 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-30 21:23 - 2017-11-26 07:55 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-30 21:23 - 2017-11-26 07:55 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-12-30 21:23 - 2017-11-26 07:55 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-12-30 21:23 - 2017-11-26 07:26 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2017-12-30 21:23 - 2017-11-26 07:26 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-12-30 21:23 - 2017-11-26 07:25 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-12-30 21:23 - 2017-11-26 07:19 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-12-30 21:23 - 2017-11-26 07:18 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-12-30 21:23 - 2017-11-26 07:18 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-12-30 21:23 - 2017-11-26 07:17 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-12-30 21:23 - 2017-11-26 07:08 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-12-30 21:23 - 2017-11-26 07:05 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-12-30 21:23 - 2017-11-26 07:04 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-12-30 21:23 - 2017-11-26 07:04 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-12-30 21:23 - 2017-11-26 07:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-12-30 21:23 - 2017-11-26 07:03 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-12-30 21:23 - 2017-11-26 07:00 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-12-30 21:23 - 2017-11-26 06:59 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-12-30 21:23 - 2017-11-26 06:21 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-12-30 21:23 - 2017-11-26 06:21 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-12-30 21:23 - 2017-11-26 06:02 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2017-12-30 21:23 - 2017-11-26 06:01 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-12-30 21:23 - 2017-11-26 06:01 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-12-30 21:23 - 2017-11-26 06:01 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-12-30 21:23 - 2017-11-26 06:01 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-12-30 21:23 - 2017-11-26 06:00 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-12-30 21:23 - 2017-11-26 05:58 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-12-30 21:23 - 2017-11-26 05:58 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-12-30 21:23 - 2017-11-26 05:51 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-12-30 21:23 - 2017-11-26 05:41 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-12-30 21:23 - 2017-11-26 05:36 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-12-30 21:23 - 2017-11-26 05:31 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-12-30 21:23 - 2017-11-26 05:30 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-12-30 21:23 - 2017-11-26 05:30 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-12-30 21:23 - 2017-11-26 05:29 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-12-30 21:23 - 2017-11-26 05:28 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-12-30 21:23 - 2017-11-26 05:24 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-12-30 21:23 - 2017-11-19 02:35 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-12-30 21:23 - 2017-11-18 21:20 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-12-30 21:23 - 2017-10-25 04:11 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-12-30 21:23 - 2017-10-24 23:41 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-12-30 21:23 - 2017-10-24 23:40 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-12-30 21:23 - 2017-10-24 23:39 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-12-30 21:23 - 2017-10-24 23:37 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-12-30 21:23 - 2017-10-24 23:30 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-12-30 21:23 - 2017-10-24 23:29 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-12-30 21:23 - 2017-10-24 23:29 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-12-30 21:23 - 2017-10-24 23:27 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-12-30 21:23 - 2017-10-24 23:27 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-12-30 21:23 - 2017-10-24 23:20 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-12-30 21:23 - 2017-10-24 22:27 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-12-30 21:23 - 2017-10-24 22:27 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-12-30 21:23 - 2017-10-24 22:22 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-12-30 21:23 - 2017-10-24 22:22 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-12-30 21:23 - 2017-10-24 22:18 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-12-30 21:23 - 2017-10-24 22:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-12-30 21:23 - 2017-10-24 22:16 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-12-30 21:23 - 2017-10-24 22:16 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-12-30 21:23 - 2017-10-24 22:13 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-12-30 21:23 - 2017-10-24 22:11 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-12-30 21:23 - 2017-10-24 22:09 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-12-30 21:23 - 2017-10-24 22:08 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-12-30 21:23 - 2017-10-24 21:58 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-12-30 21:23 - 2017-10-20 00:08 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-12-30 21:23 - 2017-10-10 02:11 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-12-30 21:23 - 2017-10-10 01:54 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-12-30 21:23 - 2017-10-10 01:49 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-12-30 21:23 - 2017-10-10 01:31 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-12-30 21:23 - 2017-10-10 01:11 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-12-30 21:23 - 2017-10-10 01:07 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-12-30 21:23 - 2017-10-10 00:42 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-12-30 21:23 - 2017-10-10 00:31 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-12-30 21:23 - 2017-10-10 00:30 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-12-30 21:23 - 2017-10-10 00:24 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-12-30 21:22 - 2017-12-07 18:28 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-30 21:22 - 2017-12-07 18:27 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-12-30 21:22 - 2017-12-07 18:26 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-30 21:22 - 2017-12-07 18:24 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-30 21:22 - 2017-12-07 18:24 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-12-30 21:22 - 2017-12-07 18:24 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-12-30 21:22 - 2017-12-07 18:22 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-30 21:22 - 2017-12-07 18:22 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-12-30 21:22 - 2017-12-07 18:12 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2017-12-30 21:22 - 2017-12-07 17:56 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-12-30 21:22 - 2017-12-07 17:55 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-12-30 21:22 - 2017-12-07 17:37 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-30 21:22 - 2017-12-07 17:36 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-30 21:22 - 2017-12-07 17:33 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-12-30 21:22 - 2017-12-07 17:33 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-30 21:22 - 2017-12-07 17:12 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-30 21:22 - 2017-12-07 17:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-30 21:22 - 2017-12-07 17:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-30 21:22 - 2017-12-07 17:09 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2017-12-30 21:22 - 2017-12-07 17:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2017-12-30 21:22 - 2017-12-07 17:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-30 21:22 - 2017-12-07 17:09 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-30 21:22 - 2017-12-07 17:09 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2017-12-30 21:22 - 2017-12-07 17:08 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-30 21:22 - 2017-12-07 17:08 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-30 21:22 - 2017-12-07 17:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-30 21:22 - 2017-12-07 17:07 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2017-12-30 21:22 - 2017-12-07 17:07 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-30 21:22 - 2017-12-07 17:07 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-30 21:22 - 2017-12-07 17:07 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-12-30 21:22 - 2017-12-07 17:06 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-12-30 21:22 - 2017-12-07 17:06 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-30 21:22 - 2017-12-07 17:05 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2017-12-30 21:22 - 2017-12-07 17:05 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-30 21:22 - 2017-12-07 17:05 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2017-12-30 21:22 - 2017-12-07 17:05 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-12-30 21:22 - 2017-12-07 17:05 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2017-12-30 21:22 - 2017-12-07 17:05 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-30 21:22 - 2017-12-07 17:05 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-30 21:22 - 2017-12-07 17:05 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2017-12-30 21:22 - 2017-12-07 17:03 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-30 21:22 - 2017-12-07 17:03 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-12-30 21:22 - 2017-12-07 17:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-12-30 21:22 - 2017-12-07 17:03 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-30 21:22 - 2017-12-07 17:03 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2017-12-30 21:22 - 2017-12-07 17:02 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-12-30 21:22 - 2017-12-07 17:02 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-12-30 21:22 - 2017-12-07 17:01 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-12-30 21:22 - 2017-12-07 17:01 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-12-30 21:22 - 2017-12-07 17:01 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2017-12-30 21:22 - 2017-12-07 16:58 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-12-30 21:22 - 2017-12-07 16:58 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-30 21:22 - 2017-12-07 16:56 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-12-30 21:22 - 2017-12-07 16:54 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-30 21:22 - 2017-11-26 11:43 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-12-30 21:22 - 2017-11-26 08:45 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-12-30 21:22 - 2017-11-26 08:45 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-30 21:22 - 2017-11-26 08:41 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-12-30 21:22 - 2017-11-26 08:32 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-12-30 21:22 - 2017-11-26 08:31 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-12-30 21:22 - 2017-11-26 08:29 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-12-30 21:22 - 2017-11-26 08:29 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-12-30 21:22 - 2017-11-26 08:28 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-12-30 21:22 - 2017-11-26 08:27 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-12-30 21:22 - 2017-11-26 08:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-12-30 21:22 - 2017-11-26 08:23 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-12-30 21:22 - 2017-11-26 08:22 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-12-30 21:22 - 2017-11-26 08:21 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-30 21:22 - 2017-11-26 07:57 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-12-30 21:22 - 2017-11-26 07:55 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-12-30 21:22 - 2017-11-26 07:55 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-12-30 21:22 - 2017-11-26 07:55 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-12-30 21:22 - 2017-11-26 07:54 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-12-30 21:22 - 2017-11-26 07:54 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-12-30 21:22 - 2017-11-26 07:47 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-12-30 21:22 - 2017-11-26 07:43 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-12-30 21:22 - 2017-11-26 07:36 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-12-30 21:22 - 2017-11-26 07:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-12-30 21:22 - 2017-11-26 07:36 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-30 21:22 - 2017-11-26 07:36 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismp6.sys
2017-12-30 21:22 - 2017-11-26 07:35 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-12-30 21:22 - 2017-11-26 07:35 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-12-30 21:22 - 2017-11-26 07:34 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2017-12-30 21:22 - 2017-11-26 07:33 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2017-12-30 21:22 - 2017-11-26 07:31 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-12-30 21:22 - 2017-11-26 07:31 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-12-30 21:22 - 2017-11-26 07:29 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-12-30 21:22 - 2017-11-26 07:29 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2017-12-30 21:22 - 2017-11-26 07:28 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-12-30 21:22 - 2017-11-26 07:26 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-30 21:22 - 2017-11-26 07:25 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-12-30 21:22 - 2017-11-26 07:25 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-12-30 21:22 - 2017-11-26 07:25 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-12-30 21:22 - 2017-11-26 07:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-12-30 21:22 - 2017-11-26 07:19 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-12-30 21:22 - 2017-11-26 07:19 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2017-12-30 21:22 - 2017-11-26 06:59 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-12-30 21:22 - 2017-11-26 06:58 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-12-30 21:22 - 2017-11-26 06:48 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-12-30 21:22 - 2017-11-26 06:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2017-12-30 21:22 - 2017-11-26 06:01 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-12-30 21:22 - 2017-11-26 06:01 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2017-12-30 21:22 - 2017-11-26 06:00 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-12-30 21:22 - 2017-11-26 05:51 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-12-30 21:22 - 2017-11-26 05:41 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-12-30 21:22 - 2017-11-26 05:41 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-12-30 21:22 - 2017-11-26 05:41 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-12-30 21:22 - 2017-11-26 05:41 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-12-30 21:22 - 2017-11-26 05:40 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-12-30 21:22 - 2017-11-26 05:38 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2017-12-30 21:22 - 2017-11-26 05:37 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-12-30 21:22 - 2017-11-26 05:36 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-12-30 21:22 - 2017-11-26 05:36 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-12-30 21:22 - 2017-11-26 05:36 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-12-30 21:22 - 2017-11-26 05:35 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2017-12-30 21:22 - 2017-11-26 05:35 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-12-30 21:22 - 2017-11-26 05:35 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-12-30 21:22 - 2017-11-26 05:31 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-12-30 21:22 - 2017-11-26 05:24 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2017-12-30 21:22 - 2017-10-24 23:40 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-12-30 21:22 - 2017-10-24 23:31 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-12-30 21:22 - 2017-10-24 22:27 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-12-30 21:22 - 2017-10-24 22:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-12-30 21:22 - 2017-10-24 22:18 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-12-30 21:22 - 2017-10-24 22:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-12-30 21:22 - 2017-10-24 22:08 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-12-30 21:22 - 2017-10-24 22:07 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-12-30 21:22 - 2017-10-24 22:05 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-12-30 21:22 - 2017-10-24 22:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-12-30 21:22 - 2017-10-24 22:04 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-12-30 21:22 - 2017-10-24 22:02 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-12-30 21:22 - 2017-10-24 21:54 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-12-30 21:22 - 2017-10-10 01:49 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-12-30 21:22 - 2017-10-10 01:43 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-12-30 21:22 - 2017-10-10 01:06 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-12-30 21:22 - 2017-10-10 00:43 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-12-30 21:22 - 2017-10-10 00:43 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-12-30 21:22 - 2017-10-10 00:34 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-12-30 21:22 - 2017-10-10 00:34 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-12-30 21:22 - 2017-10-10 00:33 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-12-30 21:22 - 2017-10-10 00:33 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-12-30 21:22 - 2017-10-10 00:31 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-12-30 21:22 - 2017-10-03 17:42 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-12-30 21:22 - 2017-10-03 17:42 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-12-30 00:40 - 2017-12-30 00:54 - 000000000 ____D C:\Users\dennis\AppData\Local\PlaceholderTileLogoFolder
2017-12-30 00:39 - 2017-12-30 00:39 - 000000000 ____D C:\Users\dennis\AppData\Local\DBG
2017-12-30 00:06 - 2017-12-30 00:12 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-12-30 00:04 - 2017-12-30 00:06 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-12-30 00:04 - 2017-12-30 00:04 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-12-30 00:00 - 2017-12-30 00:00 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-12-30 00:00 - 2017-12-30 00:00 - 000000000 ____D C:\Program Files\MSBuild
2017-12-30 00:00 - 2017-12-30 00:00 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-12-30 00:00 - 2017-12-30 00:00 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-12-30 00:00 - 2017-12-30 00:00 - 000000000 ____D C:\inetpub
2017-12-30 00:00 - 2017-09-28 18:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-12-30 00:00 - 2017-09-28 18:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-12-30 00:00 - 2017-09-28 18:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-12-30 00:00 - 2017-09-22 21:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-12-30 00:00 - 2017-09-22 21:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-12-30 00:00 - 2017-09-22 21:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-12-29 22:47 - 2017-12-29 22:47 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-12-29 22:44 - 2017-12-29 22:44 - 000000020 ___SH C:\Users\dennis\ntuser.ini
2017-12-29 21:46 - 2017-12-29 21:48 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2017-12-29 21:46 - 2017-12-29 21:48 - 000011433 _____ C:\WINDOWS\diagerr.xml
2017-12-29 21:45 - 2018-01-24 19:05 - 000003246 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFordennis
2017-12-29 21:45 - 2018-01-24 15:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-29 21:45 - 2018-01-18 13:35 - 000004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E3CE43FE-437F-4C77-ADE7-E2A398E9888C}
2017-12-29 21:45 - 2017-12-29 21:46 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3888258802-3760485577-602093225-1001
2017-12-29 21:45 - 2017-12-29 21:46 - 000002620 _____ C:\WINDOWS\System32\Tasks\{735F264A-BDEC-9028-9CAF-09A382A14131}
2017-12-29 21:45 - 2017-12-29 21:45 - 000003626 _____ C:\WINDOWS\System32\Tasks\Yahoo! Powered lecit
2017-12-29 21:45 - 2017-12-29 21:45 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-12-29 21:45 - 2017-12-29 21:45 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-12-29 21:45 - 2017-12-29 21:45 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-12-29 21:45 - 2017-12-29 21:45 - 000002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3888258802-3760485577-602093225-1001
2017-12-29 21:45 - 2017-12-29 21:45 - 000002824 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2017-12-29 21:45 - 2017-12-29 21:45 - 000002698 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet 4630 series
2017-12-29 21:45 - 2017-12-29 21:45 - 000002670 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-12-29 21:45 - 2017-12-29 21:45 - 000002536 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher
2017-12-29 21:45 - 2017-12-29 21:45 - 000002536 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2017-12-29 21:45 - 2017-12-29 21:45 - 000002456 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3888258802-3760485577-602093225-500
2017-12-29 21:45 - 2017-12-29 21:45 - 000002276 _____ C:\WINDOWS\System32\Tasks\{3BB97903-8DD4-40BE-B4F9-3FD67D6BF10B}
2017-12-29 21:45 - 2017-12-29 21:45 - 000002254 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2017-12-29 21:45 - 2017-12-29 21:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2017-12-29 21:45 - 2017-12-29 21:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2017-12-29 21:45 - 2017-12-29 21:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-12-29 21:45 - 2013-09-25 22:35 - 000002320 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2214855882-1967583563-2463007371-500
2017-12-29 21:45 - 2013-07-19 23:03 - 000003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2219834991-2181590956-1059650666-500
2017-12-29 21:32 - 2017-12-29 21:32 - 000000000 ____D C:\ProgramData\USOShared
2017-12-29 21:30 - 2017-12-29 21:30 - 000001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-12-29 21:27 - 2017-12-30 21:32 - 000000000 ____D C:\Users\dennis\AppData\Local\Packages
2017-12-29 21:26 - 2018-01-12 13:08 - 000000000 ____D C:\Users\dennis
2017-12-29 21:26 - 2017-12-29 21:40 - 000000000 ____D C:\Users\Administrator
2017-12-29 21:25 - 2018-01-24 15:38 - 001176206 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-29 21:24 - 2017-10-20 16:43 - 000095216 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-12-29 21:24 - 2017-10-20 16:43 - 000091120 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-12-29 21:23 - 2017-09-29 08:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-12-29 21:20 - 2018-01-25 16:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-29 21:20 - 2018-01-11 18:02 - 000253032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-27 17:48 - 2017-12-27 17:48 - 000000000 ____D C:\Users\dennis\Documents\FeedbackHub
2017-12-23 18:14 - 2017-12-27 16:14 - 000000052 _____ C:\Users\dennis\AppData\Local\s3bmx8gr2a
2017-12-18 13:09 - 2017-12-29 21:51 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-18 12:13 - 2017-12-24 19:13 - 000000052 _____ C:\Users\dennis\AppData\Local\ubIjQrYzgN
2017-11-18 00:48 - 2018-01-24 19:05 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleFordennis.job
2017-11-13 14:52 - 2017-12-30 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-11-13 14:50 - 2017-12-30 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-11-13 14:50 - 2017-11-13 14:50 - 000000000 ____D C:\Program Files\iTunes
2017-11-13 14:50 - 2017-11-13 14:50 - 000000000 ____D C:\Program Files\iPod
==================== Three Months Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-25 17:01 - 2017-09-29 08:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-25 16:36 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-25 15:13 - 2017-02-07 22:13 - 000000000 ____D C:\ProgramData\{A91E6C7D-235C-E6BB-A59A-78F93FD8F337}
2018-01-24 15:35 - 2014-01-14 18:38 - 000000000 ____D C:\Users\dennis\Documents\Youcam
2018-01-24 15:34 - 2016-11-06 20:11 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-01-24 15:34 - 2014-07-20 22:29 - 000000000 __SHD C:\Users\dennis\IntelGraphicsProfiles
2018-01-24 15:31 - 2017-09-29 03:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-01-18 17:55 - 2016-04-14 14:05 - 000000000 ___RD C:\Users\dennis\Documents\Scanned Documents
2018-01-18 13:21 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-18 12:23 - 2017-09-29 08:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-16 00:14 - 2017-02-23 00:14 - 000000562 _____ C:\Users\dennis\AppData\Roaming\WB.CFG
2018-01-14 15:48 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-12 21:58 - 2016-02-18 11:00 - 000000000 ____D C:\Users\dennis\AppData\Local\TomTom
2018-01-12 21:55 - 2016-02-18 11:00 - 000000984 _____ C:\Users\Public\Desktop\TomTom MyDrive Connect.lnk
2018-01-12 21:54 - 2013-09-25 22:55 - 000000000 ____D C:\ProgramData\Package Cache
2018-01-12 21:53 - 2016-02-18 10:59 - 000000000 ____D C:\Program Files (x86)\MyDrive Connect
2018-01-11 18:04 - 2016-04-14 11:18 - 000000000 ___RD C:\Users\dennis\3D Objects
2018-01-11 18:04 - 2015-09-10 00:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-11 18:00 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-01-11 18:00 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-01-11 18:00 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-01-11 18:00 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-01-11 18:00 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-01-11 18:00 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-01-11 18:00 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-01-11 18:00 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-01-11 18:00 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-11 08:56 - 2017-09-29 08:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-11 08:53 - 2017-09-29 08:41 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-01-11 08:53 - 2017-09-29 08:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-01-10 22:37 - 2016-01-25 21:06 - 000002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-10 22:29 - 2015-07-24 12:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-10 22:26 - 2017-10-11 09:54 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-10 22:25 - 2015-07-24 12:50 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-10 22:14 - 2017-02-07 22:14 - 000000000 ____D C:\Users\dennis\AppData\Local\Karecagot
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\si-LK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\am-ET
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-01-10 21:48 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2018-01-10 21:48 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2018-01-10 21:48 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-01-10 21:47 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-01-10 21:47 - 2017-09-29 08:46 - 000000000 ____D C:\Program Files\Windows Defender
2018-01-10 21:47 - 2017-09-29 08:46 - 000000000 ____D C:\PerfLogs
2017-12-30 21:08 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-12-30 00:32 - 2016-08-09 13:52 - 000000000 ____D C:\Users\dennis\Desktop\scuba diving photos
2017-12-30 00:20 - 2017-09-29 08:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-12-30 00:12 - 2017-09-29 08:49 - 000000000 ____D C:\WINDOWS\Setup
2017-12-30 00:12 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-12-30 00:12 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-12-30 00:12 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2017-12-30 00:12 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-12-30 00:12 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\InputMethod
2017-12-30 00:12 - 2017-09-29 08:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-12-30 00:12 - 2017-09-29 08:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-12-30 00:12 - 2017-07-06 20:28 - 000000000 ____D C:\Program Files\UNP
2017-12-30 00:12 - 2017-05-01 09:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro
2017-12-30 00:12 - 2017-04-13 18:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2016
2017-12-30 00:12 - 2016-11-28 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2017-12-30 00:12 - 2016-11-06 20:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2017-12-30 00:12 - 2016-11-06 20:11 - 000000000 ____D C:\Program Files\Intel
2017-12-30 00:12 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-12-30 00:12 - 2016-04-14 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2015
2017-12-30 00:12 - 2016-02-21 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-12-30 00:12 - 2016-02-18 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2017-12-30 00:12 - 2016-01-03 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-12-30 00:12 - 2015-07-23 19:27 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2017-12-30 00:12 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-12-30 00:12 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-12-30 00:12 - 2013-07-19 22:58 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-12-30 00:12 - 2013-07-19 22:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2017-12-30 00:12 - 2013-07-19 22:51 - 000000000 ____D C:\WINDOWS\en
2017-12-30 00:12 - 2013-07-19 22:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Adobe
2017-12-30 00:12 - 2013-07-19 22:46 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2017-12-30 00:12 - 2013-07-19 22:45 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2017-12-30 00:12 - 2013-07-19 22:43 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2017-12-30 00:12 - 2013-07-19 22:41 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2017-12-30 00:11 - 2017-09-29 08:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\IME
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\en-GB
2017-12-30 00:07 - 2016-11-06 20:11 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2017-12-30 00:06 - 2016-11-06 20:11 - 000000000 ____D C:\Program Files\Realtek
2017-12-30 00:06 - 2016-11-06 20:10 - 000000000 ____D C:\Program Files\Synaptics
2017-12-30 00:00 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-12-30 00:00 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-12-30 00:00 - 2017-09-29 08:43 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-12-30 00:00 - 2017-09-29 08:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-12-30 00:00 - 2017-09-29 08:43 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-12-30 00:00 - 2017-09-29 08:43 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-12-30 00:00 - 2017-09-29 08:43 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-12-30 00:00 - 2017-09-29 08:43 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-12-30 00:00 - 2017-09-29 08:43 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-12-30 00:00 - 2017-09-29 08:43 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-12-30 00:00 - 2017-09-29 08:43 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-12-30 00:00 - 2017-09-29 08:43 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-12-30 00:00 - 2017-09-29 08:42 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-12-30 00:00 - 2017-09-29 08:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-12-30 00:00 - 2017-09-29 08:42 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-12-30 00:00 - 2017-09-29 08:42 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-12-29 22:46 - 2016-11-25 14:52 - 000000000 ____D C:\Users\dennis\AppData\Local\ConnectedDevicesPlatform
2017-12-29 22:45 - 2015-10-12 20:34 - 000000000 ____D C:\Users\dennis\AppData\Local\TileDataLayer
2017-12-29 21:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-12-29 21:48 - 2017-09-29 03:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-12-29 21:46 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Registration
2017-12-29 21:45 - 2015-08-17 20:55 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-12-29 21:40 - 2016-11-06 20:15 - 000998558 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-12-29 21:35 - 2016-02-19 19:19 - 000000000 ____D C:\Users\dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PADI Multimedia
2017-12-29 21:32 - 2017-09-29 08:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-12-29 21:30 - 2017-09-29 08:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-12-29 21:27 - 2012-08-03 17:28 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2017-12-29 21:25 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-12-29 21:25 - 2016-11-06 20:12 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-12-29 21:24 - 2016-11-06 20:11 - 000011070 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2017-12-29 21:24 - 2016-11-06 20:11 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-12-29 21:24 - 2016-11-06 20:11 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
==================== Files in the root of some directories =======
2017-02-23 00:14 - 2018-01-16 00:14 - 000000562 _____ () C:\Users\dennis\AppData\Roaming\WB.CFG
2017-12-23 18:14 - 2017-12-27 16:14 - 000000052 _____ () C:\Users\dennis\AppData\Local\s3bmx8gr2a
2017-12-18 12:13 - 2017-12-24 19:13 - 000000052 _____ () C:\Users\dennis\AppData\Local\ubIjQrYzgN
Files to move or delete:
====================
C:\Windows\Tasks\{735F264A-BDEC-9028-9CAF-09A382A14131}.job

==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== BCD ================================
Firmware Boot Manager
---------------------
identifier              {fwbootmgr}
displayorder            {bootmgr}
                        {dc051f48-4546-11e5-824f-806e6f6e6963}
                        {cf469938-4484-11e5-be79-806e6f6e6963}
                        {cf469939-4484-11e5-be79-806e6f6e6963}
timeout                 0
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {feac1b32-ed1f-11e7-a2a6-f6e35240d000}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
Firmware Application (101fffff)
-------------------------------
identifier              {0062363a-30a4-11e5-9897-bda081313899}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {0062363b-30a4-11e5-9897-bda081313899}
description             USB Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {0062363c-30a4-11e5-9897-bda081313899}
description             Internal CD/DVD ROM Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {0062363d-30a4-11e5-9897-bda081313899}
description             USB Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {0062363e-30a4-11e5-9897-bda081313899}
description             Internal CD/DVD ROM Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {0062363f-30a4-11e5-9897-bda081313899}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {00623640-30a4-11e5-9897-bda081313899}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {00623641-30a4-11e5-9897-bda081313899}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {00623643-30a4-11e5-9897-bda081313899}
description             USB Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {00623644-30a4-11e5-9897-bda081313899}
description             Internal CD/DVD ROM Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {00623645-30a4-11e5-9897-bda081313899}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {00623646-30a4-11e5-9897-bda081313899}
description             USB Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {00623647-30a4-11e5-9897-bda081313899}
description             Internal CD/DVD ROM Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {03b3a9af-7dad-11e3-be75-a0481c1f197d}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {7a86adb0-30a0-11e5-9897-bda081313899}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {7a86adb1-30a0-11e5-9897-bda081313899}
description             USB Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {7a86adb2-30a0-11e5-9897-bda081313899}
description             Internal CD/DVD ROM Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {7a86adb5-30a0-11e5-9897-bda081313899}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {80b6f392-8c70-11e3-be7d-806e6f6e6963}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {cf469938-4484-11e5-be79-806e6f6e6963}
description             USB Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {cf469939-4484-11e5-be79-806e6f6e6963}
description             Internal CD/DVD ROM Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {cf46993a-4484-11e5-be79-806e6f6e6963}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {d76b7f83-2664-11e3-afa2-d1a4169b59ab}
description             USB Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {d76b7f84-2664-11e3-afa2-d1a4169b59ab}
description             Internal CD/DVD ROM Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {dc051f48-4546-11e5-824f-806e6f6e6963}
description             Internal Hard Disk or Solid State Disk
Windows Boot Loader
-------------------
identifier              {00623655-30a4-11e5-9897-bda081313899}
device                  ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{00623656-30a4-11e5-9897-bda081313899}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  en-US
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{00623656-30a4-11e5-9897-bda081313899}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes
Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \WINDOWS\system32\winload.efi
description             Windows 10
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {feac1b34-ed1f-11e7-a2a6-f6e35240d000}
displaymessageoverride  SystemRestore
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {feac1b32-ed1f-11e7-a2a6-f6e35240d000}
nx                      OptIn
bootmenupolicy          Standard
Windows Boot Loader
-------------------
identifier              {feac1b34-ed1f-11e7-a2a6-f6e35240d000}
device                  ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{feac1b35-ed1f-11e7-a2a6-f6e35240d000}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  en-US
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{feac1b35-ed1f-11e7-a2a6-f6e35240d000}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes
Resume from Hibernate
---------------------
identifier              {feac1b32-ed1f-11e7-a2a6-f6e35240d000}
device                  partition=C:
path                    \WINDOWS\system32\winresume.efi
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
recoverysequence        {feac1b34-ed1f-11e7-a2a6-f6e35240d000}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\memtest.efi
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
EMS Settings
------------
identifier              {emssettings}
bootems                 No
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
RAM Defects
-----------
identifier              {badmemory}
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
Device options
--------------
identifier              {feac1b35-ed1f-11e7-a2a6-f6e35240d000}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume5
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

LastRegBack: 2018-01-24 15:15
==================== End of FRST.txt ============================


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,930 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:45 PM

Posted 26 January 2018 - 08:22 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

:step1:
Please download Malwarebytes Anti-Malware from here
  • Right-click on the MBAM icon and select Run as administrator to run the tool.
  • Click Yes to accept any security warnings that may appear.
  • Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database.
  • On the left menu pane click the Settings tab, and then select the Protection tab on the top.
  • Under the Scan Options, turn on the button Scan for rootkits and Scan within archives.
  • Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button
  • Note: The scan may take some time to finish, so please be patient.
  • If potential threats are detected, ensure to checkmark all the listed items, and click the Quarantine Selected button.
  • While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log can also be viewed by clicking the log to select it, then clicking the View Report button.
Please post the log for my review.

Note: If asked to restart the computer, please do so immediately.
===

:step2:
Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

Please run the Farbar program and post a fresh FRST.TXT log.
Include also the Addition.txt file that was previously created by the program.

Post the logs and let me know what problems you are having with this computer.

#3 pylestone

pylestone
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:45 AM

Posted 26 January 2018 - 04:39 PM

Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 1/25/18
Scan Time: 7:12 PM
Log File: 8f56790a-022d-11e8-85e9-a0481c1f197d.json
Administrator: Yes
-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.0
License: Free
-System Information-
OS: Windows 10 (Build 16299.192)
CPU: x64
File System: NTFS
User: BIGSUE\dennis
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 422429
Threats Detected: 210
Threats Quarantined: 210
Time Elapsed: 5 min, 31 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 11
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Yahoo! Powered lecit, Delete-on-Reboot, [63], [308969],1.0.0
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2AC40A0F-FF9E-43DA-BAD2-C8A2851AA151}, Delete-on-Reboot, [63], [308969],1.0.0
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{2AC40A0F-FF9E-43DA-BAD2-C8A2851AA151}, Delete-on-Reboot, [63], [308969],1.0.0
PUP.Optional.WinYahoo, HKU\S-1-5-21-3888258802-3760485577-602093225-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{f79e5d1c-5148-469e-9f98-a11d8d7863f4}, Delete-on-Reboot, [63], [254682],1.0.0
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Delete-on-Reboot, [63], [388392],1.0.0
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Delete-on-Reboot, [63], [388392],1.0.0
PUP.Optional.WinYahoo, HKU\S-1-5-21-3888258802-3760485577-602093225-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Delete-on-Reboot, [63], [388392],1.0.0
PUP.Optional.ProductSetup, HKU\S-1-5-21-3888258802-3760485577-602093225-1001\SOFTWARE\PRODUCTSETUP, Delete-on-Reboot, [14409], [242047],1.0.0
PUP.Optional.SearchManager, HKU\S-1-5-21-3888258802-3760485577-602093225-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.InstallCore, HKU\S-1-5-21-3888258802-3760485577-602093225-1001\SOFTWARE\csastats, Delete-on-Reboot, [2], [260986],1.0.0
PUP.Optional.WinYahoo, HKU\S-1-5-21-3888258802-3760485577-602093225-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{74C99C09-2449-4D89-95C9-3D094549EE89}, Delete-on-Reboot, [63], [302717],1.0.0
Registry Value: 8
PUP.Optional.WinYahoo, HKU\S-1-5-21-3888258802-3760485577-602093225-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{f79e5d1c-5148-469e-9f98-a11d8d7863f4}|URL, Delete-on-Reboot, [63], [254682],1.0.0
PUP.Optional.WinYahoo, HKU\S-1-5-21-3888258802-3760485577-602093225-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Delete-on-Reboot, [63], [311488],1.0.0
PUP.Optional.WinYahoo, HKU\S-1-5-21-3888258802-3760485577-602093225-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Delete-on-Reboot, [63], [388392],1.0.0
PUP.Optional.SearchYa, HKU\S-1-5-21-3888258802-3760485577-602093225-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|FAVICONPATH, Delete-on-Reboot, [4650], [242794],1.0.0
PUP.Optional.NotChromeRun, HKU\S-1-5-21-3888258802-3760485577-602093225-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|CHROMIUM, Delete-on-Reboot, [1413], [391151],1.0.0
PUP.Optional.NotChromeRun, HKU\S-1-5-21-3888258802-3760485577-602093225-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GOOGLECHROMEAUTOLAUNCH_F8949DE433A06B1B9BDA2A0B22EC3E7D, Delete-on-Reboot, [1413], [241243],1.0.0
PUP.Optional.ProductSetup, HKU\S-1-5-21-3888258802-3760485577-602093225-1001\SOFTWARE\PRODUCTSETUP|TB, Delete-on-Reboot, [14409], [242047],1.0.0
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{2AC40A0F-FF9E-43DA-BAD2-C8A2851AA151}|PATH, Delete-on-Reboot, [63], [308967],1.0.0
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 23
PUP.Optional.WinYahoo.Generic, C:\PROGRAMDATA\{A91E6C7D-235C-E6BB-A59A-78F93FD8F337}, Delete-on-Reboot, [1202], [343986],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\weather, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\icons, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\fonts, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\skin\icons, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\_metadata, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\vendor, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\skin, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\_metadata, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\config, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\icons, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\libs, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\kpocjpoifmommoiiiamepombpeoaehfh, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\USERS\DENNIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL EXTENSION SETTINGS\KPOCJPOIFMOMMOIIIAMEPOMBPEOAEHFH, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\HowToRemove, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\USERS\DENNIS\APPDATA\LOCAL\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}, Delete-on-Reboot, [63], [302717],1.0.0
File: 168
PUP.Optional.WinYahoo, C:\USERS\DENNIS\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\HOWTOREMOVE.HTML.LNK, Delete-on-Reboot, [63], [254335],1.0.0
PUP.Optional.WinYahoo, C:\WINDOWS\SYSTEM32\TASKS\Yahoo! Powered lecit, Delete-on-Reboot, [63], [308969],1.0.0
PUP.Optional.WinYahoo, C:\WINDOWS\TASKS\Yahoo! Powered lecit.job, Delete-on-Reboot, [63], [308966],1.0.0
PUP.Optional.WinYahoo.Generic, C:\PROGRAMDATA\{A91E6C7D-235C-E6BB-A59A-78F93FD8F337}\sise, Delete-on-Reboot, [1202], [343986],1.0.0
PUP.Optional.WinYahoo.Generic, C:\ProgramData\{A91E6C7D-235C-E6BB-A59A-78F93FD8F337}\aowLC, Delete-on-Reboot, [1202], [343986],1.0.0
PUP.Optional.WinYahoo.Generic, C:\ProgramData\{A91E6C7D-235C-E6BB-A59A-78F93FD8F337}\desa.txt, Delete-on-Reboot, [1202], [343986],1.0.0
PUP.Optional.WinYahoo.Generic, C:\ProgramData\{A91E6C7D-235C-E6BB-A59A-78F93FD8F337}\hdat1, Delete-on-Reboot, [1202], [343986],1.0.0
PUP.Optional.WinYahoo.Generic, C:\ProgramData\{A91E6C7D-235C-E6BB-A59A-78F93FD8F337}\hdat2, Delete-on-Reboot, [1202], [343986],1.0.0
PUP.Optional.WinYahoo.Generic, C:\ProgramData\{A91E6C7D-235C-E6BB-A59A-78F93FD8F337}\madici, Delete-on-Reboot, [1202], [343986],1.0.0
PUP.Optional.WinYahoo.Generic, C:\ProgramData\{A91E6C7D-235C-E6BB-A59A-78F93FD8F337}\ubIjQ, Delete-on-Reboot, [1202], [343986],1.0.0
PUP.Optional.SearchModule, C:\USERS\DENNIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\LOCAL STORAGE\chrome-extension_nahhmpbckpgdidfnmfkfgiflpjijilce_0.localstorage, Delete-on-Reboot, [676], [453492],1.0.0
PUP.Optional.SearchManager, C:\USERS\DENNIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\USERS\DENNIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\fonts\HelveticaNeue-Thin.otf, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\fonts\HelveticaNeueLT-Roman.woff, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\fonts\neue-bold.woff, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\fonts\neue.woff, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\icons\128.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\icons\16.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\icons\48.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\icons\close.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\icons\favicon.ico, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\icons\trends.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\weather\01d.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\weather\01n.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\weather\02d.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\weather\02n.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\weather\03d.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\weather\03n.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\weather\04d.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\weather\04n.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\weather\09d.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\weather\09n.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\weather\10d.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\weather\10n.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\weather\11d.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\weather\11n.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\weather\13d.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\weather\13n.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\weather\50d.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\weather\50n.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\hero-bg.jpg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\bing.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\bing_large.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\bluesky-bg.jpg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\brush.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\bt.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\clock.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\cloud.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\cupcake-bg.jpg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\desk-bg.jpg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\doodle.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\down.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\eyeglass.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\google.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\google_large.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\just-the-box-empty.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\just-the-box.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\mountain-bg.jpg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\pointer2.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\radio-selected.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\radio-unselected.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\sea-bg.jpg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\settings.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\star-unselected.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\star.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\toggle-off.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\toggle-on.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\transparent_img.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\yahoo.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\yahoo.svg, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\images\yahoo_large.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\content\bundle.v0.0.1.min.css, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\skin\icons\16.png, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\vendor\md5.min.js, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\vendor\react-dom.min.js, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\vendor\react-with-addons.min.js, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\vendor\underscore-min.js, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\_metadata\verified_contents.json, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\2bfc185be71f44cd73ac81511fc1f5a5.woff, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\b495e340f4ef8924fea0284c1bf9e7ac.woff, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\background.html, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\background.v0.0.1.min.js, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\c5a5cbf4dbcaa7064f2bc77f52101aec.otf, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\client.v0.0.1.min.js, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\common.js, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\e5d3501d500d07b0a1e952b0f8a81d78.woff, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\e_.json, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\index.html, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\manifest.json, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\popupTab2.html, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\popupTab2.js, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.SearchManager, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce\10.1.2.53_0\responseConfig.json, Delete-on-Reboot, [529], [440037],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpocjpoifmommoiiiamepombpeoaehfh\000003.log, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpocjpoifmommoiiiamepombpeoaehfh\CURRENT, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpocjpoifmommoiiiamepombpeoaehfh\LOCK, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpocjpoifmommoiiiamepombpeoaehfh\LOG, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpocjpoifmommoiiiamepombpeoaehfh\LOG.old, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpocjpoifmommoiiiamepombpeoaehfh\MANIFEST-000001, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\USERS\DENNIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\USERS\DENNIS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\config\config.json, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\icons\icon128.png, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\icons\icon16.png, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\icons\icon19disabled.png, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\icons\icon19on.png, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\icons\icon48.png, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js\ajax.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js\background.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js\chrome.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js\content_script.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js\dlp.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js\dlpHelper.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js\dynamicNewTab.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js\extension_detect.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js\index.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js\logger.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js\pageUtils.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js\storage.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js\TabManager.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js\TemplateParser.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js\ul.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js\urlFragmentActions.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js\urlUtils.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js\util.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\js\webtooltabAPI.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\libs\PartnerId.js, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\_metadata\computed_hashes.json, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\_metadata\verified_contents.json, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\dynamicNewTab.html, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh\13.300.12.6698_0\manifest.json, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\kpocjpoifmommoiiiamepombpeoaehfh\000003.log, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\kpocjpoifmommoiiiamepombpeoaehfh\CURRENT, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\kpocjpoifmommoiiiamepombpeoaehfh\LOCK, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\kpocjpoifmommoiiiamepombpeoaehfh\LOG, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\kpocjpoifmommoiiiamepombpeoaehfh\LOG.old, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.MindSpark, C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\kpocjpoifmommoiiiamepombpeoaehfh\MANIFEST-000001, Delete-on-Reboot, [260], [389264],1.0.0
PUP.Optional.WinYahoo, C:\USERS\DENNIS\APPDATA\LOCAL\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\HOWTOREMOVE\HOWTOREMOVE.HTML, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\HowToRemove\chromium-min.jpg, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\HowToRemove\control panel-min-min.JPG, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\HowToRemove\down.png, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\HowToRemove\ff menu.JPG, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\HowToRemove\ff search engine-min.png, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\HowToRemove\hp-min ff.png, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\HowToRemove\hp-min ie.png, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\HowToRemove\search engine.gif, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\HowToRemove\setup pages.gif, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\HowToRemove\sp-min.png, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\HowToRemove\start-min.jpg, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\HowToRemove\up.png, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\bapi_chmm.dat, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\bapi_ff.dat, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\bapi_ie.dat, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\doso, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\install.log, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\nali, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\rari, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\sino.cfg, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\Sqlite3.dll, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\tido, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\tifi.dat, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\uninst.dat, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\uninst.exe, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.WinYahoo, C:\Users\dennis\AppData\Local\{C05CF600-E4F4-9AB8-896C-BF50AD0443C8}\uninstp.dat, Delete-on-Reboot, [63], [302717],1.0.0
PUP.Optional.BundleInstaller, C:\USERS\DENNIS\DOWNLOADS\ADOBE_FLASH_SETUP (3).EXE, Delete-on-Reboot, [20], [368424],1.0.0
PUP.Optional.BundleInstaller, C:\USERS\DENNIS\DOWNLOADS\ADOBE_FLASH_SETUP.EXE, Delete-on-Reboot, [20], [368416],1.0.0
PUP.Optional.BundleInstaller, C:\USERS\DENNIS\DOWNLOADS\ADOBE_FLASH_SETUP (1).EXE, Delete-on-Reboot, [20], [368416],1.0.0
PUP.Optional.BundleInstaller, C:\USERS\DENNIS\DOWNLOADS\ADOBE_FLASH_SETUP (2).EXE, Delete-on-Reboot, [20], [368416],1.0.0
Physical Sector: 0
(No malicious items detected)

(end)


#4 pylestone

pylestone
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:45 AM

Posted 26 January 2018 - 04:42 PM

# AdwCleaner v4.107 - Report created 15/01/2015 at 19:27:19
# Updated 07/01/2015 by Xplode
# Database : 2014-12-21.4 [Local]
# Operating System : Windows 8.1  (64 bits)
# Username : dennis - BIGSUE
# Running from : C:\Users\dennis\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****

***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wiseconvert
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\wiseconvert
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Users\dennis\AppData\Local\iac
Folder Deleted : C:\Users\dennis\AppData\LocalLow\iac
Folder Deleted : C:\Users\dennis\AppData\Roaming\Advanced System Protector
Folder Deleted : C:\Users\dennis\AppData\Roaming\Systweak
Folder Deleted : C:\Users\dennis\AppData\Roaming\ValueApps
File Deleted : C:\Users\Public\Desktop\eBay.lnk
***** [ Scheduled Tasks ] *****
Task Deleted : Advanced System Protector
Task Deleted : Advanced System Protector_startup
Task Deleted : LaunchApp
***** [ Shortcuts ] *****

***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.FeedManager
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.FeedManager.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.Radio
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.Radio.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.RadioSettings
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.RadioSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ScriptButton
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ScriptButton.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ToolbarProtector
Key Deleted : HKLM\SOFTWARE\Classes\FromDocToPDF_65.ToolbarProtector.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{017D68F2-19B3-41AE-9D8A-8B09DBD25479}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3700B685-D795-4E17-9B78-73BCEE5D4086}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E6260AC-BC6F-44B4-942B-1568C367543A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{504B4AA9-9952-4490-B0E1-80A5321C35F7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{72D05120-DF65-4C27-921E-899B5267FEF2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE84501A-2CB6-41D6-B3A7-9679BDBDFA0B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AFA196F4-80E5-47AD-B7BC-C671487D36FB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B7FD68F7-D28B-431E-9EE8-E45D915B7F17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CBBEA4B9-B183-47AC-8B1F-FD526AC99A8D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD1D181E-C654-4CA5-9D09-B3648537FD7D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0C3A839-0E5E-4EBC-9F8F-E56F8FC732CE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1C4699E-5E74-4F30-A4A2-378E45D44F07}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FC2B119B-2352-4E7A-9197-B9E1BBADE61B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{36B445BF-1B84-466A-A623-A360A8CFF8C3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6CBF5C01-C876-481B-867E-111CB1D2A7D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1747AE4D-0A83-4336-84D4-48500BF1554F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2C9D27D8-C81E-4968-8026-E725E01650C1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3BB1BA04-1B88-4690-9AD3-0D38412F5FF1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3EFEC319-72E8-42AA-AC38-8CF8A0661CDD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D8AEB1D-4ED4-44AC-A039-4775B2575DB0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6191571E-F7EE-47C3-B229-2DFAC70DB5D2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74C02D12-FAEE-4834-80D2-5B7D2480AD61}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{840AE8AE-D547-433E-985C-6BF6C74F5084}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BF6FDBB8-7CD5-402D-AB4F-E4F13D3490C8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E3CDDB72-3ADC-4920-B42B-68A8C29FA942}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BC7E25D7-4681-46A3-AF5A-9A1B865783ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CBBEA4B9-B183-47AC-8B1F-FD526AC99A8D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E1C4699E-5E74-4F30-A4A2-378E45D44F07}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FC2B119B-2352-4E7A-9197-B9E1BBADE61B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36B445BF-1B84-466A-A623-A360A8CFF8C3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6CBF5C01-C876-481B-867E-111CB1D2A7D6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{701F5C41-BB30-46DA-A56B-68784B0B762B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3B975A0-F679-444E-9D94-6D292FA53140}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0C3A839-0E5E-4EBC-9F8F-E56F8FC732CE}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{4C60E5AB-5C68-4C59-ABAA-885010B24B32}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{C66A678D-5E6C-4AF9-8F57-C6192F42CF74}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{36B445BF-1B84-466A-A623-A360A8CFF8C3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6CBF5C01-C876-481B-867E-111CB1D2A7D6}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9A216821-0EC5-49A3-85AC-FB72AE79A1E8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E150D512-4EB7-4D3A-A916-B362D8EAA319}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FromDocToPDF_65bar Uninstall Firefox
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FromDocToPDF_65bar Uninstall Internet Explorer
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.ask.com
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17416

-\\ Google Chrome v39.0.2171.95
[C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : lcnnhcneegeeojhgpfijnlnocjdmlaon
*************************
AdwCleaner[R0].txt - [9499 octets] - [15/01/2015 19:25:10]
AdwCleaner[S0].txt - [9137 octets] - [15/01/2015 19:27:19]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9197 octets] ##########
# AdwCleaner v4.208 - Logfile created 23/07/2015 at 18:15:56
# Updated 09/07/2015 by Xplode
# Database : 2015-07-15.1 [Server]
# Operating system : Windows 8  (x64)
# Username : dennis - BIGSUE
# Running from : C:\Users\dennis\Desktop\AdwCleaner.exe
# Option : Cleaning
***** [ Services ] *****

***** [ Files / Folders ] *****
File Deleted : C:\Users\Public\Desktop\eBay.lnk
***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****
Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Web browsers ] *****
-\\ Internet Explorer v10.0.9200.16537

*************************
AdwCleaner[R0].txt - [10461 bytes] - [15/01/2015 17:25:10]
AdwCleaner[R1].txt - [840 bytes] - [15/01/2015 17:54:14]
AdwCleaner[S0].txt - [10132 bytes] - [15/01/2015 17:27:19]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10192  bytes] ##########

 

# AdwCleaner 7.0.7.0 - Logfile created on Fri Jan 26 00:24:25 2018
# Updated on 2018/18/01 by Malwarebytes
# Database: 01-16-2018.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-3888258802-3760485577-602093225-1001\Software\CoinisRevShare
PUP.Optional.Legacy, [Key] - HKCU\Software\CoinisRevShare
PUP.Optional.DriverAgent, [Key] - HKU\S-1-5-21-3888258802-3760485577-602093225-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\download.driversupport.com
PUP.Optional.DriverAgent, [Key] - HKU\S-1-5-21-3888258802-3760485577-602093225-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\driversupport.com

***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [10273 B] - [2015/1/16 0:27:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wiseconvert\uninstall.lnk->C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\wiseconvert\uninstall.lnk.vir
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\wiseconvert\WiseConvert.lnk->C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\wiseconvert\WiseConvert.lnk.vir
C:\Program Files (x86)\wiseconvert\uninstall.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\wiseconvert\uninstall.exe.vir
C:\Program Files (x86)\wiseconvert\WiseConvert\wise-convert.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\wiseconvert\WiseConvert\wise-convert.exe.vir
C:\Program Files (x86)\wiseconvert\WiseConvert\res\loading.gif->C:\AdwCleaner\Quarantine\C\Program Files (x86)\wiseconvert\WiseConvert\res\loading.gif.vir
C:\Program Files (x86)\wiseconvert\WiseConvert\res\wise-convert.ico->C:\AdwCleaner\Quarantine\C\Program Files (x86)\wiseconvert\WiseConvert\res\wise-convert.ico.vir
C:\Users\Public\Desktop\eBay.lnk->C:\AdwCleaner\Quarantine\C\Users\Public\Desktop\eBay.lnk.vir
C:\Users\Public\Desktop\eBay.lnk->C:\AdwCleaner\Quarantine\C\Users\Public\Desktop\eBay.lnk.vir
 



#5 pylestone

pylestone
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:45 AM

Posted 26 January 2018 - 04:43 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.01.2018
Ran by dennis (administrator) on BIGSUE (25-01-2018 17:08:31)
Running from F:\
Loaded Profiles: dennis (Available Profiles: dennis & Administrator)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(HP) C:\Windows\System32\HP3DDGService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(The Chromium Authors) C:\Users\dennis\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\dennis\AppData\Local\chromium\Application\chrome.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(The Chromium Authors) C:\Users\dennis\AppData\Local\chromium\Application\chrome.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\BrownyScn\Brother\BrStMonScn.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(The Chromium Authors) C:\Users\dennis\AppData\Local\chromium\Application\chrome.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\BrownyScn\ScannerStatusMonitorService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(The Chromium Authors) C:\Users\dennis\AppData\Local\chromium\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8496344 2015-11-13] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [393200 2017-10-20] ()
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [866224 2017-03-16] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-10-20] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-05-22] (CyberLink Corp.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-05-03] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-09-25] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrScnStsMon00] => C:\Program Files (x86)\BrownyScn\Brother\BrStMonScn.exe [3048448 2013-05-07] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.)
HKU\S-1-5-21-3888258802-3760485577-602093225-1001\...\Run: [HP Officejet 4630 series (NET)] => C:\Program Files\HP\HP Officejet 4630 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3888258802-3760485577-602093225-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1976040 2018-01-03] (TomTom)
HKU\S-1-5-21-3888258802-3760485577-602093225-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-3888258802-3760485577-602093225-1001\...\Run: [Chromium] => c:\users\dennis\appdata\local\chromium\application\chrome.exe [828416 2017-01-20] (The Chromium Authors)
HKU\S-1-5-21-3888258802-3760485577-602093225-1001\...\Run: [GoogleChromeAutoLaunch_F8949DE433A06B1B9BDA2A0B22EC3E7D] => C:\Users\dennis\AppData\Local\chromium\Application\chrome.exe [828416 2017-01-20] (The Chromium Authors)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{7d1215bc-4196-430b-8211-f9ca0151e59e}: [DhcpNameServer] 192.168.2.1 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{c4ffbd94-3490-4c1e-85d8-bd4498976c59}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-3888258802-3760485577-602093225-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wnf_coinisre_17_06_ssg01&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDyEzztC0CtC0FtCzyyB0Dzy0E0FyCtN0D0Tzu0StCzzyCyEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StA0DzztC0AtDyDtDtGyByE0CtDtG0DtB0E0BtGyCyDzyzytGyD0DyEtAtC0AtAyD0EtByDyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtA0EtAyCyCyCtGtCyBtD0DtGyE0DtD0FtGzy0ByEzytG0B0C0ByDyCzztByD0EyDyDzy2QtN0A0LzuyE%26cr%3D1311317759%26a%3Dwnf_coinisre_17_06_ssg01%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKU\S-1-5-21-3888258802-3760485577-602093225-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
SearchScopes: HKLM -> {1B460A68-29B0-489F-893D-15C01F601B98} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {1B460A68-29B0-489F-893D-15C01F601B98} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3888258802-3760485577-602093225-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_851a73ac8455b40bf3&param1=ArFaIWJoNqArQGMVHFFoNqAqBbFaISEaQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8NVU9ISoUvmk9JaYWwVNdImIWvmo4JqYVvmpdIGYTvFM9GqYVNUI3wGYGwVM3vmk3vmo9GqUNNos3wCIYwVA9JmoVwVA9J6ITvFI4ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6oVvFQ9JmoUvFNdIWYYNVI9I6IWvFI3vmoUwVxdJCIWvmk3vCISwVM4JmoWNVM9I6IXNVRdICIWwVQ4JaYWvmo9JmIWvFM4JqQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVA9J6IYNVE9JCoWvFM4J6ISwVM4JmIVNVI9I6oUNVI9IWYTwVw3vGYXvFE3vCISNVRdJaYXvFI4J6k3wVQ4IWYUvFI4ISk4NoU9GqYYNVc3wCoUQGR7B6RoN9JcMGJaLWVaMGF6QGR7BHFaISopzU0aCaV6CaZ4C78kBrFbMn0aC6AoxrFaIWVdOqZoNqAexbFaIUwkynIew6NoNpRcNXFbJpseyDF%3D&param2=NqZbLGt7MGN%3D&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3888258802-3760485577-602093225-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_851a73ac8455b40bf3&param1=ArFaIWJoNqArQGMVHFFoNqAqBbFaISEaQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8NVU9ISoUvmk9JaYWwVNdImIWvmo4JqYVvmpdIGYTvFM9GqYVNUI3wGYGwVM3vmk3vmo9GqUNNos3wCIYwVA9JmoVwVA9J6ITvFI4ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6oVvFQ9JmoUvFNdIWYYNVI9I6IWvFI3vmoUwVxdJCIWvmk3vCISwVM4JmoWNVM9I6IXNVRdICIWwVQ4JaYWvmo9JmIWvFM4JqQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVA9J6IYNVE9JCoWvFM4J6ISwVM4JmIVNVI9I6oUNVI9IWYTwVw3vGYXvFE3vCISNVRdJaYXvFI4J6k3wVQ4IWYUvFI4ISk4NoU9GqYYNVc3wCoUQGR7B6RoN9JcMGJaLWVaMGF6QGR7BHFaISopzU0aCaV6CaZ4C78kBrFbMn0aC6AoxrFaIWVdOqZoNqAexbFaIUwkynIew6NoNpRcNXFbJpseyDF%3D&param2=NqZbLGt7MGN%3D&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3888258802-3760485577-602093225-1001 -> {1B460A68-29B0-489F-893D-15C01F601B98} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3888258802-3760485577-602093225-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3888258802-3760485577-602093225-1001 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wnf_coinisre_17_06_ssg01&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDyEzztC0CtC0FtCzyyB0Dzy0E0FyCtN0D0Tzu0StCzzyCyEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StA0DzztC0AtDyDtDtGyByE0CtDtG0DtB0E0BtGyCyDzyzytGyD0DyEtAtC0AtAyD0EtByDyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtA0EtAyCyCyCtGtCyBtD0DtGyE0DtD0FtGzy0ByEzytG0B0C0ByDyCzztByD0EyDyDzy2QtN0A0LzuyE%26cr%3D1311317759%26a%3Dwnf_coinisre_17_06_ssg01%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Toolbar: HKU\S-1-5-21-3888258802-3760485577-602093225-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
Chrome:
=======
CHR NewTab: Default ->  Active:"chrome-extension://kpocjpoifmommoiiiamepombpeoaehfh/dynamicNewTab.html", Not-active:"chrome-extension://kpocjpoifmommoiiiamepombpeoaehfh/stubby.html"
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default [2017-10-19]
CHR Extension: (Slides) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-19]
CHR Extension: (Docs) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]
CHR Extension: (Google Drive) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-25]
CHR Extension: (Norton Security Toolbar) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2016-01-25]
CHR Extension: (YouTube) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-25]
CHR Extension: (Google Search) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-25]
CHR Extension: (Sheets) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-19]
CHR Extension: (Google Docs Offline) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-06]
CHR Extension: (Norton Identity Safe) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-01-25]
CHR Extension: (EasyPDFCombine) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh [2017-10-19]
CHR Extension: (Search Manager) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-10-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-19]
CHR Extension: (Gmail) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-25]
CHR Extension: (Chrome Media Router) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-19]
CHR HKLM\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3888258802-3760485577-602093225-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-06-25] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [294664 2013-06-25] (CyberLink)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2017-03-16] ()
R2 hp3ddgsrv; C:\WINDOWS\system32\HP3DDGService.exe [130072 2017-10-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-05-03] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-11-13] (Realtek Semiconductor)
R3 ScannerStatusMonitorService; C:\Program Files (x86)\BrownyScn\ScannerStatusMonitorService.exe [276992 2013-05-08] (Brother Industries, Ltd.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [54296 2017-10-03] (HP)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-28] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-28] (Symantec Corporation)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [40472 2017-10-03] (HP)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S1 MpKsl2a2ccae3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8F6D2CA4-BB06-4228-A775-5189EDBD5EA4}\MpKsl2a2ccae3.sys [58120 2018-01-18] () [File not signed]
R1 MpKsle39c5e55; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8F6D2CA4-BB06-4228-A775-5189EDBD5EA4}\MpKsle39c5e55.sys [58120 2018-01-24] (Microsoft Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [6804480 2017-05-03] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-27] (Synaptics Incorporated)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2017-09-29] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
========================== Drivers MD5 =======================
C:\WINDOWS\System32\drivers\1394ohci.sys 08312DEEF0D3F8647AA53AD90A69094E
C:\WINDOWS\System32\drivers\3ware.sys 645009E711BBF117CCEE917A03FB0CDD
C:\WINDOWS\system32\DRIVERS\Accelerometer.sys B8712F335FAC6605A23B161B0653FA2E
C:\WINDOWS\System32\drivers\ACPI.sys 69481E5474C7E61CDB3FE6A8A0F3B1B4
C:\WINDOWS\System32\drivers\AcpiDev.sys 44EA35A4B397898A83BF1B9B4B8DAE35
C:\WINDOWS\System32\Drivers\acpiex.sys 91D113A1532B8AB1E25B7DE5AB3C2F83
C:\WINDOWS\System32\drivers\acpipagr.sys 620BB2682BA625DF037072D89F44F6EE
C:\WINDOWS\System32\drivers\acpipmi.sys B9805A3C479390CEAEA5AEF5E4A90A2E
C:\WINDOWS\System32\drivers\acpitime.sys ABD4EB55C661143B015BD0B9B47B235C
C:\WINDOWS\System32\drivers\ADP80XX.SYS 8C58BD711FAD5F11E8CFDBC5CED973A5
C:\WINDOWS\system32\drivers\afd.sys 7AE4EBDC221235BF9E1008B515C0B8DB
C:\WINDOWS\System32\DRIVERS\ahcache.sys 56166D110D3ECFFC595E5FA02D9BA491
C:\WINDOWS\System32\drivers\amdk8.sys 62619E31AFF88F906A7E793AC4A9FF51
C:\WINDOWS\System32\drivers\amdppm.sys 735142DD039BEB35632765C41FC6E397
C:\WINDOWS\System32\drivers\amdsata.sys F1C16AABA27E9E153AEC7BD2AB853F30
C:\WINDOWS\System32\drivers\amdsbs.sys C834D0F1ECB8473E9E6D18EE1BCEECB2
C:\WINDOWS\System32\drivers\amdxata.sys 49203D2FFE30CBB36BE66A0E70F3D954
C:\WINDOWS\System32\drivers\appid.sys 3692C75C47285D388C886D162F54C430
C:\WINDOWS\System32\drivers\applockerfltr.sys 1E085E2302D568F0CE041732B3E887B0
C:\WINDOWS\System32\drivers\arcsas.sys B42C83DE28776B80DBA1310C56DD4F74
C:\WINDOWS\System32\drivers\asyncmac.sys C2151380227CD1F7DDA2401C1F151367
C:\WINDOWS\System32\drivers\atapi.sys 6191B9B2EE0E8CB957C683B9B341CC86
C:\WINDOWS\System32\drivers\bxvbda.sys A921805C1ED3253DF48FCA4D724173EB
C:\WINDOWS\System32\drivers\bam.sys 763CF81762483E244BAEB83DEFFC53F3
C:\WINDOWS\System32\drivers\BasicDisplay.sys 2A7267AA15E508F6D05A5B562F1FD1CE
C:\WINDOWS\System32\drivers\BasicRender.sys 2E1EE0F10FAF1250D1AC05BFB0E6BD3D
C:\WINDOWS\System32\drivers\bcmfn2.sys 739D089777D2B66DBE7201E5EA4BA2D7
C:\Windows\System32\Drivers\Beep.sys EDDAA3A563E7EB71C991FE91249C7D81
C:\WINDOWS\System32\DRIVERS\bowser.sys D030A1203680D66716F4E74053468627
C:\WINDOWS\system32\DRIVERS\BrSerIb.sys 63A00CDBEB300522C49EC7CA77324060
C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys BBCFD6C6EF66449F55AF1BFDB08C9B12
C:\WINDOWS\System32\drivers\BthAvrcpTg.sys A4863B7B1F0DB513D6E34547BACC211A
C:\WINDOWS\System32\drivers\bthhfenum.sys 9C9EE272C11252C651C5DE6A1AC1EDAA
C:\WINDOWS\System32\drivers\BthHFHid.sys 69734E386826ED857C889330F35B4D9C
C:\WINDOWS\System32\drivers\bthmodem.sys A94AFAEA86F5F792BB4ECA095B231464
C:\WINDOWS\System32\drivers\bttflt.sys 39E7437FC59CDD7A303ABD514E462E8B
C:\WINDOWS\System32\drivers\buttonconverter.sys 522888590B0C19BC8128119060AE7901
C:\WINDOWS\System32\drivers\CAD.sys 2AB01CE5E233A6FBA3E91BD57772AA4B
C:\WINDOWS\System32\drivers\capimg.sys F6F97879F53AD57194C6BC8272FD73EA
C:\WINDOWS\System32\DRIVERS\cdfs.sys 9E82A95D77AC78C84BA75FF896B060BF
C:\WINDOWS\System32\drivers\cdrom.sys 6D83565C1652E80447EDEA6947FA89D7
C:\WINDOWS\System32\drivers\cht4sx64.sys D81954CE5E016FD716EDDB2B2FD9BA58
C:\WINDOWS\System32\drivers\cht4vx64.sys F9A8570805807FFD66488F0A858E1308
C:\WINDOWS\System32\drivers\circlass.sys 9798D58461706930190F1F2F6BF21D80
C:\WINDOWS\System32\drivers\cldflt.sys 3B5973C9D50DE90CEB6D7DC85216AA86
C:\WINDOWS\System32\drivers\CLFS.sys 59D46CE57A49353A733D162DBA65A4FA
C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys 3E76A1547F2448BCEE3D2F4AE3931AB5
C:\WINDOWS\system32\DRIVERS\clwvd.sys 39F71BF21E7F8EBE9B4810BC95EE26D6
C:\WINDOWS\System32\drivers\CmBatt.sys 2BA3BA38B5A6A667B0EAEC477276707B
C:\WINDOWS\System32\Drivers\cng.sys B3CC988A9D8B8EC66ED2B7B7B3413652
C:\WINDOWS\System32\DRIVERS\cnghwassist.sys C65AF00EF12A1755E7CA370B0C71935D
C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys A50300498D56B2448F3593D25478D508
C:\WINDOWS\System32\drivers\condrv.sys 65602B0DB49199647FECB2D1212147BE
C:\WINDOWS\System32\drivers\dam.sys 72BE43ABD786E86AAE7EA2193201E100
C:\WINDOWS\System32\Drivers\dfsc.sys 9910E9CFF5ECDCB225F82E72CE9DE459
C:\WINDOWS\System32\drivers\disk.sys 811173C821171BB910219E53C7FD97AD
C:\WINDOWS\System32\drivers\dmvsc.sys 569FE16775E15A49DC904DE20BF8CAA0
C:\WINDOWS\System32\drivers\drmkaud.sys F4800922F4ABA619585CE320A72E6389
C:\WINDOWS\System32\drivers\dxgkrnl.sys 0DF6B436F579E1DD23C8EBD61EE749E8
C:\WINDOWS\System32\drivers\evbda.sys C99D40C97841E0A7F0F90B8629593A97
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 93EA893A8C2C561648A559E48C723412
C:\WINDOWS\System32\drivers\EhStorClass.sys 260BBD6B1ED06298E509B452354EDB91
C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys F3BEBDC1B9DBA32F183079EAE6244837
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 8400C9E33B68C556BF63AEF490EB145C
C:\WINDOWS\System32\drivers\errdev.sys 1B63CA857FD03FD0A5A1379F2996784F
C:\Windows\System32\Drivers\exfat.sys F1ACA42D448E3986565EA54275EEEA65
C:\Windows\System32\Drivers\fastfat.sys 0AF4B36754A6EAE794EE4398E219A9E1
C:\WINDOWS\System32\drivers\fdc.sys 7CD8426A33F06EB72BFEC51F7C264AF8
C:\WINDOWS\System32\drivers\filecrypt.sys DE51BBBCF358188F9736F031546F9908
C:\WINDOWS\System32\drivers\fileinfo.sys 822F664952B0F8D11BB6BD2F11779602
C:\WINDOWS\System32\drivers\filetrace.sys 5A4935682A0D47A4EAC4BE3C2ACF74D6
C:\WINDOWS\System32\drivers\flpydisk.sys 60641F22D1D38EAD197C25F0339C9712
C:\WINDOWS\System32\drivers\fltmgr.sys 56F9EAA7099159759B2F6C523007A13F
C:\WINDOWS\System32\drivers\FsDepends.sys 5D8A0E58E3F82583697E3F07052435AA
C:\Windows\System32\Drivers\Fs_Rec.sys BB82CC2F51F7C3D5DCD13FA3B040D8F8
C:\WINDOWS\System32\DRIVERS\fvevol.sys 69C669540A850553AF9589DB05A2A7D0
C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\WINDOWS\System32\drivers\vmgencounter.sys 3B5DDF1061930A0A891FA63DB0CB878B
C:\WINDOWS\System32\drivers\genericusbfn.sys 8B34E3F794F652082D7E8AF112F71681
C:\WINDOWS\System32\Drivers\msgpioclx.sys 127C23F4720C8902A3AB0FEE12205317
C:\WINDOWS\System32\drivers\gpuenergydrv.sys C7DEA3458E50B691E69EFF0B47CBCCDB
C:\WINDOWS\System32\drivers\HDAudBus.sys 99A34FD1F6431A10D8C3BB50E170D0F2
C:\WINDOWS\System32\drivers\HidBatt.sys 2443FC6EEB9CF092B62127D867901B02
C:\WINDOWS\System32\drivers\hidbth.sys 205043CDC16ADE85E252DD54AE925161
C:\WINDOWS\System32\drivers\hidi2c.sys B521DDDC9038C066B1B957BF063A531A
C:\WINDOWS\System32\drivers\hidinterrupt.sys 5AC0EBFA76E93273A806176D3178E986
C:\WINDOWS\System32\drivers\hidir.sys 366AC0E05EBF5D5C375F65CD8BC7F0DF
C:\WINDOWS\System32\drivers\hidusb.sys 7CB54D02746024648FCE184FC3F941FF
C:\WINDOWS\System32\DRIVERS\hpdskflt.sys 38ED231A9E3176E1E0272BF5AD4860E8
C:\WINDOWS\System32\drivers\HpSAMD.sys 835FB95D85D362057A72D21A48C2C7F8
C:\WINDOWS\System32\drivers\HTTP.sys 717D6E92D0143BCC4C36976BFFD94753
C:\WINDOWS\System32\drivers\hvservice.sys 9F2CFC90306532866C62BDCDFD2532AA
C:\WINDOWS\System32\Drivers\mshwnclx.sys 3737FE486929AFC48F1D10677B698E52
C:\WINDOWS\System32\drivers\hwpolicy.sys 3C65EBF7F1BFD98426C355D66876ECEE
C:\WINDOWS\System32\drivers\hyperkbd.sys 7E00234C67A322988AFEA717D5609C9E
C:\WINDOWS\System32\drivers\HyperVideo.sys FBF5BB641DE99AE1DF4835E88D4F8993
C:\WINDOWS\System32\drivers\i8042prt.sys 56FF074E50F9042FD2856AB3418F4B18
C:\WINDOWS\System32\drivers\iagpio.sys B5EC43755E62591197DE5CBBDAA9FEB7
C:\WINDOWS\System32\drivers\iai2c.sys D8CA23F9C5FEF44296FDE1E005C06EC0
C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys 7B769C9D19C013F94874C4B15D59A005
C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys E0F1B3A2A70FABE3BE1C9140BB55E607
C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys 89A869BCC0588A3009ECB875B09ECD39
C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys 2E693DF3C02A0859DB8DE25772751100
C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 16A10CCEDCF5AC4CAAE43DC9FC40392F
C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys EB82A11613326691508D9ED9A4FE29E7
C:\WINDOWS\System32\drivers\iaStorA.sys 0A34D806EF2767E62CAFEA1A150A8830
C:\WINDOWS\System32\drivers\iaStorAV.sys 435883A27A376B125BD4DF888417C85F
C:\WINDOWS\System32\drivers\iaStorV.sys 7118E4390C4ACDE61E280CE52BCAF44E
C:\WINDOWS\System32\drivers\ibbus.sys 9DBE8C359ABACE1BE1BBAB687D114506
C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 32F5DCDDC3D4DF6DDA96CD29C8FC51A4
C:\WINDOWS\System32\drivers\IndirectKmd.sys 42CAF6216A6E516DC56BA319ACC7EEC5
C:\WINDOWS\system32\drivers\intelaud.sys 5950F69F9B345952F3C2275C39EA393B
C:\WINDOWS\system32\drivers\RTKVHD64.sys 09BA0096C574C5600B6A7A8D7049A7E4
C:\WINDOWS\system32\DRIVERS\IntcDAud.sys E300D1E37B737ED14F7A08CD5604E5D9
C:\WINDOWS\System32\drivers\intelide.sys 40943C1CD031ACE06A8374AD56B9E5EA
C:\WINDOWS\System32\drivers\intelpep.sys 327D9CCF5492543AEF3979F9EEAD02BE
C:\WINDOWS\System32\drivers\intelppm.sys 10F2757836F41BFAEA2AE19F6FE869B2
C:\WINDOWS\System32\drivers\invdimm.sys 8387E90B551B9B7F32EDC69909591E9E
C:\WINDOWS\System32\drivers\iorate.sys E207078E0E1BB3524277DB9077E4148E
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys FD8F64B7B345E539F2EA7F72846F83B4
C:\WINDOWS\System32\drivers\IPMIDrv.sys 8AAB863E72A4F9C578FED2EE3541545B
C:\WINDOWS\System32\drivers\ipnat.sys 7BEC2AF23F586EFF0DB4DBF4331B0C70
C:\WINDOWS\System32\drivers\ipt.sys 35A54F19E703D4FE5919F812F6CC5D0A
C:\WINDOWS\system32\drivers\irda.sys 359CDDBC825959DA28FA886B3C271B53
C:\WINDOWS\System32\drivers\irenum.sys F88664A2A82DDA456180FFF95A771765
C:\WINDOWS\System32\drivers\isapnp.sys 2296B158C43C306B0AC5B4D57EA9F0E1
C:\WINDOWS\System32\drivers\msiscsi.sys 2DC0765992CFECE3B13F3BFD20E69DCC
C:\WINDOWS\System32\drivers\iwdbus.sys F1D3A377ED9BA1CA449824C41CAF104C
C:\WINDOWS\System32\drivers\kbdclass.sys E320F986BBE0CD9324EA0A193EBF29B1
C:\WINDOWS\System32\drivers\kbdhid.sys AFF5DDCC1A79217C9526FF5E01A69E89
C:\WINDOWS\System32\drivers\kdnic.sys 916E62AF3386F7A74603E5C545F6FF2D
C:\WINDOWS\System32\Drivers\ksecdd.sys 69FA8BEBADF807089FEFCD3F59CFAC1E
C:\WINDOWS\System32\Drivers\ksecpkg.sys C1081E2B36F77781167FD9401119B98E
C:\WINDOWS\system32\drivers\ksthunk.sys DD8C4726127CFE313233372D70787C37
C:\WINDOWS\System32\drivers\lltdio.sys CB5A6E117502156794F0DA9E61506006
C:\WINDOWS\System32\drivers\lsi_sas.sys 20048BEE892138A745B1C23EBB0E069F
C:\WINDOWS\System32\drivers\lsi_sas2i.sys 9EAB16572B576979D585DDEDB12417CD
C:\WINDOWS\System32\drivers\lsi_sas3i.sys 3B7B359C0870317106DF3438D4FF491D
C:\WINDOWS\System32\drivers\lsi_sss.sys 2DE03BA338A4B0ACDB416A30F1C7D56F
C:\WINDOWS\system32\drivers\luafv.sys 9A497169E145FCE2D8AA7DBC67377F64
C:\WINDOWS\System32\drivers\mausbhost.sys BF56CB9D02DEE8CA9CBA50220BE16F15
C:\WINDOWS\System32\drivers\mausbip.sys 01BDEE1FFF6D2216797DFEE4ABD937D9
C:\WINDOWS\System32\drivers\megasas.sys C7B8B5053D646CBD30BE1BA6B487D396
C:\WINDOWS\System32\drivers\MegaSas2i.sys EB8ED3204499DDB2D3BA094A4563EE3E
C:\WINDOWS\System32\drivers\megasr.sys F1C1D4E752DE1D58295040E5BE8813AF
C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys E0EF6C1399A9B1AAA0B28590411BED04
C:\WINDOWS\System32\drivers\mlx4_bus.sys 16B078D1089FEA98710C9D07C152DCEE
C:\WINDOWS\system32\drivers\mmcss.sys 20C57CE47B1A877C48A4B68E9A4E21FA
C:\WINDOWS\System32\drivers\modem.sys A4467A5C080318F0CCCF5ED463821F8B
C:\WINDOWS\System32\drivers\monitor.sys 78BE85C1F1C7F3AF6C87BCE127007D5A
C:\WINDOWS\System32\drivers\mouclass.sys 8E262B34A8BD184B4B3025AA8C396B00
C:\WINDOWS\System32\drivers\mouhid.sys C094A555F148495EA130D3BBC5232D5E
C:\WINDOWS\System32\drivers\mountmgr.sys 6434BC884502E95EEA2379C92DD22B60
C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8F6D2CA4-BB06-4228-A775-5189EDBD5EA4}\MpKsl2a2ccae3.sys FD4BC5A31AE7C81B7D34BB8A78371B6D
C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8F6D2CA4-BB06-4228-A775-5189EDBD5EA4}\MpKsle39c5e55.sys BF2513029E231BE96D82F7C3ABFF87F4
C:\WINDOWS\System32\drivers\mpsdrv.sys F36E4074C66DD31855A8D79EF0AE8066
C:\WINDOWS\system32\drivers\mrxdav.sys 215D672CB71987CD98EB2298EFB84DDC
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 34898F29BF0E9A84E183046318D17814
C:\WINDOWS\System32\DRIVERS\mrxsmb10.sys 6537678DEEA2A5B079052D75E21E46DA
C:\WINDOWS\System32\DRIVERS\mrxsmb20.sys 87FF93E7420C9068C0D5B2F3109809F4
C:\WINDOWS\System32\drivers\bridge.sys 167408B38458ECAE545C57527BC99024
C:\Windows\System32\Drivers\Msfs.sys AE111778CA6AC08862B3C713F0413333
C:\WINDOWS\System32\drivers\msgpiowin32.sys 6DDDFCAB646BBBCFC583135C4430E10F
C:\WINDOWS\System32\drivers\mshidkmdf.sys 01C6A86BEA8279E557A5056148F068BF
C:\WINDOWS\System32\drivers\mshidumdf.sys F65ABC7DE945047147F17330F79732CB
C:\WINDOWS\System32\drivers\msisadrv.sys 05B23012427801E710BDD12720B9020B
C:\WINDOWS\System32\drivers\MSKSSRV.sys B25B2CD3E052D68075A3814AAA0C6421
C:\WINDOWS\System32\drivers\mslldp.sys C3F5EA6B9041A30B4F11BE2E7863E487
C:\WINDOWS\System32\drivers\MSPCLOCK.sys 601D666820F0408B896791D19BE6D258
C:\WINDOWS\System32\drivers\MSPQM.sys 46E61FBA0097E48E5628C74A3F72233A
C:\Windows\System32\Drivers\MsRPC.sys 4EB9B77179BDEE89C496E60D4BF85CC1
C:\WINDOWS\System32\drivers\mssmbios.sys CBD56E0B55FB3672BA80382EC2F8835C
C:\WINDOWS\System32\drivers\MSTEE.sys 5734B2A36D3BB13A638E5305EEEC582D
C:\WINDOWS\System32\drivers\MTConfig.sys 85270E0DC6907C6B99F72A36F17AED34
C:\WINDOWS\System32\Drivers\mup.sys DB5B1539F5EBB3DD3A7ED25ADBC4D6D9
C:\WINDOWS\System32\drivers\mvumis.sys 3C57FF3BCF496D24C39C2198158864BB
C:\WINDOWS\System32\DRIVERS\nwifi.sys 8A9CD53B0FBE679116638120CCBB201E
C:\WINDOWS\System32\drivers\ndfltr.sys 77B047B109CE758A017F58FAE5038D0D
C:\WINDOWS\System32\drivers\ndis.sys 7FF306C78B0DC31192657B47539D5688
C:\WINDOWS\System32\drivers\ndiscap.sys 067AE5BA349CC35AF8975D22DC483DDF
C:\WINDOWS\System32\drivers\NdisImPlatform.sys 6FC4D7EB5D38CFB7966405036116F065
C:\WINDOWS\System32\DRIVERS\ndistapi.sys ED7CC4E16B76B2603C9F827188EA63B4
C:\WINDOWS\System32\drivers\ndisuio.sys 8D977AFC195A3F4B15B05D02B2BD0292
C:\WINDOWS\System32\drivers\NdisVirtualBus.sys DC1D26D62F40B7552BCF49D92774F0C5
C:\WINDOWS\System32\drivers\ndiswan.sys 66F56AC744101DB870934D0EB31C2426
C:\WINDOWS\System32\DRIVERS\ndiswan.sys 66F56AC744101DB870934D0EB31C2426
C:\WINDOWS\System32\DRIVERS\NDProxy.sys 8ABF5B8D5839F8DAE2E0D3165AE732F6
C:\WINDOWS\System32\drivers\Ndu.sys A791792DC412CCD83DA0AF6871682552
C:\WINDOWS\System32\drivers\NetAdapterCx.sys BE79982A50AC88BC0765F3AFECFCB596
C:\WINDOWS\System32\drivers\netbios.sys E899D26A0C2555AC30ACDD526056E51F
C:\WINDOWS\System32\DRIVERS\netbt.sys 7FC54F2AF5EC52C7AC05AD90FFC757E6
C:\WINDOWS\System32\drivers\netvsc.sys 680EB4AEA08EAC80C384E90E430DF16D
C:\Windows\System32\Drivers\Npfs.sys 84EB8F01B140618518AFF30B9951F132
C:\WINDOWS\System32\drivers\npsvctrig.sys 5CB8082E51DE7D19042F0FF8C517CB0D
C:\WINDOWS\System32\drivers\nsiproxy.sys 958921BB7AE2671983743FDA0DD587C4
C:\Windows\System32\Drivers\NTFS.sys E20EC8E25969ABD9F5FED6EDEA57EC0C
C:\Windows\System32\Drivers\Null.sys 0D1E03A5F87F4DE04D97622C686910A2
C:\WINDOWS\System32\drivers\nvdimmn.sys 532F27A2B62D70C327E763F035AED6C1
C:\WINDOWS\System32\drivers\nvraid.sys 7E04652EB1A476BC0A72ECDC613AF0C5
C:\WINDOWS\System32\drivers\nvstor.sys 880B3E874914DAEF97119876543AE117
C:\WINDOWS\System32\drivers\parport.sys 2E07EC2C1622F5E7B535D62DCD61F3AB
C:\WINDOWS\System32\drivers\partmgr.sys 023DDF9DE429B2E6F0BADA72AA98EF8B
C:\WINDOWS\System32\drivers\pci.sys 9BF965EE361849567DB1664BEDFA9569
C:\WINDOWS\System32\drivers\pciide.sys E5AF806815ED797086629741F29E4156
C:\WINDOWS\System32\drivers\pcmcia.sys 2A631D447B988AFBE847CBAA8E5CC298
C:\WINDOWS\System32\drivers\pcw.sys ACD510CF2B631A2D36B2CFB7D31E22FD
C:\WINDOWS\System32\drivers\pdc.sys 1796112EB89559910BC18865A29C8894
C:\WINDOWS\System32\drivers\peauth.sys F21127EDE5D72090A1B029AFF4AFFD17
C:\WINDOWS\System32\drivers\percsas2i.sys 35FD028E4323018202C0B7D115FD3AEF
C:\WINDOWS\System32\drivers\percsas3i.sys F9F3D8BE9BC9241CC726197261362AC4
C:\WINDOWS\System32\drivers\pmem.sys 36D43EA5517F3F4AAAC8EE061C957EF1
C:\WINDOWS\System32\drivers\pnpmem.sys 59048555B59FD69287CFAB6022B5CC86
C:\WINDOWS\System32\drivers\raspptp.sys AACA74DEF7BE3DED322411787494878B
C:\WINDOWS\System32\drivers\processr.sys B1111C47F128C946BDC87A18E44007EB
C:\WINDOWS\System32\drivers\pacer.sys 5818FE76C3C6AE0CA723EBE483BF447F
C:\WINDOWS\system32\drivers\qwavedrv.sys 16F9A6B593B52EB18F7ECB9D251BDF7A
C:\WINDOWS\System32\DRIVERS\ramdisk.sys 13600C467512147E99052806F2C1307A
C:\WINDOWS\System32\DRIVERS\rasacd.sys F57D1DE0C9522BCD590A69D044641B5A
C:\WINDOWS\System32\drivers\AgileVpn.sys ED0EE10911C16AD8B21B9003C90E968F
C:\WINDOWS\System32\drivers\rasl2tp.sys E0220BB6580D34001D4D1D133052DAA4
C:\WINDOWS\System32\DRIVERS\raspppoe.sys 12EE1D92F4E5FAE4B6F65195A2016CE5
C:\WINDOWS\System32\drivers\rassstp.sys 91CE469015979E5B3C3DBC2C41A476E8
C:\WINDOWS\System32\DRIVERS\rdbss.sys 4525664EFB5EB71D4B155405F78D93DB
C:\WINDOWS\System32\drivers\rdpbus.sys 8A5285B38A203D15110E142DE68406DD
C:\WINDOWS\System32\drivers\rdpdr.sys DF83769C92527DB50653F8FB57D001FF
C:\WINDOWS\System32\drivers\rdpvideominiport.sys 4D1A63ACEC42A88E52AFC4E84A8CE9EE
C:\WINDOWS\System32\drivers\rdyboost.sys 12AF835862F2B6B2FB9DEA8BA2288587
C:\Windows\System32\Drivers\ReFS.sys FB0577F6BC9E07549CEACF5224327499
C:\Windows\System32\Drivers\ReFSv1.sys 4136BCA61BCDCC79DCE145F9CB639CD6
C:\WINDOWS\System32\drivers\rhproxy.sys BBC228CA2F96B784B01FE7F1C5E3CFBB
C:\WINDOWS\System32\drivers\rspndr.sys 27B80E5766B114621980F82FB78E912A
C:\WINDOWS\System32\drivers\Rt630x64.sys CFE738C524F35B6E523A4D0F54840C30
C:\WINDOWS\system32\DRIVERS\RtsPer.sys 53FC65C60661B26BB8A47750306FEDF5
C:\WINDOWS\system32\DRIVERS\rtwlane.sys 8245240721FE1614ADA6E4A22CD2FFCD
C:\WINDOWS\System32\drivers\vms3cap.sys F0FA6B67B16EEFDEF8E8AFAD47A4F9B8
C:\WINDOWS\System32\drivers\sbp2port.sys 324FA3C337EB54B43448F7B08444DC8D
C:\WINDOWS\System32\DRIVERS\scfilter.sys 62A33CE69DB508BCEC63F4D3BFF400CE
C:\WINDOWS\System32\drivers\scmbus.sys 7B057373146CC4E5A1F1DA665EA55DC7
C:\WINDOWS\System32\drivers\sdbus.sys 0FB6CCFA52FE5AD0B8D86E8AB370EF34
C:\WINDOWS\System32\drivers\SDFRd.sys 6D3853838864886B4F10B074282772E0
C:\WINDOWS\System32\drivers\sdstor.sys C289832A3174DC9D393C7603C511DF79
C:\WINDOWS\System32\drivers\SerCx.sys 75A27472AFD009255DBDE52038E3BDB5
C:\WINDOWS\System32\drivers\SerCx2.sys 84005F54308109A022413D628E966412
C:\WINDOWS\System32\drivers\serenum.sys 40384793F74CFFA45BCC38DF65E978EC
C:\WINDOWS\System32\drivers\serial.sys 699470AD24D67908991A777716A352FD
C:\WINDOWS\System32\drivers\sermouse.sys 92453F065F52A8EF0328A926B2C9502F
C:\WINDOWS\System32\drivers\sfloppy.sys 1D8920C40F19B5FBA5F4897779840AD1
C:\WINDOWS\System32\drivers\SiSRaid2.sys A871F9CC9CF388DC7193D22EF8D8C8DF
C:\WINDOWS\System32\drivers\sisraid4.sys D30FC341550CC364880950152AE8B1C5
C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys 4193B29035FF31655A2A2D820FDEFCCA
C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys C67697A38E6D646F97EFF462DED68CF3
C:\WINDOWS\System32\drivers\spaceport.sys B2ABF0F8A49752B5CD9DEE2EADF7416A
C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys CCECE7E96B4F7B0E9F0FC82F6DADA917
C:\WINDOWS\System32\drivers\SpbCx.sys 545507AF670BC88B89200A118513ED9A
C:\WINDOWS\System32\DRIVERS\srv.sys 485BABF47A46EB298AB11E447B0D800C
C:\WINDOWS\System32\DRIVERS\srv2.sys 41181D890542EB0E8D9822F73F9FD5D7
C:\WINDOWS\System32\DRIVERS\srvnet.sys 43480B3EE4D23F5AA8EE7C6D83B09487
C:\WINDOWS\System32\drivers\stexstor.sys 162A805E13B3C0DD06AE8B6FC1900156
C:\WINDOWS\system32\DRIVERS\serscan.sys 0690CE515A295BD101415C7E411C43F3
C:\WINDOWS\System32\drivers\storahci.sys DD1F00B80DDD12252B7B228ABCE181A9
C:\WINDOWS\System32\drivers\vmstorfl.sys A12CFAAA0F113A25D8CEFE58B1CBB207
C:\WINDOWS\System32\drivers\stornvme.sys B6F8D1FA73F6E102AEA60D2BBD1DDF78
C:\WINDOWS\System32\drivers\storqosflt.sys 57377953F5688158054BC8CB5A243115
C:\WINDOWS\System32\drivers\storufs.sys B59D29E535AF7E82717C2AD2C57EEC67
C:\WINDOWS\System32\drivers\storvsc.sys 9B431079624306B5659B3B7208A71C75
C:\WINDOWS\System32\drivers\swenum.sys 027B27E4B9DB3931D64159B81BD915A0
C:\WINDOWS\System32\drivers\Synth3dVsc.sys AB15F9FDCD11D5283891BC956E8C5C95
C:\WINDOWS\system32\DRIVERS\SynTP.sys 347F4B8DC1CAA234474AE79BF5207E2B
C:\WINDOWS\System32\drivers\tcpip.sys 9900BD38D592CF4EE6F2EAE3847A24D8
C:\WINDOWS\System32\drivers\tcpip.sys 9900BD38D592CF4EE6F2EAE3847A24D8
C:\WINDOWS\System32\drivers\tcpipreg.sys 74A1BF4093FA7B7D6C9366A39911A78E
C:\WINDOWS\system32\DRIVERS\tdx.sys 571D82ABAC428D902ACA0CF60373C039
C:\WINDOWS\System32\drivers\terminpt.sys B4B68E1DB59456419D9E49645729502A
C:\WINDOWS\System32\drivers\tpm.sys 1658D060057C85DEC82BFCB018C4C22F
C:\WINDOWS\System32\drivers\TsUsbFlt.sys 8D811209E34358EAD3FD8E40F657E59C
C:\WINDOWS\System32\drivers\TsUsbGD.sys 68DE1735FB020AE8948BD7B60F2EBD3B
C:\WINDOWS\System32\drivers\tunnel.sys ACD39B0E5CFDA7B1AB7DF33FC5CC0E46
C:\WINDOWS\System32\drivers\uaspstor.sys 04FC2C7F73AE58BF0DD674164E28A6DF
C:\WINDOWS\System32\Drivers\UcmCx.sys E437FC4B1833F6B745184F78C4921FB8
C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys 950A3E42167904CAB9AA64863C31CEB5
C:\WINDOWS\System32\drivers\UcmUcsi.sys 149CBBB74DFC3E52F242029A27B0F8EB
C:\WINDOWS\System32\drivers\ucx01000.sys E6E91B3980A495D2A9D28A09580EA993
C:\WINDOWS\System32\drivers\udecx.sys DACA289DFFA7658C04FEF6DCFA2AA9CE
C:\WINDOWS\System32\DRIVERS\udfs.sys 12383D410AEF99AD6979A8EFD3D61888
C:\WINDOWS\System32\drivers\UEFI.sys AB7FE51D818B6059C2F56FA62268CCAC
C:\WINDOWS\System32\drivers\ufx01000.sys 58447F28E697A93521DD20530A8D50ED
C:\WINDOWS\System32\drivers\UfxChipidea.sys 69ED2D00A7787D9D84E6C90CE0B02B2D
C:\WINDOWS\System32\drivers\ufxsynopsys.sys F061EC57330FBC597A4E7298BE667780
C:\WINDOWS\System32\drivers\umbus.sys D40BCED160D332005AF612E1228825E6
C:\WINDOWS\System32\drivers\umpass.sys 64CF24D7B1FA4975C52A31BF4C82EB73
C:\WINDOWS\System32\drivers\urschipidea.sys ACE4C3B4C7D17B154FFC5BBE5F7A9835
C:\WINDOWS\System32\drivers\urscx01000.sys ECE40EB976A5ACB366808AECF6B235BA
C:\WINDOWS\System32\drivers\urssynopsys.sys EB738F830D3E7EA62A218F101EF91FD4
C:\WINDOWS\System32\Drivers\usbaapl64.sys F957092C63CD71D85903CA0D8370F473
C:\WINDOWS\System32\drivers\usbccgp.sys B43E28E5CF868517EEC0923AB2BC366B
C:\WINDOWS\System32\drivers\usbcir.sys 1080D80B5F6D249F23BAE1C0C36233A4
C:\WINDOWS\System32\drivers\usbehci.sys EE162DA2C92026A5B96ED89737975AA8
C:\WINDOWS\System32\drivers\usbhub.sys C27FEE9758E3BEDE4D48B5EDBE1122CF
C:\WINDOWS\System32\drivers\UsbHub3.sys 4FA9C956E569D0D380C2859542361780
C:\WINDOWS\System32\drivers\usbohci.sys 44B954306BB2B311E070EDA276FECAB1
C:\WINDOWS\System32\drivers\usbprint.sys EEF26F9034F0608B93D4D239534BB0BA
C:\WINDOWS\System32\drivers\usb80236.sys 034782171B85B5FA747256017949269B
C:\WINDOWS\System32\drivers\usbser.sys 913CFF365DB1803525DBD2AA8B8188B4
C:\WINDOWS\System32\drivers\USBSTOR.SYS 441CAE778B6A1FF6E618E37814A7A52A
C:\WINDOWS\System32\drivers\usbuhci.sys 2D6BB2157B37B2D9DABF8C218F2A805B
C:\WINDOWS\System32\Drivers\usbvideo.sys 68788AE61B2E6A7D97CAD73B632F5BF5
C:\WINDOWS\System32\drivers\USBXHCI.SYS 41E5A6188180DC72BCECA999ED2532D4
C:\WINDOWS\System32\drivers\vdrvroot.sys C77C537077822D8EA529AD4EBFD971D6
C:\WINDOWS\System32\drivers\VerifierExt.sys 9D4EEE333603F3675685F644053499D5
C:\WINDOWS\System32\drivers\vhdmp.sys 9240C24121E3A581F8BC198413AEA06E
C:\WINDOWS\System32\drivers\vhf.sys E10FEBB566E1F0A3936AB304F338637E
C:\WINDOWS\System32\drivers\vmbus.sys 079B4378614A40A308F9C721A50C7B87
C:\WINDOWS\System32\drivers\VMBusHID.sys DC9E0600B356258E31403789119C78A9
C:\WINDOWS\System32\drivers\vmgid.sys B24F74B2710B66F647419697BDB9E163
C:\WINDOWS\System32\drivers\vnvdimm.sys D81F6B790519A60F3D1788B45D04B749
C:\WINDOWS\System32\drivers\volmgr.sys C9052650BBF2124CD525A26D5C2A6671
C:\WINDOWS\System32\drivers\volmgrx.sys 6D6CACED512C1EF1FEAC215E37E3A9BC
C:\WINDOWS\System32\drivers\volsnap.sys 5B27846CF4B1C21AFB3A35A8336BA02F
C:\WINDOWS\System32\drivers\volume.sys 72A95A844D6BAF2924A4C15BEDFD6BCA
C:\WINDOWS\System32\drivers\vpci.sys 702273C7C1BE9D366BAF1305D382F03C
C:\WINDOWS\System32\drivers\vsmraid.sys 075CE3C9E77D2666AFA888951E5F07A9
C:\WINDOWS\System32\drivers\vstxraid.sys 26D00E85BE4726B114335250FCDEDA89
C:\WINDOWS\System32\drivers\vwifibus.sys 3DFDB573E4D49EA8F416B573525B7A86
C:\WINDOWS\System32\drivers\vwififlt.sys A40FA64655AB5B8773A96A821616C5FC
C:\WINDOWS\System32\drivers\vwifimp.sys 0D34F98DBDF09D239533AC345C360F03
C:\WINDOWS\System32\drivers\wacompen.sys 5B5430522E0BDF2A753D758710BE7C5E
C:\WINDOWS\System32\DRIVERS\wanarp.sys 1FC3A8FB032B62A88283BC8113FDF1C5
C:\WINDOWS\System32\DRIVERS\wanarp.sys 1FC3A8FB032B62A88283BC8113FDF1C5
C:\WINDOWS\system32\drivers\wcifs.sys 520E4FD6B5BF5349DD1499F2AEFB7C50
C:\WINDOWS\system32\drivers\wcnfs.sys 9DE3FDFF295F2534DF0A8B6FC4F06355
C:\WINDOWS\System32\drivers\WdBoot.sys 6FD8F1FBED780A7F3DF329C834E52AC5
C:\WINDOWS\System32\drivers\Wdf01000.sys FCC960498E3CD899F0A429F7CF9E77AD
C:\WINDOWS\System32\drivers\WdFilter.sys 7D182F0F227FC141C5D2085175BE05F6
C:\WINDOWS\System32\DRIVERS\wdiwifi.sys 2D50C46EFE924BC24F63A45D2DB1AA3A
C:\WINDOWS\System32\Drivers\WdNisDrv.sys 0D38C257A7B34A818726BA2F323B196E
C:\WINDOWS\System32\drivers\wdnsfltr.sys DF58AA71FBA55E15F572C93447696DEC
C:\WINDOWS\System32\drivers\wfplwfs.sys 8E101DF42D36E04EC610581BA478B38F
C:\WINDOWS\System32\drivers\wimmount.sys C8D3FC38426E990E2787771678B19C6D
C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys 0484B0D01EA6F7017519EBDDBADE759D
C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys 813EE0F4D4B8D599DB1968682D080732
C:\WINDOWS\System32\drivers\winmad.sys E23475E9150E6A50B12DB176EA5CDD56
C:\WINDOWS\System32\drivers\winnat.sys EABEF39BBEEDB3845C36893931DADCD1
C:\WINDOWS\System32\drivers\WinUSB.SYS E92F3539C4758F6A9F4B80CBAC75B3E6
C:\WINDOWS\System32\drivers\winverbs.sys 59126AFCC64270747B5CC9B44A4A48F4
C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys 4F2A80D65AE6F845776E2F06AE6782ED
C:\WINDOWS\System32\drivers\wmiacpi.sys E8C793ED028E132771988760819E3754
C:\Windows\System32\Drivers\Wof.sys 8D6E6F6C233AF450C50FA615530B44D2
C:\WINDOWS\System32\drivers\WpdUpFltr.sys 9EAE1EF282864674355B4B81DF6AE935
C:\WINDOWS\system32\drivers\ws2ifsl.sys 367B3ED0C688AFE28C376B0230814567
C:\WINDOWS\System32\drivers\WSDPrint.sys 7B44553610A89F2011CF69BEA9AFD4CB
C:\WINDOWS\system32\DRIVERS\WSDScan.sys 8068DC839C3729FFC70821FBEF05D5ED
C:\WINDOWS\System32\drivers\WudfPf.sys BD5E68B369DF3453A0A87663C6C5476D
C:\WINDOWS\System32\drivers\WudfRd.sys A86A249314FD0A780214028B0C31A386
C:\WINDOWS\system32\DRIVERS\WUDFRd.sys A86A249314FD0A780214028B0C31A386
C:\WINDOWS\System32\drivers\xboxgip.sys 2244A4CEFE8F9C74091369ACE2E9EBC6
C:\WINDOWS\System32\drivers\xinputhid.sys 4A91B49C6B1E41151D47CB919ADF013A
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Three Months Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-25 16:57 - 2018-01-25 17:08 - 000000000 ____D C:\FRST
2018-01-25 16:28 - 2018-01-25 16:28 - 000000810 _____ C:\Users\dennis\Downloads\3D Objects - Shortcut.lnk
2018-01-18 17:58 - 2018-01-18 17:58 - 000000000 ____D C:\Users\dennis\Desktop\computer repair
2018-01-18 17:55 - 2018-01-18 17:58 - 000000000 ____D C:\Users\dennis\Desktop\scuba
2018-01-18 17:27 - 2018-01-18 17:27 - 000000000 ____D C:\Users\dennis\AppData\Local\GoToAssist Remote Support Customer
2018-01-18 17:27 - 2018-01-18 17:27 - 000000000 ____D C:\Users\dennis\AppData\Local\GoTo Opener
2018-01-12 21:58 - 2018-01-12 21:58 - 000000000 ____D C:\Users\dennis\AppData\Local\cache
2018-01-11 08:51 - 2018-01-01 12:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-01-11 08:51 - 2018-01-01 07:51 - 001055128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-01-11 08:51 - 2018-01-01 07:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-01-11 08:51 - 2018-01-01 07:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-01-11 08:51 - 2018-01-01 07:49 - 008605080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-11 08:51 - 2018-01-01 07:49 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-11 08:51 - 2018-01-01 07:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-01-11 08:51 - 2018-01-01 07:47 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-01-11 08:51 - 2018-01-01 07:46 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-11 08:51 - 2018-01-01 07:45 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-11 08:51 - 2018-01-01 07:45 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-01-11 08:51 - 2018-01-01 07:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-11 08:51 - 2018-01-01 07:42 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-01-11 08:51 - 2018-01-01 07:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-01-11 08:51 - 2018-01-01 07:41 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-01-11 08:51 - 2018-01-01 07:40 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-01-11 08:51 - 2018-01-01 07:39 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-01-11 08:51 - 2018-01-01 07:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-01-11 08:51 - 2018-01-01 07:38 - 003904808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-01-11 08:51 - 2018-01-01 07:37 - 001426664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-01-11 08:51 - 2018-01-01 07:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-01-11 08:51 - 2018-01-01 07:35 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-01-11 08:51 - 2018-01-01 07:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-01-11 08:51 - 2018-01-01 07:33 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-01-11 08:51 - 2018-01-01 07:32 - 004481240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-01-11 08:51 - 2018-01-01 07:27 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-01-11 08:51 - 2018-01-01 07:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-11 08:51 - 2018-01-01 07:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-01-11 08:51 - 2018-01-01 07:25 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-01-11 08:51 - 2018-01-01 06:46 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-01-11 08:51 - 2018-01-01 06:45 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-01-11 08:51 - 2018-01-01 06:42 - 006479552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-01-11 08:51 - 2018-01-01 06:42 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-01-11 08:51 - 2018-01-01 06:42 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-01-11 08:51 - 2018-01-01 06:37 - 025247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-01-11 08:51 - 2018-01-01 06:24 - 003668480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-01-11 08:51 - 2018-01-01 06:23 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-01-11 08:51 - 2018-01-01 06:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-01-11 08:51 - 2018-01-01 06:21 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-01-11 08:51 - 2018-01-01 06:20 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-11 08:51 - 2018-01-01 06:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-01-11 08:51 - 2018-01-01 06:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-01-11 08:51 - 2018-01-01 06:18 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-01-11 08:51 - 2018-01-01 06:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-01-11 08:51 - 2018-01-01 06:17 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-11 08:51 - 2018-01-01 06:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-11 08:51 - 2018-01-01 06:16 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-01-11 08:51 - 2018-01-01 06:16 - 000812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-01-11 08:51 - 2018-01-01 06:16 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-01-11 08:51 - 2018-01-01 06:16 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-11 08:51 - 2018-01-01 06:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-11 08:51 - 2018-01-01 06:14 - 023655936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-11 08:51 - 2018-01-01 06:14 - 002465280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-01-11 08:51 - 2018-01-01 06:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-01-11 08:51 - 2018-01-01 06:13 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-11 08:51 - 2018-01-01 06:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-11 08:51 - 2018-01-01 06:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-01-11 08:51 - 2018-01-01 06:12 - 001547776 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-11 08:51 - 2018-01-01 06:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-01-11 08:51 - 2018-01-01 06:11 - 008108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-01-11 08:51 - 2018-01-01 06:11 - 004748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-11 08:51 - 2018-01-01 06:11 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-01-11 08:51 - 2018-01-01 06:11 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-11 08:51 - 2018-01-01 06:09 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-01-11 08:51 - 2018-01-01 06:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-11 08:51 - 2018-01-01 06:08 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-01-11 08:51 - 2018-01-01 06:08 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-01-11 08:50 - 2018-01-01 07:54 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-11 08:50 - 2018-01-01 07:53 - 001090984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-11 08:50 - 2018-01-01 07:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-01-11 08:50 - 2018-01-01 07:51 - 001414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-11 08:50 - 2018-01-01 07:51 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-11 08:50 - 2018-01-01 07:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-01-11 08:50 - 2018-01-01 07:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-01-11 08:50 - 2018-01-01 07:50 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-01-11 08:50 - 2018-01-01 07:50 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-01-11 08:50 - 2018-01-01 07:49 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-01-11 08:50 - 2018-01-01 07:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-01-11 08:50 - 2018-01-01 07:48 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-01-11 08:50 - 2018-01-01 07:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-01-11 08:50 - 2018-01-01 07:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-01-11 08:50 - 2018-01-01 07:46 - 002709704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-11 08:50 - 2018-01-01 07:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-01-11 08:50 - 2018-01-01 07:46 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-01-11 08:50 - 2018-01-01 07:43 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-01-11 08:50 - 2018-01-01 07:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-01-11 08:50 - 2018-01-01 07:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-01-11 08:50 - 2018-01-01 07:42 - 001029016 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-01-11 08:50 - 2018-01-01 07:42 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-01-11 08:50 - 2018-01-01 07:42 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-01-11 08:50 - 2018-01-01 07:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-01-11 08:50 - 2018-01-01 07:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-01-11 08:50 - 2018-01-01 07:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-11 08:50 - 2018-01-01 07:39 - 000677784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-11 08:50 - 2018-01-01 07:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-01-11 08:50 - 2018-01-01 07:38 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-01-11 08:50 - 2018-01-01 07:38 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-01-11 08:50 - 2018-01-01 07:38 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-01-11 08:50 - 2018-01-01 07:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2018-01-11 08:50 - 2018-01-01 07:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-01-11 08:50 - 2018-01-01 07:36 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-01-11 08:50 - 2018-01-01 07:36 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-01-11 08:50 - 2018-01-01 07:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-01-11 08:50 - 2018-01-01 07:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-01-11 08:50 - 2018-01-01 07:35 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-01-11 08:50 - 2018-01-01 07:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-01-11 08:50 - 2018-01-01 07:34 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-01-11 08:50 - 2018-01-01 07:34 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2018-01-11 08:50 - 2018-01-01 07:33 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-01-11 08:50 - 2018-01-01 07:32 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-01-11 08:50 - 2018-01-01 07:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-01-11 08:50 - 2018-01-01 07:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-01-11 08:50 - 2018-01-01 07:23 - 021352144 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-11 08:50 - 2018-01-01 07:21 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-01-11 08:50 - 2018-01-01 07:21 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-01-11 08:50 - 2018-01-01 07:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-01-11 08:50 - 2018-01-01 07:03 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-01-11 08:50 - 2018-01-01 07:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-01-11 08:50 - 2018-01-01 07:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-01-11 08:50 - 2018-01-01 07:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-01-11 08:50 - 2018-01-01 06:53 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-01-11 08:50 - 2018-01-01 06:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-01-11 08:50 - 2018-01-01 06:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-01-11 08:50 - 2018-01-01 06:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-01-11 08:50 - 2018-01-01 06:45 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-01-11 08:50 - 2018-01-01 06:45 - 002192624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-11 08:50 - 2018-01-01 06:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-01-11 08:50 - 2018-01-01 06:43 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-11 08:50 - 2018-01-01 06:42 - 004644912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-01-11 08:50 - 2018-01-01 06:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-01-11 08:50 - 2018-01-01 06:42 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2018-01-11 08:50 - 2018-01-01 06:42 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-01-11 08:50 - 2018-01-01 06:42 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2018-01-11 08:50 - 2018-01-01 06:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-11 08:50 - 2018-01-01 06:25 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-01-11 08:50 - 2018-01-01 06:25 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-01-11 08:50 - 2018-01-01 06:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-01-11 08:50 - 2018-01-01 06:25 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-01-11 08:50 - 2018-01-01 06:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-01-11 08:50 - 2018-01-01 06:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll
2018-01-11 08:50 - 2018-01-01 06:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-01-11 08:50 - 2018-01-01 06:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-01-11 08:50 - 2018-01-01 06:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2018-01-11 08:50 - 2018-01-01 06:23 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-01-11 08:50 - 2018-01-01 06:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-01-11 08:50 - 2018-01-01 06:23 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-01-11 08:50 - 2018-01-01 06:23 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-01-11 08:50 - 2018-01-01 06:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-01-11 08:50 - 2018-01-01 06:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-01-11 08:50 - 2018-01-01 06:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-01-11 08:50 - 2018-01-01 06:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-01-11 08:50 - 2018-01-01 06:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-01-11 08:50 - 2018-01-01 06:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-01-11 08:50 - 2018-01-01 06:21 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-01-11 08:50 - 2018-01-01 06:21 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2018-01-11 08:50 - 2018-01-01 06:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2018-01-11 08:50 - 2018-01-01 06:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2018-01-11 08:50 - 2018-01-01 06:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-01-11 08:50 - 2018-01-01 06:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-01-11 08:50 - 2018-01-01 06:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2018-01-11 08:50 - 2018-01-01 06:20 - 018917888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-01-11 08:50 - 2018-01-01 06:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2018-01-11 08:50 - 2018-01-01 06:20 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-01-11 08:50 - 2018-01-01 06:20 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 008014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-01-11 08:50 - 2018-01-01 06:19 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-01-11 08:50 - 2018-01-01 06:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-01-11 08:50 - 2018-01-01 06:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-01-11 08:50 - 2018-01-01 06:19 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-01-11 08:50 - 2018-01-01 06:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-01-11 08:50 - 2018-01-01 06:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 006564864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-01-11 08:50 - 2018-01-01 06:17 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-01-11 08:50 - 2018-01-01 06:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 003676672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-01-11 08:50 - 2018-01-01 06:16 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 006029312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-01-11 08:50 - 2018-01-01 06:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-01-11 08:50 - 2018-01-01 06:14 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-01-11 08:50 - 2018-01-01 06:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-01-11 08:50 - 2018-01-01 06:14 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-01-11 08:50 - 2018-01-01 06:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-01-11 08:50 - 2018-01-01 06:14 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-01-11 08:50 - 2018-01-01 06:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-01-11 08:50 - 2018-01-01 06:13 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-11 08:50 - 2018-01-01 06:13 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-01-11 08:50 - 2018-01-01 06:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-11 08:50 - 2018-01-01 06:13 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-01-11 08:50 - 2018-01-01 06:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-01-11 08:50 - 2018-01-01 06:12 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-01-11 08:50 - 2018-01-01 06:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-01-11 08:50 - 2018-01-01 06:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-01-11 08:50 - 2018-01-01 06:12 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-01-11 08:50 - 2018-01-01 06:11 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-11 08:50 - 2018-01-01 06:11 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-01-11 08:50 - 2018-01-01 06:11 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-01-11 08:50 - 2018-01-01 06:11 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-11 08:50 - 2018-01-01 06:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-01-11 08:50 - 2018-01-01 06:11 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-01-11 08:50 - 2018-01-01 06:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-01-11 08:50 - 2018-01-01 06:11 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-01-11 08:50 - 2018-01-01 06:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-11 08:50 - 2018-01-01 06:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-01-11 08:50 - 2018-01-01 06:10 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-01-11 08:50 - 2018-01-01 06:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-01-11 08:50 - 2018-01-01 06:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2018-01-11 08:50 - 2018-01-01 06:09 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-01-11 08:50 - 2018-01-01 06:09 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-01-11 08:50 - 2018-01-01 06:08 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-01-11 08:50 - 2018-01-01 06:08 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-11 08:50 - 2018-01-01 06:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-01-11 08:50 - 2018-01-01 06:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2018-01-11 08:50 - 2018-01-01 06:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-01-11 08:50 - 2018-01-01 06:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-01-11 08:50 - 2018-01-01 06:05 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-01-10 21:54 - 2017-12-22 08:45 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-01-10 21:54 - 2017-12-22 08:45 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-30 22:00 - 2017-12-30 22:00 - 000000000 ___HD C:\Users\dennis\MicrosoftEdgeBackups
2017-12-30 21:24 - 2017-11-26 15:32 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-12-30 21:23 - 2017-12-08 01:52 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-30 21:23 - 2017-12-07 18:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-12-30 21:23 - 2017-12-07 18:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-12-30 21:23 - 2017-12-07 18:28 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-12-30 21:23 - 2017-12-07 18:22 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-12-30 21:23 - 2017-12-07 18:16 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-12-30 21:23 - 2017-12-07 18:15 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-12-30 21:23 - 2017-12-07 17:55 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-12-30 21:23 - 2017-12-07 17:31 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-12-30 21:23 - 2017-12-07 17:10 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-30 21:23 - 2017-12-07 17:06 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2017-12-30 21:23 - 2017-12-07 17:05 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-30 21:23 - 2017-12-07 17:04 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2017-12-30 21:23 - 2017-12-07 17:04 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-12-30 21:23 - 2017-12-07 17:02 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-30 21:23 - 2017-12-07 17:02 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-12-30 21:23 - 2017-12-07 17:01 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-12-30 21:23 - 2017-12-07 17:00 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-30 21:23 - 2017-12-07 16:59 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-30 21:23 - 2017-12-07 16:59 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-30 21:23 - 2017-12-07 16:59 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-12-30 21:23 - 2017-12-07 16:58 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-12-30 21:23 - 2017-12-07 16:56 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-30 21:23 - 2017-11-26 15:35 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-12-30 21:23 - 2017-11-26 15:15 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-12-30 21:23 - 2017-11-26 08:45 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-12-30 21:23 - 2017-11-26 08:38 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-12-30 21:23 - 2017-11-26 08:30 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-12-30 21:23 - 2017-11-26 08:29 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-12-30 21:23 - 2017-11-26 08:29 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-12-30 21:23 - 2017-11-26 08:29 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-12-30 21:23 - 2017-11-26 08:29 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-12-30 21:23 - 2017-11-26 08:29 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-12-30 21:23 - 2017-11-26 08:28 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-12-30 21:23 - 2017-11-26 08:28 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-12-30 21:23 - 2017-11-26 08:28 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-12-30 21:23 - 2017-11-26 08:27 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-12-30 21:23 - 2017-11-26 08:27 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-12-30 21:23 - 2017-11-26 08:27 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-12-30 21:23 - 2017-11-26 08:23 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-12-30 21:23 - 2017-11-26 08:23 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-12-30 21:23 - 2017-11-26 08:21 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-30 21:23 - 2017-11-26 07:55 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-30 21:23 - 2017-11-26 07:55 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-12-30 21:23 - 2017-11-26 07:55 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-12-30 21:23 - 2017-11-26 07:26 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2017-12-30 21:23 - 2017-11-26 07:26 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-12-30 21:23 - 2017-11-26 07:25 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-12-30 21:23 - 2017-11-26 07:19 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-12-30 21:23 - 2017-11-26 07:18 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-12-30 21:23 - 2017-11-26 07:18 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-12-30 21:23 - 2017-11-26 07:17 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-12-30 21:23 - 2017-11-26 07:08 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-12-30 21:23 - 2017-11-26 07:05 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-12-30 21:23 - 2017-11-26 07:04 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-12-30 21:23 - 2017-11-26 07:04 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-12-30 21:23 - 2017-11-26 07:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-12-30 21:23 - 2017-11-26 07:03 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-12-30 21:23 - 2017-11-26 07:00 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-12-30 21:23 - 2017-11-26 06:59 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-12-30 21:23 - 2017-11-26 06:21 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-12-30 21:23 - 2017-11-26 06:21 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-12-30 21:23 - 2017-11-26 06:02 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2017-12-30 21:23 - 2017-11-26 06:01 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-12-30 21:23 - 2017-11-26 06:01 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-12-30 21:23 - 2017-11-26 06:01 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-12-30 21:23 - 2017-11-26 06:01 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-12-30 21:23 - 2017-11-26 06:00 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-12-30 21:23 - 2017-11-26 05:58 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-12-30 21:23 - 2017-11-26 05:58 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-12-30 21:23 - 2017-11-26 05:51 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-12-30 21:23 - 2017-11-26 05:41 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-12-30 21:23 - 2017-11-26 05:36 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-12-30 21:23 - 2017-11-26 05:31 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-12-30 21:23 - 2017-11-26 05:30 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-12-30 21:23 - 2017-11-26 05:30 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-12-30 21:23 - 2017-11-26 05:29 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-12-30 21:23 - 2017-11-26 05:28 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-12-30 21:23 - 2017-11-26 05:24 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-12-30 21:23 - 2017-11-19 02:35 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-12-30 21:23 - 2017-11-18 21:20 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-12-30 21:23 - 2017-10-25 04:11 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-12-30 21:23 - 2017-10-24 23:41 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-12-30 21:23 - 2017-10-24 23:40 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-12-30 21:23 - 2017-10-24 23:39 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-12-30 21:23 - 2017-10-24 23:37 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-12-30 21:23 - 2017-10-24 23:30 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-12-30 21:23 - 2017-10-24 23:29 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-12-30 21:23 - 2017-10-24 23:29 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-12-30 21:23 - 2017-10-24 23:27 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-12-30 21:23 - 2017-10-24 23:27 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-12-30 21:23 - 2017-10-24 23:20 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-12-30 21:23 - 2017-10-24 22:27 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-12-30 21:23 - 2017-10-24 22:27 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-12-30 21:23 - 2017-10-24 22:22 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-12-30 21:23 - 2017-10-24 22:22 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-12-30 21:23 - 2017-10-24 22:18 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-12-30 21:23 - 2017-10-24 22:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-12-30 21:23 - 2017-10-24 22:16 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-12-30 21:23 - 2017-10-24 22:16 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-12-30 21:23 - 2017-10-24 22:13 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-12-30 21:23 - 2017-10-24 22:11 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-12-30 21:23 - 2017-10-24 22:09 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-12-30 21:23 - 2017-10-24 22:08 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-12-30 21:23 - 2017-10-24 21:58 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-12-30 21:23 - 2017-10-20 00:08 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-12-30 21:23 - 2017-10-10 02:11 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-12-30 21:23 - 2017-10-10 01:54 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-12-30 21:23 - 2017-10-10 01:49 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-12-30 21:23 - 2017-10-10 01:31 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-12-30 21:23 - 2017-10-10 01:11 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-12-30 21:23 - 2017-10-10 01:07 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-12-30 21:23 - 2017-10-10 00:42 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-12-30 21:23 - 2017-10-10 00:31 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-12-30 21:23 - 2017-10-10 00:30 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-12-30 21:23 - 2017-10-10 00:24 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-12-30 21:22 - 2017-12-07 18:28 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-30 21:22 - 2017-12-07 18:27 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-12-30 21:22 - 2017-12-07 18:26 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-30 21:22 - 2017-12-07 18:24 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-30 21:22 - 2017-12-07 18:24 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-12-30 21:22 - 2017-12-07 18:24 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-12-30 21:22 - 2017-12-07 18:22 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-30 21:22 - 2017-12-07 18:22 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-12-30 21:22 - 2017-12-07 18:12 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2017-12-30 21:22 - 2017-12-07 17:56 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-12-30 21:22 - 2017-12-07 17:55 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-12-30 21:22 - 2017-12-07 17:37 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-30 21:22 - 2017-12-07 17:36 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-30 21:22 - 2017-12-07 17:33 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-12-30 21:22 - 2017-12-07 17:33 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-30 21:22 - 2017-12-07 17:12 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-30 21:22 - 2017-12-07 17:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-30 21:22 - 2017-12-07 17:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-30 21:22 - 2017-12-07 17:09 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2017-12-30 21:22 - 2017-12-07 17:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2017-12-30 21:22 - 2017-12-07 17:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-30 21:22 - 2017-12-07 17:09 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-30 21:22 - 2017-12-07 17:09 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2017-12-30 21:22 - 2017-12-07 17:08 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-30 21:22 - 2017-12-07 17:08 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-30 21:22 - 2017-12-07 17:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-30 21:22 - 2017-12-07 17:07 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2017-12-30 21:22 - 2017-12-07 17:07 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-30 21:22 - 2017-12-07 17:07 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-30 21:22 - 2017-12-07 17:07 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-12-30 21:22 - 2017-12-07 17:06 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-12-30 21:22 - 2017-12-07 17:06 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-30 21:22 - 2017-12-07 17:05 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2017-12-30 21:22 - 2017-12-07 17:05 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-30 21:22 - 2017-12-07 17:05 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2017-12-30 21:22 - 2017-12-07 17:05 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-12-30 21:22 - 2017-12-07 17:05 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2017-12-30 21:22 - 2017-12-07 17:05 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-30 21:22 - 2017-12-07 17:05 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-30 21:22 - 2017-12-07 17:05 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2017-12-30 21:22 - 2017-12-07 17:03 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-30 21:22 - 2017-12-07 17:03 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-12-30 21:22 - 2017-12-07 17:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-12-30 21:22 - 2017-12-07 17:03 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-30 21:22 - 2017-12-07 17:03 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2017-12-30 21:22 - 2017-12-07 17:02 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-12-30 21:22 - 2017-12-07 17:02 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-12-30 21:22 - 2017-12-07 17:01 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-12-30 21:22 - 2017-12-07 17:01 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-12-30 21:22 - 2017-12-07 17:01 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2017-12-30 21:22 - 2017-12-07 16:58 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-12-30 21:22 - 2017-12-07 16:58 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-30 21:22 - 2017-12-07 16:56 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-12-30 21:22 - 2017-12-07 16:54 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-30 21:22 - 2017-11-26 11:43 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-12-30 21:22 - 2017-11-26 08:45 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-12-30 21:22 - 2017-11-26 08:45 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-30 21:22 - 2017-11-26 08:41 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-12-30 21:22 - 2017-11-26 08:32 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-12-30 21:22 - 2017-11-26 08:31 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-12-30 21:22 - 2017-11-26 08:29 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-12-30 21:22 - 2017-11-26 08:29 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-12-30 21:22 - 2017-11-26 08:28 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-12-30 21:22 - 2017-11-26 08:27 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-12-30 21:22 - 2017-11-26 08:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-12-30 21:22 - 2017-11-26 08:23 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-12-30 21:22 - 2017-11-26 08:22 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-12-30 21:22 - 2017-11-26 08:21 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-30 21:22 - 2017-11-26 07:57 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-12-30 21:22 - 2017-11-26 07:55 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-12-30 21:22 - 2017-11-26 07:55 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-12-30 21:22 - 2017-11-26 07:55 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-12-30 21:22 - 2017-11-26 07:54 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-12-30 21:22 - 2017-11-26 07:54 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-12-30 21:22 - 2017-11-26 07:47 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-12-30 21:22 - 2017-11-26 07:43 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-12-30 21:22 - 2017-11-26 07:36 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-12-30 21:22 - 2017-11-26 07:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-12-30 21:22 - 2017-11-26 07:36 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-30 21:22 - 2017-11-26 07:36 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismp6.sys
2017-12-30 21:22 - 2017-11-26 07:35 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-12-30 21:22 - 2017-11-26 07:35 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-12-30 21:22 - 2017-11-26 07:34 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2017-12-30 21:22 - 2017-11-26 07:33 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2017-12-30 21:22 - 2017-11-26 07:31 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-12-30 21:22 - 2017-11-26 07:31 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-12-30 21:22 - 2017-11-26 07:29 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-12-30 21:22 - 2017-11-26 07:29 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2017-12-30 21:22 - 2017-11-26 07:28 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-12-30 21:22 - 2017-11-26 07:26 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-30 21:22 - 2017-11-26 07:25 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-12-30 21:22 - 2017-11-26 07:25 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-12-30 21:22 - 2017-11-26 07:25 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-12-30 21:22 - 2017-11-26 07:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-12-30 21:22 - 2017-11-26 07:19 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-12-30 21:22 - 2017-11-26 07:19 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2017-12-30 21:22 - 2017-11-26 06:59 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-12-30 21:22 - 2017-11-26 06:58 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-12-30 21:22 - 2017-11-26 06:48 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-12-30 21:22 - 2017-11-26 06:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2017-12-30 21:22 - 2017-11-26 06:01 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-12-30 21:22 - 2017-11-26 06:01 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2017-12-30 21:22 - 2017-11-26 06:00 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-12-30 21:22 - 2017-11-26 05:51 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-12-30 21:22 - 2017-11-26 05:41 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-12-30 21:22 - 2017-11-26 05:41 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-12-30 21:22 - 2017-11-26 05:41 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-12-30 21:22 - 2017-11-26 05:41 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-12-30 21:22 - 2017-11-26 05:40 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-12-30 21:22 - 2017-11-26 05:38 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2017-12-30 21:22 - 2017-11-26 05:37 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-12-30 21:22 - 2017-11-26 05:36 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-12-30 21:22 - 2017-11-26 05:36 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-12-30 21:22 - 2017-11-26 05:36 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-12-30 21:22 - 2017-11-26 05:35 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2017-12-30 21:22 - 2017-11-26 05:35 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-12-30 21:22 - 2017-11-26 05:35 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-12-30 21:22 - 2017-11-26 05:31 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-12-30 21:22 - 2017-11-26 05:24 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2017-12-30 21:22 - 2017-10-24 23:40 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-12-30 21:22 - 2017-10-24 23:31 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-12-30 21:22 - 2017-10-24 22:27 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-12-30 21:22 - 2017-10-24 22:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-12-30 21:22 - 2017-10-24 22:18 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-12-30 21:22 - 2017-10-24 22:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-12-30 21:22 - 2017-10-24 22:08 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-12-30 21:22 - 2017-10-24 22:07 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-12-30 21:22 - 2017-10-24 22:05 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-12-30 21:22 - 2017-10-24 22:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-12-30 21:22 - 2017-10-24 22:04 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-12-30 21:22 - 2017-10-24 22:02 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-12-30 21:22 - 2017-10-24 21:54 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-12-30 21:22 - 2017-10-10 01:49 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-12-30 21:22 - 2017-10-10 01:43 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-12-30 21:22 - 2017-10-10 01:06 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-12-30 21:22 - 2017-10-10 00:43 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-12-30 21:22 - 2017-10-10 00:43 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-12-30 21:22 - 2017-10-10 00:34 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-12-30 21:22 - 2017-10-10 00:34 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-12-30 21:22 - 2017-10-10 00:33 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-12-30 21:22 - 2017-10-10 00:33 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-12-30 21:22 - 2017-10-10 00:31 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-12-30 21:22 - 2017-10-03 17:42 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-12-30 21:22 - 2017-10-03 17:42 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-12-30 00:40 - 2017-12-30 00:54 - 000000000 ____D C:\Users\dennis\AppData\Local\PlaceholderTileLogoFolder
2017-12-30 00:39 - 2017-12-30 00:39 - 000000000 ____D C:\Users\dennis\AppData\Local\DBG
2017-12-30 00:06 - 2017-12-30 00:12 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-12-30 00:04 - 2017-12-30 00:06 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-12-30 00:04 - 2017-12-30 00:04 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-12-30 00:00 - 2017-12-30 00:00 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-12-30 00:00 - 2017-12-30 00:00 - 000000000 ____D C:\Program Files\MSBuild
2017-12-30 00:00 - 2017-12-30 00:00 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-12-30 00:00 - 2017-12-30 00:00 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-12-30 00:00 - 2017-12-30 00:00 - 000000000 ____D C:\inetpub
2017-12-30 00:00 - 2017-09-28 18:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-12-30 00:00 - 2017-09-28 18:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-12-30 00:00 - 2017-09-28 18:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-12-30 00:00 - 2017-09-22 21:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-12-30 00:00 - 2017-09-22 21:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-12-30 00:00 - 2017-09-22 21:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-12-29 22:47 - 2017-12-29 22:47 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-12-29 22:44 - 2017-12-29 22:44 - 000000020 ___SH C:\Users\dennis\ntuser.ini
2017-12-29 21:46 - 2017-12-29 21:48 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2017-12-29 21:46 - 2017-12-29 21:48 - 000011433 _____ C:\WINDOWS\diagerr.xml
2017-12-29 21:45 - 2018-01-24 19:05 - 000003246 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFordennis
2017-12-29 21:45 - 2018-01-24 15:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-29 21:45 - 2018-01-18 13:35 - 000004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E3CE43FE-437F-4C77-ADE7-E2A398E9888C}
2017-12-29 21:45 - 2017-12-29 21:46 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3888258802-3760485577-602093225-1001
2017-12-29 21:45 - 2017-12-29 21:46 - 000002620 _____ C:\WINDOWS\System32\Tasks\{735F264A-BDEC-9028-9CAF-09A382A14131}
2017-12-29 21:45 - 2017-12-29 21:45 - 000003626 _____ C:\WINDOWS\System32\Tasks\Yahoo! Powered lecit
2017-12-29 21:45 - 2017-12-29 21:45 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-12-29 21:45 - 2017-12-29 21:45 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-12-29 21:45 - 2017-12-29 21:45 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-12-29 21:45 - 2017-12-29 21:45 - 000002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3888258802-3760485577-602093225-1001
2017-12-29 21:45 - 2017-12-29 21:45 - 000002824 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2017-12-29 21:45 - 2017-12-29 21:45 - 000002698 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet 4630 series
2017-12-29 21:45 - 2017-12-29 21:45 - 000002670 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-12-29 21:45 - 2017-12-29 21:45 - 000002536 _____ C:\WINDOWS\System32\Tasks\CLVDLauncher
2017-12-29 21:45 - 2017-12-29 21:45 - 000002536 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2017-12-29 21:45 - 2017-12-29 21:45 - 000002456 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3888258802-3760485577-602093225-500
2017-12-29 21:45 - 2017-12-29 21:45 - 000002276 _____ C:\WINDOWS\System32\Tasks\{3BB97903-8DD4-40BE-B4F9-3FD67D6BF10B}
2017-12-29 21:45 - 2017-12-29 21:45 - 000002254 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2017-12-29 21:45 - 2017-12-29 21:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2017-12-29 21:45 - 2017-12-29 21:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2017-12-29 21:45 - 2017-12-29 21:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-12-29 21:45 - 2013-09-25 22:35 - 000002320 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2214855882-1967583563-2463007371-500
2017-12-29 21:45 - 2013-07-19 23:03 - 000003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2219834991-2181590956-1059650666-500
2017-12-29 21:32 - 2017-12-29 21:32 - 000000000 ____D C:\ProgramData\USOShared
2017-12-29 21:30 - 2017-12-29 21:30 - 000001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-12-29 21:27 - 2017-12-30 21:32 - 000000000 ____D C:\Users\dennis\AppData\Local\Packages
2017-12-29 21:26 - 2018-01-12 13:08 - 000000000 ____D C:\Users\dennis
2017-12-29 21:26 - 2017-12-29 21:40 - 000000000 ____D C:\Users\Administrator
2017-12-29 21:25 - 2018-01-24 15:38 - 001176206 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-29 21:24 - 2017-10-20 16:43 - 000095216 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-12-29 21:24 - 2017-10-20 16:43 - 000091120 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-12-29 21:23 - 2017-09-29 08:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-12-29 21:20 - 2018-01-25 16:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-29 21:20 - 2018-01-11 18:02 - 000253032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-27 17:48 - 2017-12-27 17:48 - 000000000 ____D C:\Users\dennis\Documents\FeedbackHub
2017-12-23 18:14 - 2017-12-27 16:14 - 000000052 _____ C:\Users\dennis\AppData\Local\s3bmx8gr2a
2017-12-18 13:09 - 2017-12-29 21:51 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-18 12:13 - 2017-12-24 19:13 - 000000052 _____ C:\Users\dennis\AppData\Local\ubIjQrYzgN
2017-11-18 00:48 - 2018-01-24 19:05 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleFordennis.job
2017-11-13 14:52 - 2017-12-30 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-11-13 14:50 - 2017-12-30 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-11-13 14:50 - 2017-11-13 14:50 - 000000000 ____D C:\Program Files\iTunes
2017-11-13 14:50 - 2017-11-13 14:50 - 000000000 ____D C:\Program Files\iPod
==================== Three Months Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-25 17:01 - 2017-09-29 08:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-25 16:36 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-25 15:13 - 2017-02-07 22:13 - 000000000 ____D C:\ProgramData\{A91E6C7D-235C-E6BB-A59A-78F93FD8F337}
2018-01-24 15:35 - 2014-01-14 18:38 - 000000000 ____D C:\Users\dennis\Documents\Youcam
2018-01-24 15:34 - 2016-11-06 20:11 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-01-24 15:34 - 2014-07-20 22:29 - 000000000 __SHD C:\Users\dennis\IntelGraphicsProfiles
2018-01-24 15:31 - 2017-09-29 03:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-01-18 17:55 - 2016-04-14 14:05 - 000000000 ___RD C:\Users\dennis\Documents\Scanned Documents
2018-01-18 13:21 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-18 12:23 - 2017-09-29 08:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-16 00:14 - 2017-02-23 00:14 - 000000562 _____ C:\Users\dennis\AppData\Roaming\WB.CFG
2018-01-14 15:48 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-12 21:58 - 2016-02-18 11:00 - 000000000 ____D C:\Users\dennis\AppData\Local\TomTom
2018-01-12 21:55 - 2016-02-18 11:00 - 000000984 _____ C:\Users\Public\Desktop\TomTom MyDrive Connect.lnk
2018-01-12 21:54 - 2013-09-25 22:55 - 000000000 ____D C:\ProgramData\Package Cache
2018-01-12 21:53 - 2016-02-18 10:59 - 000000000 ____D C:\Program Files (x86)\MyDrive Connect
2018-01-11 18:04 - 2016-04-14 11:18 - 000000000 ___RD C:\Users\dennis\3D Objects
2018-01-11 18:04 - 2015-09-10 00:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-11 18:00 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-01-11 18:00 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-01-11 18:00 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-01-11 18:00 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-01-11 18:00 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-01-11 18:00 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-01-11 18:00 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-01-11 18:00 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-01-11 18:00 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-11 08:56 - 2017-09-29 08:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-11 08:53 - 2017-09-29 08:41 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-01-11 08:53 - 2017-09-29 08:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-01-10 22:37 - 2016-01-25 21:06 - 000002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-10 22:29 - 2015-07-24 12:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-10 22:26 - 2017-10-11 09:54 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-10 22:25 - 2015-07-24 12:50 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-10 22:14 - 2017-02-07 22:14 - 000000000 ____D C:\Users\dennis\AppData\Local\Karecagot
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\si-LK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\am-ET
2018-01-10 21:48 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-01-10 21:48 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2018-01-10 21:48 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2018-01-10 21:48 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-01-10 21:47 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-01-10 21:47 - 2017-09-29 08:46 - 000000000 ____D C:\Program Files\Windows Defender
2018-01-10 21:47 - 2017-09-29 08:46 - 000000000 ____D C:\PerfLogs
2017-12-30 21:08 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-12-30 00:32 - 2016-08-09 13:52 - 000000000 ____D C:\Users\dennis\Desktop\scuba diving photos
2017-12-30 00:20 - 2017-09-29 08:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-12-30 00:12 - 2017-09-29 08:49 - 000000000 ____D C:\WINDOWS\Setup
2017-12-30 00:12 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-12-30 00:12 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-12-30 00:12 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2017-12-30 00:12 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-12-30 00:12 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\InputMethod
2017-12-30 00:12 - 2017-09-29 08:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-12-30 00:12 - 2017-09-29 08:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-12-30 00:12 - 2017-07-06 20:28 - 000000000 ____D C:\Program Files\UNP
2017-12-30 00:12 - 2017-05-01 09:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro
2017-12-30 00:12 - 2017-04-13 18:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2016
2017-12-30 00:12 - 2016-11-28 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2017-12-30 00:12 - 2016-11-06 20:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2017-12-30 00:12 - 2016-11-06 20:11 - 000000000 ____D C:\Program Files\Intel
2017-12-30 00:12 - 2016-07-16 06:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-12-30 00:12 - 2016-04-14 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2015
2017-12-30 00:12 - 2016-02-21 18:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2017-12-30 00:12 - 2016-02-18 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2017-12-30 00:12 - 2016-01-03 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-12-30 00:12 - 2015-07-23 19:27 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2017-12-30 00:12 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-12-30 00:12 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-12-30 00:12 - 2013-07-19 22:58 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-12-30 00:12 - 2013-07-19 22:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2017-12-30 00:12 - 2013-07-19 22:51 - 000000000 ____D C:\WINDOWS\en
2017-12-30 00:12 - 2013-07-19 22:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Adobe
2017-12-30 00:12 - 2013-07-19 22:46 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2017-12-30 00:12 - 2013-07-19 22:45 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2017-12-30 00:12 - 2013-07-19 22:43 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2017-12-30 00:12 - 2013-07-19 22:41 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2017-12-30 00:11 - 2017-09-29 08:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\IME
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2017-12-30 00:07 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\en-GB
2017-12-30 00:07 - 2016-11-06 20:11 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2017-12-30 00:06 - 2016-11-06 20:11 - 000000000 ____D C:\Program Files\Realtek
2017-12-30 00:06 - 2016-11-06 20:10 - 000000000 ____D C:\Program Files\Synaptics
2017-12-30 00:00 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-12-30 00:00 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-12-30 00:00 - 2017-09-29 08:43 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-12-30 00:00 - 2017-09-29 08:43 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-12-30 00:00 - 2017-09-29 08:43 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-12-30 00:00 - 2017-09-29 08:43 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-12-30 00:00 - 2017-09-29 08:43 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-12-30 00:00 - 2017-09-29 08:43 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-12-30 00:00 - 2017-09-29 08:43 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-12-30 00:00 - 2017-09-29 08:43 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-12-30 00:00 - 2017-09-29 08:43 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-12-30 00:00 - 2017-09-29 08:43 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-12-30 00:00 - 2017-09-29 08:42 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-12-30 00:00 - 2017-09-29 08:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-12-30 00:00 - 2017-09-29 08:42 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-12-30 00:00 - 2017-09-29 08:42 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-12-29 22:46 - 2016-11-25 14:52 - 000000000 ____D C:\Users\dennis\AppData\Local\ConnectedDevicesPlatform
2017-12-29 22:45 - 2015-10-12 20:34 - 000000000 ____D C:\Users\dennis\AppData\Local\TileDataLayer
2017-12-29 21:49 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-12-29 21:48 - 2017-09-29 03:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-12-29 21:46 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Registration
2017-12-29 21:45 - 2015-08-17 20:55 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-12-29 21:40 - 2016-11-06 20:15 - 000998558 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-12-29 21:35 - 2016-02-19 19:19 - 000000000 ____D C:\Users\dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PADI Multimedia
2017-12-29 21:32 - 2017-09-29 08:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-12-29 21:30 - 2017-09-29 08:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-12-29 21:27 - 2012-08-03 17:28 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2017-12-29 21:25 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-12-29 21:25 - 2016-11-06 20:12 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-12-29 21:24 - 2016-11-06 20:11 - 000011070 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2017-12-29 21:24 - 2016-11-06 20:11 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-12-29 21:24 - 2016-11-06 20:11 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
==================== Files in the root of some directories =======
2017-02-23 00:14 - 2018-01-16 00:14 - 000000562 _____ () C:\Users\dennis\AppData\Roaming\WB.CFG
2017-12-23 18:14 - 2017-12-27 16:14 - 000000052 _____ () C:\Users\dennis\AppData\Local\s3bmx8gr2a
2017-12-18 12:13 - 2017-12-24 19:13 - 000000052 _____ () C:\Users\dennis\AppData\Local\ubIjQrYzgN
Files to move or delete:
====================
C:\Windows\Tasks\{735F264A-BDEC-9028-9CAF-09A382A14131}.job

==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== BCD ================================
Firmware Boot Manager
---------------------
identifier              {fwbootmgr}
displayorder            {bootmgr}
                        {dc051f48-4546-11e5-824f-806e6f6e6963}
                        {cf469938-4484-11e5-be79-806e6f6e6963}
                        {cf469939-4484-11e5-be79-806e6f6e6963}
timeout                 0
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {feac1b32-ed1f-11e7-a2a6-f6e35240d000}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
Firmware Application (101fffff)
-------------------------------
identifier              {0062363a-30a4-11e5-9897-bda081313899}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {0062363b-30a4-11e5-9897-bda081313899}
description             USB Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {0062363c-30a4-11e5-9897-bda081313899}
description             Internal CD/DVD ROM Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {0062363d-30a4-11e5-9897-bda081313899}
description             USB Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {0062363e-30a4-11e5-9897-bda081313899}
description             Internal CD/DVD ROM Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {0062363f-30a4-11e5-9897-bda081313899}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {00623640-30a4-11e5-9897-bda081313899}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {00623641-30a4-11e5-9897-bda081313899}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {00623643-30a4-11e5-9897-bda081313899}
description             USB Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {00623644-30a4-11e5-9897-bda081313899}
description             Internal CD/DVD ROM Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {00623645-30a4-11e5-9897-bda081313899}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {00623646-30a4-11e5-9897-bda081313899}
description             USB Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {00623647-30a4-11e5-9897-bda081313899}
description             Internal CD/DVD ROM Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {03b3a9af-7dad-11e3-be75-a0481c1f197d}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {7a86adb0-30a0-11e5-9897-bda081313899}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {7a86adb1-30a0-11e5-9897-bda081313899}
description             USB Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {7a86adb2-30a0-11e5-9897-bda081313899}
description             Internal CD/DVD ROM Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {7a86adb5-30a0-11e5-9897-bda081313899}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {80b6f392-8c70-11e3-be7d-806e6f6e6963}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {cf469938-4484-11e5-be79-806e6f6e6963}
description             USB Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {cf469939-4484-11e5-be79-806e6f6e6963}
description             Internal CD/DVD ROM Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {cf46993a-4484-11e5-be79-806e6f6e6963}
description             Internal Hard Disk or Solid State Disk
Firmware Application (101fffff)
-------------------------------
identifier              {d76b7f83-2664-11e3-afa2-d1a4169b59ab}
description             USB Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {d76b7f84-2664-11e3-afa2-d1a4169b59ab}
description             Internal CD/DVD ROM Drive (UEFI)
Firmware Application (101fffff)
-------------------------------
identifier              {dc051f48-4546-11e5-824f-806e6f6e6963}
description             Internal Hard Disk or Solid State Disk
Windows Boot Loader
-------------------
identifier              {00623655-30a4-11e5-9897-bda081313899}
device                  ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{00623656-30a4-11e5-9897-bda081313899}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  en-US
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{00623656-30a4-11e5-9897-bda081313899}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes
Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \WINDOWS\system32\winload.efi
description             Windows 10
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {feac1b34-ed1f-11e7-a2a6-f6e35240d000}
displaymessageoverride  SystemRestore
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {feac1b32-ed1f-11e7-a2a6-f6e35240d000}
nx                      OptIn
bootmenupolicy          Standard
Windows Boot Loader
-------------------
identifier              {feac1b34-ed1f-11e7-a2a6-f6e35240d000}
device                  ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{feac1b35-ed1f-11e7-a2a6-f6e35240d000}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  en-US
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{feac1b35-ed1f-11e7-a2a6-f6e35240d000}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes
Resume from Hibernate
---------------------
identifier              {feac1b32-ed1f-11e7-a2a6-f6e35240d000}
device                  partition=C:
path                    \WINDOWS\system32\winresume.efi
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
recoverysequence        {feac1b34-ed1f-11e7-a2a6-f6e35240d000}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume2
path                    \EFI\Microsoft\Boot\memtest.efi
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
EMS Settings
------------
identifier              {emssettings}
bootems                 No
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
RAM Defects
-----------
identifier              {badmemory}
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
Device options
--------------
identifier              {feac1b35-ed1f-11e7-a2a6-f6e35240d000}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume5
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

LastRegBack: 2018-01-24 15:15
==================== End of FRST.txt ============================


#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,930 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:45 PM

Posted 27 January 2018 - 09:21 AM

Hi,

Press the windows key Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKU\S-1-5-21-3888258802-3760485577-602093225-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wnf_coinisre_17_06_ssg01&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDyEzztC0CtC0FtCzyyB0Dzy0E0FyCtN0D0Tzu0StCzzyCyEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StA0DzztC0AtDyDtDtGyByE0CtDtG0DtB0E0BtGyCyDzyzytGyD0DyEtAtC0AtAyD0EtByDyE2QtN1M1F1B2Z1V1... (long line)
SearchScopes: HKU\S-1-5-21-3888258802-3760485577-602093225-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_851a73ac8455b40bf3&param1=ArFaIWJoNqArQGMVHFFoNqAqBbFaISEaQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8NVU9ISoUvmk9JaYWwVNdImIWvmo4JqYVvmpdIGYTvFM9GqYVNUI3wGYGwVM3vmk3vmo9GqUNNos3wCIYwVA9JmoVwVA9J6ITvFI4ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6oVvFQ9JmoUvFNdIWYYNVI9I6IWvFI3vmoU... (long line)
SearchScopes: HKU\S-1-5-21-3888258802-3760485577-602093225-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_851a73ac8455b40bf3&param1=ArFaIWJoNqArQGMVHFFoNqAqBbFaISEaQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8NVU9ISoUvmk9JaYWwVNdImIWvmo4JqYVvmpdIGYTvFM9GqYVNUI3wGYGwVM3vmk3vmo9GqUNNos3wCIYwVA9JmoVwVA9J6ITvFI4ISILNFdcJ6k8wV5cGWUSNFRcEqULNopcGWUIvmFbF6oVvFQ9JmoUvFNdIWYYNVI9I6IWvFI3vmoUwVxdJCIWvmk3v... (long line)
SearchScopes: HKU\S-1-5-21-3888258802-3760485577-602093225-1001 -> {f79e5d1c-5148-469e-9f98-a11d8d7863f4} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wnf_coinisre_17_06_ssg01&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDyEzztC0CtC0FtCzyyB0Dzy0E0FyCtN0D0Tzu0StCzzyCyEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StA0DzztC0AtDyDtDtGyByE0CtDtG0DtB0E0BtGyCyDzyzytGyD0DyEtAtC0AtAyD0EtByDyE2QtN1... (long line)
Toolbar: HKU\S-1-5-21-3888258802-3760485577-602093225-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
CHR NewTab: Default ->  Active:"chrome-extension://kpocjpoifmommoiiiamepombpeoaehfh/dynamicNewTab.html", Not-active:"chrome-extension://kpocjpoifmommoiiiamepombpeoaehfh/stubby.html"
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Extension: (Search Manager) - C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-10-19]
CHR HKLM\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx <not found>
CHR HKU\S-1-5-21-3888258802-3760485577-602093225-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.6.0.27\Exts\Chrome.crx <not found>
S1 MpKsl2a2ccae3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8F6D2CA4-BB06-4228-A775-5189EDBD5EA4}\MpKsl2a2ccae3.sys [58120 2018-01-18] () [File not signed]

2017-02-23 00:14 - 2018-01-16 00:14 - 000000562 _____ () C:\Users\dennis\AppData\Roaming\WB.CFG
2017-12-23 18:14 - 2017-12-27 16:14 - 000000052 _____ () C:\Users\dennis\AppData\Local\s3bmx8gr2a
2017-12-18 12:13 - 2017-12-24 19:13 - 000000052 _____ () C:\Users\dennis\AppData\Local\ubIjQrYzgN
C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8F6D2CA4-BB06-4228-A775-5189EDBD5EA4}

DeleteKey: HKU\S-1-5-21-3888258802-3760485577-602093225-1001\Software\CoinisRevShare
DeleteKey: HKCU\Software\CoinisRevShare
[-HKU\S-1-5-21-3888258802-3760485577-602093225-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\download.driversupport.com]
[-HKU\S-1-5-21-3888258802-3760485577-602093225-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\driversupport.com]

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Reset Internet Explorer:
Menu > Tools > Internet Options > Advanced Tab.
Click the Reset button on the bottom of the pane.
Click the Apply button.
Close IE.
===

Please post the Fixlog.txt. Include in you reply the Addition.txt log that was created by the Farbar program.

Please let me know what issues persists with this computer.

#7 pylestone

pylestone
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:45 AM

Posted 28 January 2018 - 02:26 PM

I do not have my dads computer hooked up to the internet, everything I am doing is by using a USB drive downloading it from my computer and putting it to his. Do I need to do anything else to make sure everything is gone once I reconnect the internet?



#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,930 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:45 PM

Posted 29 January 2018 - 08:30 AM


Hi,

Let me see the results of this scan.

--RogueKiller--
  • Download & SAVE to your Desktop Download RogueKiller
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or above, right-click the program file and select "Run as Administrator"
  • Accept the user agreements.
  • Execute the scan and wait until it has finished.
  • If a Windows opens to explain what [PUM's] are, read about it.
  • Click the RoguKiller icon on your taksbar to return to the report.
  • Click open the Report
  • Click Export TXT button
  • Save the file as ReportRogue.txt
  • Click the Remove button to delete the items in RED
  • Click Finish and close the program.
  • Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next.
=======

#9 nasdaq

nasdaq

  • Malware Response Team
  • 38,930 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:45 PM

Posted 04 February 2018 - 09:40 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users