Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Safesearch?? Google chrome suspicious email activity warning?


  • Please log in to reply
2 replies to this topic

#1 withavision

withavision

  • Members
  • 86 posts
  • ONLINE
  •  
  • Local time:06:53 PM

Posted 19 February 2018 - 05:06 PM

Hello,

 

A week or two ago, I noticed "safesearch" was installed for google chrome.  I did not install this.  When I would type in the search bar, it would default to yahoo. I have always had google set as my default search engine.

 

Today, I have received the attached warning (untitled.png) in google chrome two times. I have never seen this before and am not sure what it is?

 

Also, I use yahoo mail.  A couple times last week my yahoo mail would go to a webpage saying my computer is infected and take these steps, do not do anything else etc... I do not have a screen shot of that, unfortunately....

 

Here is my frst log.... please let me know if I have anything to be worried about here?

 

Thanks a lot

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.02.2018
Ran by P. Miller (administrator) on PMILLER (19-02-2018 16:37:51)
Running from C:\Users\P. Miller\Downloads
Loaded Profiles: P. Miller & Guest (Available Profiles: P. Miller & Guest)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
Failed to access process -> svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Failed to access process -> soffice.bin
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-05] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-10-20] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2131344 2016-06-20] (Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1197745190-727455461-723387890-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
HKU\S-1-5-21-1197745190-727455461-723387890-1001\...\Run: [GoogleChromeAutoLaunch_7594610B2A33092952E6E86A9B3105F0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1301848 2017-08-23] (Google Inc.)
HKU\S-1-5-21-1197745190-727455461-723387890-1001\...\RunOnce: [Uninstall 17.3.7294.0108\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\P. Miller\AppData\Local\Microsoft\OneDrive\17.3.7294.0108\amd64"
HKU\S-1-5-21-1197745190-727455461-723387890-1001\...\RunOnce: [Uninstall 17.3.7294.0108] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\P. Miller\AppData\Local\Microsoft\OneDrive\17.3.7294.0108"
HKU\S-1-5-21-1197745190-727455461-723387890-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [36864 2017-09-29] (Microsoft Corporation)
HKU\S-1-5-21-1197745190-727455461-723387890-501\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation)
Startup: C:\Users\P. Miller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk [2015-12-22]
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{54eb91ab-5f69-414c-914c-b25ce37c90d9}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{54eb91ab-5f69-414c-914c-b25ce37c90d9}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{85a652d0-0b8e-4eaf-97f2-b27097c25bdb}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{a76bedef-7979-11e7-8e1f-806e6f6e6963}: [NameServer] 8.8.8.8
 
Internet Explorer:
==================
HKU\S-1-5-21-1197745190-727455461-723387890-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-24] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-24] (Oracle Corporation)
 
FireFox:
========
FF DefaultProfile: 7yv2qzd8.default
FF ProfilePath: C:\Users\P. Miller\AppData\Roaming\Mozilla\Firefox\Profiles\7yv2qzd8.default [2018-01-17]
FF Extension: (Firefox Hotfix) - C:\Users\P. Miller\AppData\Roaming\Mozilla\Firefox\Profiles\7yv2qzd8.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-11-22] [Legacy]
FF Extension: (FireShot) - C:\Users\P. Miller\AppData\Roaming\Mozilla\Firefox\Profiles\7yv2qzd8.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2017-01-18] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-06] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-24] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-1197745190-727455461-723387890-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\P. Miller\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-01-25] (Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-1197745190-727455461-723387890-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2017-04-05] (TD Ameritrade)
FF Plugin HKU\S-1-5-21-1197745190-727455461-723387890-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2017-04-05] (TD Ameritrade)
 
Chrome: 
=======
CHR Profile: C:\Users\P. Miller\AppData\Local\Google\Chrome\User Data\Default [2018-02-19]
CHR Extension: (Slides) - C:\Users\P. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-25]
CHR Extension: (Docs) - C:\Users\P. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-25]
CHR Extension: (Google Drive) - C:\Users\P. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-01]
CHR Extension: (YouTube) - C:\Users\P. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-01]
CHR Extension: (MozBar) - C:\Users\P. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2018-02-12]
CHR Extension: (Avast SafePrice) - C:\Users\P. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-02-16]
CHR Extension: (Sheets) - C:\Users\P. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-25]
CHR Extension: (Google Docs Offline) - C:\Users\P. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-10]
CHR Extension: (Avast Online Security) - C:\Users\P. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-09]
CHR Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\P. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbapdpeemoojbophdfndmlgdhppljgmp [2017-11-30]
CHR Extension: (WhatFont) - C:\Users\P. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2017-11-14]
CHR Extension: (Jungle Scout) - C:\Users\P. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfgpfhoadcpndoogjiogflmgegfbekec [2018-01-28]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\P. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2018-02-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\P. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-31]
CHR Extension: (Check My Links) - C:\Users\P. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkcdipcgfaekbeaelaapakgnjflfglf [2017-06-02]
CHR Extension: (Gmail) - C:\Users\P. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-01]
CHR Extension: (Chrome Media Router) - C:\Users\P. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-25]
CHR Extension: (Majestic Backlink Analyzer) - C:\Users\P. Miller\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnmjaflneibolacpepklokkjnakmikmg [2017-07-20]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2018-01-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-05] (AVAST Software)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [192944 2018-02-19] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321512 2018-01-05] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199448 2018-01-05] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343768 2018-01-05] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57696 2018-01-05] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [190440 2018-02-19] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-02-19] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-04] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146648 2018-02-19] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110328 2018-02-19] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84368 2018-02-19] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026696 2018-02-19] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [459952 2018-02-19] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205464 2018-02-19] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379448 2018-02-19] (AVAST Software)
U1 lpsport; C:\Windows\System32\Drivers\lpsport.sys [61304 2018-01-05] ()
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2018-01-28] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-19] (Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
R3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-02-19 16:37 - 2018-02-19 17:01 - 000016130 _____ C:\Users\P. Miller\Downloads\FRST.txt
2018-02-19 16:37 - 2018-02-19 16:37 - 000000000 ____D C:\FRST
2018-02-19 16:36 - 2018-02-19 16:36 - 002403840 _____ (Farbar) C:\Users\P. Miller\Downloads\FRST64.exe
2018-02-19 01:42 - 2018-02-19 01:42 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys.151902257295302
2018-02-19 01:42 - 2018-02-19 01:41 - 000380768 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-02-16 14:13 - 2018-02-16 14:13 - 000322722 _____ C:\Users\P. Miller\Downloads\PALocalTaxReturn.pdf
2018-02-16 13:55 - 2018-02-16 13:55 - 000116196 _____ C:\Users\P. Miller\Downloads\3ComputerGalleryACTIVE (1).csv
2018-02-16 13:47 - 2018-02-16 13:47 - 000116196 _____ C:\Users\P. Miller\Downloads\3ComputerGalleryACTIVE.csv
2018-02-16 13:31 - 2018-02-16 13:31 - 001129816 _____ (Google Inc.) C:\Users\P. Miller\Downloads\ChromeSetup (1).exe
2018-02-11 13:49 - 2018-02-11 13:49 - 000000000 _____ C:\Users\P. Miller\Desktop\2016 tax return.pdf
2018-02-11 13:48 - 2018-02-11 13:48 - 000528710 _____ C:\Users\P. Miller\Downloads\2016TurboTaxReturn.pdf
2018-02-11 13:05 - 2018-02-11 13:05 - 000417874 _____ C:\Users\P. Miller\Downloads\2017-1099MISC.pdf
2018-02-07 11:39 - 2018-02-07 11:39 - 000000846 _____ C:\Users\P. Miller\AppData\Local\recently-used.xbel
2018-02-06 06:34 - 2018-02-06 06:34 - 006165504 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2018-02-01 16:37 - 2018-02-01 16:37 - 000000134 _____ C:\Users\P. Miller\Downloads\report_40929_ypyBnb.csv
2018-02-01 16:30 - 2018-02-01 16:30 - 000000110 _____ C:\Users\P. Miller\Downloads\report_40927_lH2Jzs.csv
2018-02-01 14:04 - 2018-02-01 14:04 - 000028859 _____ C:\Users\P. Miller\Downloads\Crypto (1).xlsx
2018-02-01 14:03 - 2018-02-01 14:04 - 000028859 _____ C:\Users\P. Miller\Downloads\Crypto.xlsx
2018-01-28 11:24 - 2018-01-28 11:24 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-01-28 11:23 - 2018-01-28 11:23 - 000000000 ___HD C:\Users\P. Miller\MicrosoftEdgeBackups
2018-01-28 11:21 - 2018-01-28 11:21 - 000000020 ___SH C:\Users\P. Miller\ntuser.ini
2018-01-28 11:21 - 2018-01-28 11:21 - 000000000 ___RD C:\Users\P. Miller\3D Objects
2018-01-28 07:40 - 2018-01-28 07:44 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-01-28 07:40 - 2018-01-28 07:40 - 000000000 ___DL C:\Users\Public\Recorded TV (1)
2018-01-28 07:38 - 2018-01-28 07:40 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-01-28 07:38 - 2018-01-28 07:38 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-01-28 07:34 - 2018-01-28 07:34 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-28 07:34 - 2018-01-28 07:34 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-28 07:34 - 2018-01-28 07:34 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-01-28 07:34 - 2018-01-28 07:34 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-01-28 07:34 - 2018-01-28 07:34 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2018-01-28 07:34 - 2018-01-28 07:34 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2018-01-28 07:34 - 2018-01-28 07:34 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2018-01-28 07:34 - 2018-01-28 07:34 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-01-28 05:36 - 2018-02-19 13:39 - 000004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{98EA04EB-6A36-469F-82B1-3CABD29C5380}
2018-01-28 05:36 - 2018-02-19 01:42 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-01-28 05:36 - 2018-02-16 13:32 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-01-28 05:36 - 2018-02-16 13:32 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-01-28 05:36 - 2018-02-15 13:30 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1197745190-727455461-723387890-1001
2018-01-28 05:36 - 2018-02-06 06:34 - 000004386 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-01-28 05:36 - 2018-01-28 05:36 - 000003354 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458748799
2018-01-28 05:36 - 2018-01-28 05:36 - 000003260 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-1197745190-727455461-723387890-1001
2018-01-28 05:36 - 2018-01-28 05:36 - 000003164 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-1197745190-727455461-723387890-1001
2018-01-28 05:36 - 2018-01-28 05:36 - 000002586 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2018-01-28 05:36 - 2018-01-28 05:36 - 000002440 _____ C:\WINDOWS\System32\Tasks\avast! Windows 10 Start Menu helper
2018-01-28 05:36 - 2018-01-28 05:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-28 05:36 - 2018-01-28 05:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-01-28 05:36 - 2018-01-28 05:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2018-01-28 05:34 - 2018-01-28 05:36 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2018-01-28 05:34 - 2018-01-28 05:36 - 000011433 _____ C:\WINDOWS\diagerr.xml
2018-01-28 05:12 - 2018-01-28 05:12 - 000841206 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-28 05:07 - 2018-01-28 05:07 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-01-28 05:00 - 2018-01-28 05:00 - 000000000 ____D C:\ProgramData\USOShared
2018-01-28 04:58 - 2018-01-28 04:58 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-01-28 04:55 - 2018-02-12 13:16 - 000000000 ____D C:\Users\P. Miller
2018-01-28 04:55 - 2018-01-28 11:39 - 000000000 ____D C:\Users\P. Miller\AppData\Local\Packages
2018-01-28 04:55 - 2018-01-28 05:09 - 000000000 ____D C:\Users\Guest
2018-01-28 04:52 - 2017-09-29 08:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-01-28 04:48 - 2018-02-19 16:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-28 04:48 - 2018-01-28 05:04 - 000222000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-26 11:53 - 2018-01-26 11:53 - 000000000 ____D C:\Users\P. Miller\2017 TAXES
2018-01-23 15:41 - 2018-02-16 14:03 - 000000000 ____D C:\Users\P. Miller\Desktop\7 FIGURE CYCLE
2018-01-23 15:32 - 2018-01-23 15:32 - 000015186 _____ C:\Users\P. Miller\Downloads\7fc-business-planning.xlsx
2018-01-23 11:13 - 2018-01-23 11:13 - 000000000 ____D C:\Users\P. Miller\AppData\Local\GoTo Opener
2018-01-22 19:02 - 2018-01-28 11:21 - 000000000 ___DC C:\WINDOWS\Panther
2018-01-22 11:56 - 2018-01-22 11:56 - 000012345 _____ C:\Users\P. Miller\Downloads\VRRENEWAL (2).pdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-02-19 16:31 - 2017-09-29 08:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-19 01:41 - 2018-01-05 04:43 - 000190440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-02-19 01:41 - 2017-11-21 15:12 - 000192944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-02-19 01:41 - 2015-12-22 19:18 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-02-19 01:41 - 2015-12-22 19:18 - 000459952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-02-19 01:41 - 2015-12-22 19:18 - 000379448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-02-19 01:41 - 2015-12-22 19:18 - 000205464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-02-19 01:41 - 2015-12-22 19:18 - 000146648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-02-19 01:41 - 2015-12-22 19:18 - 000110328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-02-19 01:41 - 2015-12-22 19:18 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-02-19 01:41 - 2015-12-22 19:18 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-02-17 00:14 - 2017-07-08 12:52 - 000000000 ____D C:\Users\P. Miller\AppData\Local\GoToMeeting
2018-02-16 13:32 - 2016-04-01 11:48 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-16 13:32 - 2016-04-01 11:48 - 000002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-16 13:32 - 2016-04-01 11:47 - 000000000 ____D C:\Program Files (x86)\Google
2018-02-15 13:30 - 2015-12-22 18:53 - 000002375 _____ C:\Users\P. Miller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-15 13:30 - 2015-12-22 18:53 - 000000000 ___RD C:\Users\P. Miller\OneDrive
2018-02-12 13:18 - 2017-09-29 08:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-12 13:17 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-12 13:00 - 2017-12-20 10:25 - 000000000 ____D C:\Users\P. Miller\Desktop\CRYPTO
2018-02-11 13:01 - 2015-08-21 11:06 - 000202752 _____ C:\Users\P. Miller\Desktop\SITES LATEST.xls
2018-02-09 11:56 - 2017-09-29 08:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-07 11:42 - 2016-12-07 14:13 - 000000000 ___HD C:\Users\P. Miller\.gimp-2.8
2018-02-06 06:34 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-02-06 06:34 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-02-05 06:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-31 07:40 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-30 15:22 - 2017-12-19 11:11 - 000000000 ____D C:\Users\P. Miller\Desktop\CREATING A PROFITABLE ONLINE STORE
2018-01-29 07:48 - 2015-12-22 14:18 - 000000000 ____D C:\ESD
2018-01-29 04:41 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\appcompat
2018-01-28 11:22 - 2016-09-27 11:35 - 000000000 ____D C:\Users\P. Miller\AppData\Local\PackageStaging
2018-01-28 11:22 - 2015-12-22 18:49 - 000000000 ____D C:\Users\P. Miller\AppData\Local\TileDataLayer
2018-01-28 11:21 - 2015-12-22 18:49 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-28 07:47 - 2017-09-29 08:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-01-28 07:44 - 2017-11-15 15:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-01-28 07:44 - 2017-09-29 08:49 - 000000000 ____D C:\WINDOWS\Setup
2018-01-28 07:44 - 2017-09-29 08:46 - 000000000 __RHD C:\Users\Public\Libraries
2018-01-28 07:44 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-01-28 07:44 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\spool
2018-01-28 07:44 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-01-28 07:44 - 2017-09-19 18:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-01-28 07:44 - 2017-08-09 13:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2018-01-28 07:44 - 2017-07-07 12:42 - 000000000 ____D C:\Program Files\UNP
2018-01-28 07:44 - 2017-03-18 16:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-01-28 07:44 - 2017-03-15 14:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-01-28 07:44 - 2017-02-03 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\thinkorswim
2018-01-28 07:44 - 2016-08-12 09:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IgnitionCasino
2018-01-28 07:44 - 2015-12-22 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2018-01-28 07:44 - 2015-12-22 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-01-28 07:44 - 2015-10-30 02:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-01-28 07:40 - 2017-11-24 15:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2018-01-28 07:40 - 2017-11-16 14:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2018-01-28 07:40 - 2015-12-22 19:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\si-LK
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\am-ET
2018-01-28 07:36 - 2017-09-29 09:42 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-01-28 07:36 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-01-28 07:36 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-01-28 07:36 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-01-28 07:36 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2018-01-28 07:36 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-01-28 07:36 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2018-01-28 07:36 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-01-28 07:36 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-01-28 07:36 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-01-28 07:36 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-28 07:35 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-01-28 07:35 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-01-28 07:35 - 2017-09-29 08:46 - 000000000 ____D C:\Program Files\Windows Defender
2018-01-28 07:35 - 2017-09-29 08:46 - 000000000 ____D C:\PerfLogs
2018-01-28 05:36 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Registration
2018-01-28 05:36 - 2016-03-14 14:00 - 000000670 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1197745190-727455461-723387890-1001.job
2018-01-28 05:36 - 2016-03-14 14:00 - 000000574 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1197745190-727455461-723387890-1001.job
2018-01-28 05:33 - 2016-09-27 00:26 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-01-28 05:07 - 2017-10-06 21:21 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-01-28 05:03 - 2017-09-29 03:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-01-28 05:02 - 2017-12-20 10:31 - 000000000 ____D C:\Users\P. Miller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daedalus
2018-01-28 05:02 - 2017-02-03 14:52 - 000000000 ____D C:\Users\P. Miller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2018-01-28 05:02 - 2015-12-28 15:34 - 000000000 ____D C:\Users\P. Miller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iSunshare Windows 7 Password Genius Trial
2018-01-28 05:00 - 2017-09-29 08:46 - 000000000 ____D C:\ProgramData\USOPrivate
2018-01-28 04:59 - 2017-09-29 08:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-01-28 04:52 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-01-28 04:09 - 2008-09-10 10:40 - 000008192 __RSH C:\BOOTSECT.BAK
2018-01-25 19:42 - 2018-01-11 17:58 - 000000000 ____D C:\Program Files\rempl
2018-01-23 11:13 - 2016-03-14 14:00 - 000000000 ___HD C:\Users\P. Miller\AppData\Local\Citrix
 
==================== Files in the root of some directories =======
 
2015-12-23 14:20 - 2002-03-07 16:59 - 000557113 _____ (Electronic Arts Inc.) C:\Program Files\MOHAA_server.exe
2015-12-23 14:20 - 2002-03-06 12:24 - 000002756 _____ () C:\Program Files\PatchReadme111.txt
2018-02-07 11:39 - 2018-02-07 11:39 - 000000846 _____ () C:\Users\P. Miller\AppData\Local\recently-used.xbel
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-02-17 09:37
 
==================== End of FRST.txt ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.02.2018
Ran by P. Miller (19-02-2018 17:02:57)
Running from C:\Users\P. Miller\Downloads
Windows 10 Home Version 1709 16299.125 (X64) (2018-01-28 10:38:45)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1197745190-727455461-723387890-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1197745190-727455461-723387890-1004 - Limited - Enabled)
DefaultAccount (S-1-5-21-1197745190-727455461-723387890-503 - Limited - Disabled)
Guest (S-1-5-21-1197745190-727455461-723387890-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-1197745190-727455461-723387890-1002 - Limited - Enabled)
P. Miller (S-1-5-21-1197745190-727455461-723387890-1001 - Administrator - Enabled) => C:\Users\P. Miller
WDAGUtilityAccount (S-1-5-21-1197745190-727455461-723387890-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.1.2326 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CPUID HWMonitor 1.33 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.33 - )
Daedalus (HKLM-x32\...\Daedalus) (Version: 1.0.3769.0 - Eureka Solutions LLC)
FileZilla Client 3.29.0 (HKLM-x32\...\FileZilla Client) (Version: 3.29.0 - Tim Kosse)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.167 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.)
GoToMeeting 8.20.0.8199 (HKU\S-1-5-21-1197745190-727455461-723387890-1001\...\GoToMeeting) (Version: 8.20.0.8199 - LogMeIn, Inc.)
Ignition Casino (HKLM-x32\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E4}}_is1) (Version:   - )
iTunes (HKLM\...\{F2517A28-8CB8-4206-B86C-5EDD4EA26682}) (Version: 12.7.1.14 - Apple Inc.)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Medal of Honor Allied Assault (HKLM-x32\...\{0DEA94ED-915A-4834-A87E-388D012C8E02}) (Version:  - )
Medal of Honor Allied Assault™ Breakthrough (HKLM-x32\...\{823A68CC-3049-4A6B-8F63-7DC85E4BB1C9}) (Version:  - )
Microsoft OneDrive (HKU\S-1-5-21-1197745190-727455461-723387890-1001\...\OneDriveSetup.exe) (Version: 17.005.0107.0008 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18.2 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AC0D130B-8809-4125-811F-667893B90644}) (Version: 2.11.0.0 - Microsoft Corporation)
Wondershare Helper Compact 2.5.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.0 - Wondershare)
Zoom (HKU\S-1-5-21-1197745190-727455461-723387890-1001\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1197745190-727455461-723387890-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\P. Miller\AppData\Local\GoToMeeting\8034\G2MOutlookAddin64.dll (LogMeIn, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-05] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-05] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-05] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Windows.old\Program Files\WinRAR\rarext.dll -> No File
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Windows.old\Program Files\WinRAR\rarext32.dll -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-05] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Windows.old\Program Files\WinRAR\rarext.dll -> No File
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Windows.old\Program Files\WinRAR\rarext32.dll -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-01-05] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Windows.old\Program Files\WinRAR\rarext.dll -> No File
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Windows.old\Program Files\WinRAR\rarext32.dll -> No File
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {000484D8-FD05-48FA-8F0E-1D7FFA10355F} - System32\Tasks\SafeZone scheduled Autoupdate 1458748799 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {013FD556-C07F-4E9F-A67B-D661E0990250} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {041A7BD0-B1E6-47D1-9254-E5E341079E58} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-01-08] (AVAST Software)
Task: {074003B1-AB18-47A3-BE12-A77BFFA31A79} - System32\Tasks\avast! Windows 10 Start Menu helper => c:\program files\avast software\avast\asww10mon.exe
Task: {34FE7F08-FF22-4F3D-8BC6-D2F6752D267F} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {4593F9E7-8FF1-4DEB-A899-0E53E1C6D784} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {4927C2F8-338A-47D7-B1D0-C1383BAB8F88} - System32\Tasks\G2MUpdateTask-S-1-5-21-1197745190-727455461-723387890-1001 => C:\Users\P. Miller\AppData\Local\GoToMeeting\8199\g2mupdate.exe [2018-01-18] (LogMeIn, Inc.)
Task: {626B8D16-7C61-4E31-A3C4-6E8DA94D14A1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {7959B73A-2013-4443-B4E4-D5142339EBB7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-16] (Google Inc.)
Task: {86F1B2DA-7A38-437E-A041-3836008CEB80} - System32\Tasks\G2MUploadTask-S-1-5-21-1197745190-727455461-723387890-1001 => C:\Users\P. Miller\AppData\Local\GoToMeeting\8199\g2mupload.exe [2018-01-18] (LogMeIn, Inc.)
Task: {C03360BD-D6DA-4134-9537-F3E475449BFC} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {CD594E96-B774-4AA0-8395-7483E3C50FF1} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-02-19] (AVAST Software)
Task: {F46E5669-02A5-4170-B4CB-9E3AB0175892} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-16] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1197745190-727455461-723387890-1001.job => C:\Users\P. Miller\AppData\Local\GoToMeeting\8199\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1197745190-727455461-723387890-1001.job => C:\Users\P. Miller\AppData\Local\GoToMeeting\8199\g2mupload.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
Shortcut: C:\Users\P. Miller\Desktop\Daedalus.lnk -> C:\Program Files\Daedalus\daedalus.bat ()
Shortcut: C:\Users\P. Miller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daedalus\Daedalus.lnk -> C:\Program Files\Daedalus\daedalus.bat ()
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-09-01 17:12 - 2016-09-01 17:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-09-19 18:33 - 2017-10-06 21:21 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-09-29 08:41 - 2017-09-29 08:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-11-06 14:32 - 2017-11-06 14:32 - 000076456 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-01-28 07:34 - 2018-01-28 07:34 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-30 09:42 - 2018-01-30 09:42 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-30 09:42 - 2018-01-30 09:42 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-30 09:42 - 2018-01-30 09:42 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-30 09:42 - 2018-01-30 09:42 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
2018-01-30 09:42 - 2018-01-30 09:42 - 000667136 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-10-20 15:22 - 2017-10-20 15:22 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-10-20 15:22 - 2017-10-20 15:22 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2017-08-28 14:22 - 2017-08-23 03:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll
2017-08-28 14:22 - 2017-08-23 03:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll
2015-12-22 18:32 - 2010-04-01 17:48 - 000970752 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2015-12-22 18:32 - 2010-04-01 17:48 - 000166400 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
2018-01-05 04:42 - 2018-01-05 04:42 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2018-01-05 04:42 - 2018-01-05 04:42 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2018-01-05 04:42 - 2018-01-05 04:42 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll
2017-07-11 02:37 - 2017-07-11 02:37 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-01-05 04:42 - 2018-01-05 04:42 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-01-05 04:41 - 2018-01-05 04:41 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 02:24 - 2017-09-20 13:48 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1197745190-727455461-723387890-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\P. Miller\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\desktop background.bmp
HKU\S-1-5-21-1197745190-727455461-723387890-501\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-1197745190-727455461-723387890-1001\...\StartupApproved\Run: => "Skype"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{3114D827-97C7-4B04-B482-7185905FBE3F}] => (Allow) C:\Program Files\Daedalus\cardano-node.exe
FirewallRules: [{9B610493-77B6-4E41-ACB2-22304EBA64FA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{99F2165A-4BFB-4A9C-9B0E-9BBD9CF2AC1D}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{BA34D134-F788-431A-98B6-8BAA4B312AC9}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{6DF125D7-C98D-4E16-B296-DD67E9142699}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [UDP Query User{F0DE0DD1-D821-4EDA-9B34-8BE9292D8A5B}C:\program files (x86)\ea games\mohaa\moh_breakthrough.exe] => (Allow) C:\program files (x86)\ea games\mohaa\moh_breakthrough.exe
FirewallRules: [TCP Query User{4E7F5EB1-738B-4EED-938A-1B9B50129FDF}C:\program files (x86)\ea games\mohaa\moh_breakthrough.exe] => (Allow) C:\program files (x86)\ea games\mohaa\moh_breakthrough.exe
FirewallRules: [UDP Query User{2A06D5A6-3A4F-4D03-89D8-FDA6EC62F59B}C:\program files\ea games\mohaa\moh_breakthrough_server.exe] => (Allow) C:\program files\ea games\mohaa\moh_breakthrough_server.exe
FirewallRules: [TCP Query User{44C5178E-F9D9-4B2E-B117-0843D5575B09}C:\program files\ea games\mohaa\moh_breakthrough_server.exe] => (Allow) C:\program files\ea games\mohaa\moh_breakthrough_server.exe
FirewallRules: [UDP Query User{F18298C6-4F16-41D1-9442-3E9DFFC9FD89}C:\program files (x86)\ea games\mohaa\mohaa_server.exe] => (Block) C:\program files (x86)\ea games\mohaa\mohaa_server.exe
FirewallRules: [TCP Query User{857A6BCC-3E03-48AE-9C28-A6B70EF673E7}C:\program files (x86)\ea games\mohaa\mohaa_server.exe] => (Block) C:\program files (x86)\ea games\mohaa\mohaa_server.exe
FirewallRules: [UDP Query User{A2E7B599-988C-494F-804B-5B8C8A3D9FBB}C:\program files (x86)\ea games\mohaa\moh_breakthrough_server.exe] => (Allow) C:\program files (x86)\ea games\mohaa\moh_breakthrough_server.exe
FirewallRules: [TCP Query User{678829C0-B805-460B-BFAB-AE7A57B74EEE}C:\program files (x86)\ea games\mohaa\moh_breakthrough_server.exe] => (Allow) C:\program files (x86)\ea games\mohaa\moh_breakthrough_server.exe
FirewallRules: [{DBF47EAC-BBC3-4AF1-A655-E6AC861DE33B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AC3D0F80-5F78-417A-8698-E67817DA407B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7E8E03B3-4B44-4A8E-8AB8-33937732209A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C6E61AB2-E19B-44C9-8767-9DF55B88967C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A8FF7E27-7E47-45C0-B194-CE5881818EFA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{05CB3345-90F8-4B28-BF1C-34F10AEF55C8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{364514E9-B94D-486C-B4E6-B56F3C51AC45}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{89B2065B-B6FC-41C3-926A-F81C3E2A1B95}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F91E7464-43E0-45D1-B5A8-F27AD68DB0BA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{67DF761E-7FE5-4DDB-BDB3-DDC417D5CBAD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A32344BA-06A5-4DC4-B6BF-7AD80EF409AE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1D8C4841-9349-4541-AF4C-1DAC5ED48F5F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
28-01-2018 11:29:05 Windows Update
06-02-2018 09:39:05 Scheduled Checkpoint
12-02-2018 05:13:33 Windows Modules Installer
19-02-2018 13:37:05 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/19/2018 04:59:12 PM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
 
Error: (02/19/2018 04:59:12 PM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
 
Error: (02/19/2018 04:51:51 PM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
 
Error: (02/19/2018 04:51:51 PM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
 
Error: (02/19/2018 04:46:15 PM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
 
Error: (02/19/2018 04:46:15 PM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
 
Error: (02/19/2018 04:41:52 PM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
 
Error: (02/19/2018 04:41:52 PM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected
 
 
System errors:
=============
Error: (02/13/2018 03:38:06 PM) (Source: DCOM) (EventID: 10016) (User: PMILLER)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user PMiller\P. Miller SID (S-1-5-21-1197745190-727455461-723387890-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (02/12/2018 01:18:44 PM) (Source: DCOM) (EventID: 10016) (User: PMILLER)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user PMiller\P. Miller SID (S-1-5-21-1197745190-727455461-723387890-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (02/12/2018 01:16:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (02/12/2018 01:16:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (02/12/2018 01:16:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (02/12/2018 01:16:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/28/2018 11:56:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (01/28/2018 11:56:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
CodeIntegrity:
===================================
 
Date: 2018-02-19 17:02:00.435
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
Date: 2018-02-19 17:02:00.434
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
Date: 2018-02-19 17:02:00.278
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
Date: 2018-02-19 17:02:00.273
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
Date: 2018-02-19 16:47:34.267
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
Date: 2018-02-19 16:47:34.266
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
Date: 2018-02-19 16:46:22.649
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
Date: 2018-02-19 16:46:22.648
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Duo CPU E7200 @ 2.53GHz
Percentage of memory in use: 78%
Total physical RAM: 4094.49 MB
Available physical RAM: 879.86 MB
Total Virtual: 10315.51 MB
Available Virtual: 2716.23 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:464.93 GB) (Free:359.1 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (MOHAAB) (CDROM) (Total:0.67 GB) (Free:0 GB) CDFS
 
\\?\Volume{19697ee1-0000-0000-0000-603b74000000}\ () (Fixed) (Total:0.83 GB) (Free:0.46 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 19697EE1)
Partition 1: (Active) - (Size=464.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=851 MB) - (Type=27)
 
==================== End of Addition.txt ============================
 


BC AdBot (Login to Remove)

 


m

#2 withavision

withavision
  • Topic Starter

  • Members
  • 86 posts
  • ONLINE
  •  
  • Local time:06:53 PM

Posted Yesterday, 11:25 AM

forgot to attached the chrome warning about suspicious email activity... here it is...thanks

 

Attached Files



#3 withavision

withavision
  • Topic Starter

  • Members
  • 86 posts
  • ONLINE
  •  
  • Local time:06:53 PM

Posted Today, 05:10 PM

Hello... any info here?

 

do i have anything to worry about?

 

thank you






2 user(s) are reading this topic

1 members, 1 guests, 0 anonymous users


    withavision