Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 won't boot (not even in safe mode)


  • This topic is locked This topic is locked
3 replies to this topic

#1 JimBrody

JimBrody

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:58 AM

Posted 02 May 2018 - 04:20 PM

Hi all,

 

I am dealing with an issue where Windows 7 won't boot, not even in safe mode. My FRST report is pasted below. Any advice would be much appreciated!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.04.2018
Ran by SYSTEM on MININT-G1NIT60 (02-05-2018 16:49:11)
Running from g:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11772520 2011-01-04] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2538280 2010-12-22] (Synaptics Incorporated)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9769888 2011-09-16] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-09-16] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-09-16] (Lenovo)
HKLM\...\Run: [DLBUCATS] => rundll32 C:\windows\system32\spool\DRIVERS\x64\3\DLBUtime.dll,RunDLLEntry******************************************************************************************************************************* (the data entry has 59 more characters).
HKLM\...\Run: [dlbumon.exe] => C:\Program Files (x86)\Dell Photo AIO Printer 942\dlbumon.exe [431600 2007-02-28] (Lexmark International, Inc.)
HKLM\...\Run: [MemoryCardManager] => C:\Program Files (x86)\Dell Photo AIO Printer 942\memcard.exe [304624 2007-02-28] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-04-17] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-04-08] (Apple Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-11-05] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202096 2010-11-05] (Egis Technology Inc.)
HKLM-x32\...\Run: [PLTSR] => C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe [364400 2010-10-22] (Egis Technology Inc. )
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] => "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2018-03-16] (Apple Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3642688 2018-04-23] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM-x32\...\RunOnce: [SBrowserCheck] => C:\ProgramData\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe [4788840 2018-04-04] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\Ryan\...\Run: [Google Update] => C:\Users\Ryan\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-16] (Google Inc.)
HKU\Ryan\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\Ryan\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10290608 2018-02-07] (Piriform Ltd)
HKU\Ryan\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-03-18] (Apple Inc.)
HKU\Ryan\...\Run: [GoogleChromeAutoLaunch_530306471311B0DB2757A99884EC74AF] => C:\Users\Ryan\AppData\Local\Google\Chrome\Application\chrome.exe [1589592 2018-03-19] (Google Inc.)
HKU\Ryan\...\Run: [Spotify Web Helper] => C:\Users\Ryan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-04-22] (Spotify Ltd)
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-03-29] (Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7603408 2018-04-17] (AVAST Software)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [313640 2018-04-17] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-12] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-12] (Dropbox, Inc.)
S2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-04-23] (Dropbox, Inc.)
S2 dlbu_device; C:\windows\system32\dlbucoms.exe [567280 2007-02-28] ( )
S2 dlbu_device; C:\windows\SysWOW64\dlbucoms.exe [538096 2007-02-28] ( )
S2 EgisTec Service Help; C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe [327024 2010-10-22] (Egis Technology Inc. )
S2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604312 2017-10-16] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.717\McCHSvc.exe [405392 2018-03-26] (McAfee, Inc.)
S2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196640 2018-04-17] (AVAST Software)
S1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-03-13] (AVAST Software)
S0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-03-13] (AVAST Software)
S0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-03-13] (AVAST Software)
S0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-03-13] (AVAST Software)
S1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [227784 2018-04-17] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-04-17] (AVAST Software)
S1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-08-31] (AVAST Software)
S2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [147224 2018-04-17] (AVAST Software)
S1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111352 2018-04-17] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84368 2018-04-17] (AVAST Software)
S1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026696 2018-04-17] (AVAST Software)
S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-04-17] (AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-04-17] (AVAST Software)
S0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380528 2018-04-17] (AVAST Software)
S3 BEHRINGER_2902; C:\Windows\System32\Drivers\BUSB2902.sys [460864 2009-10-30] (BEHRINGER)
S3 BEHRINGER_2902; C:\Windows\SysWOW64\Drivers\BUSB2902.sys [352256 2009-01-03] (BEHRINGER)
S3 BUSB_AUDIO_WDM; C:\Windows\System32\drivers\busbwdm.sys [49728 2009-10-30] (BEHRINGER)
S3 BUSB_AUDIO_WDM; C:\Windows\SysWOW64\drivers\busbwdm.sys [33792 2009-01-03] (BEHRINGER)
S2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2014-08-22] (Highresolution Enterprises [www.highrez.co.uk])
S1 jnprns; C:\Windows\System32\DRIVERS\jnprns.sys [507192 2014-08-20] (Juniper Networks)
S4 jnprTdi_807_50111; C:\windows\system32\Drivers\jnprTdi_807_50111.sys [108344 2014-10-06] (Juniper Networks, Inc.)
S3 jnprva; C:\Windows\System32\DRIVERS\jnprva.sys [30072 2013-10-12] (Juniper Networks, Inc.)
S3 JnprVaMgr; C:\Windows\System32\DRIVERS\jnprvamgr.sys [45352 2013-10-12] (Juniper Networks, Inc.)
S3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
S3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228224 2010-10-21] (Vimicro Corporation)
S3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-10-15] (Cisco Systems, Inc.)
S1 aswbdisk; no ImagePath
S3 BcmSqlStartupSvc; no ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 CLKMSVC10_3A60B698; no ImagePath
S2 CLKMSVC10_C3B3B687; no ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]
S2 DriverService; no ImagePath
S2 IAStorDataMgrSvc; no ImagePath
S2 iATAgentService; no ImagePath
S2 idealife Update Service; no ImagePath
S3 IGRS; no ImagePath
S2 IviRegMgr; no ImagePath
S3 JNPRNA; system32\DRIVERS\jnprna6.sys [X]
S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
S2 nvUpdatusService; no ImagePath
S2 Oasis2Service; no ImagePath
S2 PCCarerService; no ImagePath
S2 ReadyComm.DirectRouter; no ImagePath
S2 RichVideo; no ImagePath
S2 RtLedService; no ImagePath
S2 SeaPort; no ImagePath
S2 SoftwareService; no ImagePath
S3 SQLWriter; no ImagePath
S2 Stereo Service; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-05-02 16:49 - 2018-05-02 16:49 - 000000000 ____D C:\FRST
2018-04-30 00:26 - 2018-04-30 00:26 - 000000000 ____N C:\cd
2018-04-29 17:24 - 2018-04-30 16:16 - 000730952 _____ C:\Windows\ntbtlog.txt
2018-04-29 17:09 - 2018-05-01 19:48 - 412794525 _____ C:\Windows\MEMORY.DMP
2018-04-29 16:11 - 2018-04-29 16:11 - 000000000 __SHD C:\found.001
2018-04-27 18:31 - 2018-04-27 18:31 - 000001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-04-27 18:30 - 2018-04-27 18:30 - 000000000 ____D C:\Program Files\iPod
2018-04-27 18:28 - 2018-04-27 18:30 - 000000000 ____D C:\Program Files\iTunes
2018-04-23 17:44 - 2018-04-23 17:47 - 212937271 _____ C:\Users\Ryan\Downloads\subject01.zip
2018-04-23 02:15 - 2018-04-23 02:15 - 000051024 _____ (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
2018-04-23 02:15 - 2018-04-23 02:15 - 000045672 _____ (Dropbox, Inc.) C:\Windows\System32\Drivers\dbx-dev.sys
2018-04-23 02:15 - 2018-04-23 02:15 - 000045672 _____ (Dropbox, Inc.) C:\Windows\System32\Drivers\dbx-canary.sys
2018-04-23 02:15 - 2018-04-23 02:15 - 000045640 _____ (Dropbox, Inc.) C:\Windows\System32\Drivers\dbx-stable.sys
2018-04-21 04:24 - 2018-04-21 04:25 - 001517742 _____ C:\Users\Ryan\Downloads\115464_0_merged_1524069274.pdf
2018-04-17 16:30 - 2018-03-23 10:50 - 000396952 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2018-04-17 16:30 - 2018-03-23 09:59 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-04-17 16:30 - 2018-03-22 13:32 - 000004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2018-04-17 16:30 - 2018-03-22 13:26 - 020287488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-04-17 16:30 - 2018-03-22 13:17 - 000048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2018-04-17 16:30 - 2018-03-22 13:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2018-04-17 16:30 - 2018-03-22 13:06 - 000116224 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2018-04-17 16:30 - 2018-03-22 12:58 - 000969216 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2018-04-17 16:30 - 2018-03-22 12:52 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-04-17 16:30 - 2018-03-22 12:52 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-04-17 16:30 - 2018-03-22 12:50 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-04-17 16:30 - 2018-03-22 12:49 - 000077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2018-04-17 16:30 - 2018-03-22 12:48 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-04-17 16:30 - 2018-03-22 12:48 - 000107520 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2018-04-17 16:30 - 2018-03-22 12:45 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-04-17 16:30 - 2018-03-22 12:45 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-04-17 16:30 - 2018-03-22 12:43 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-04-17 16:30 - 2018-03-22 12:42 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-04-17 16:30 - 2018-03-22 12:42 - 000315392 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2018-04-17 16:30 - 2018-03-22 12:42 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-04-17 16:30 - 2018-03-22 12:41 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-04-17 16:30 - 2018-03-22 12:40 - 000152064 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2018-04-17 16:30 - 2018-03-22 12:33 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-04-17 16:30 - 2018-03-22 12:29 - 000809472 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2018-04-17 16:30 - 2018-03-22 12:29 - 000728064 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2018-04-17 16:30 - 2018-03-22 12:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-04-17 16:30 - 2018-03-22 12:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-04-17 16:30 - 2018-03-22 12:28 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-04-17 16:30 - 2018-03-22 12:25 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-04-17 16:30 - 2018-03-22 12:24 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-04-17 16:30 - 2018-03-22 12:22 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-04-17 16:30 - 2018-03-22 12:15 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-04-17 16:30 - 2018-03-22 12:14 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-04-17 16:30 - 2018-03-22 12:04 - 001545728 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2018-04-17 16:30 - 2018-03-22 11:52 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-04-17 16:30 - 2018-03-22 11:51 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-04-17 16:29 - 2018-03-30 18:09 - 005583040 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2018-04-17 16:29 - 2018-03-30 18:09 - 000708288 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi
2018-04-17 16:29 - 2018-03-30 18:09 - 000262336 _____ (Microsoft Corporation) C:\Windows\System32\hal.dll
2018-04-17 16:29 - 2018-03-30 18:09 - 000154816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2018-04-17 16:29 - 2018-03-30 18:09 - 000095424 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2018-04-17 16:29 - 2018-03-30 17:45 - 000631640 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2018-04-17 16:29 - 2018-03-30 17:39 - 004046528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-04-17 16:29 - 2018-03-30 17:39 - 003958464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-04-17 16:29 - 2018-03-30 17:38 - 001665336 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 001461248 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 001212928 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 001163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000880640 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000731648 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000690688 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000463872 _____ (Microsoft Corporation) C:\Windows\System32\certcli.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000419840 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000361984 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000345600 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000316928 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000312320 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000215552 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000210432 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000190464 _____ (Microsoft Corporation) C:\Windows\System32\rpchttp.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000135680 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000123904 _____ (Microsoft Corporation) C:\Windows\System32\bcrypt.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000094720 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000063488 _____ (Microsoft Corporation) C:\Windows\System32\setbcdlocale.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000059904 _____ (Microsoft Corporation) C:\Windows\System32\appidapi.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000050176 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000044032 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000043520 _____ (Microsoft Corporation) C:\Windows\System32\cryptbase.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000034816 _____ (Microsoft Corporation) C:\Windows\System32\appidsvc.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000028672 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000007168 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:12 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 17:06 - 000148480 _____ (Microsoft Corporation) C:\Windows\System32\appidpolicyconverter.exe
2018-04-17 16:29 - 2018-03-30 17:06 - 000064512 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2018-04-17 16:29 - 2018-03-30 17:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2018-04-17 16:29 - 2018-03-30 17:06 - 000017920 _____ (Microsoft Corporation) C:\Windows\System32\appidcertstorecheck.exe
2018-04-17 16:29 - 2018-03-30 17:03 - 000338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2018-04-17 16:29 - 2018-03-30 17:02 - 000296960 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2018-04-17 16:29 - 2018-03-30 17:02 - 000129536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\videoprt.sys
2018-04-17 16:29 - 2018-03-30 16:59 - 000160256 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2018-04-17 16:29 - 2018-03-30 16:58 - 000291328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2018-04-17 16:29 - 2018-03-30 16:58 - 000129536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2018-04-17 16:29 - 2018-03-30 16:58 - 000112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2018-04-17 16:29 - 2018-03-30 16:58 - 000030720 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2018-04-17 16:29 - 2018-03-30 16:51 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-04-17 16:29 - 2018-03-30 16:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-04-17 16:29 - 2018-03-30 16:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-04-17 16:29 - 2018-03-30 16:47 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-04-17 16:29 - 2018-03-30 16:47 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-04-17 16:29 - 2018-03-30 16:47 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 16:47 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 16:47 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 16:47 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-04-17 16:29 - 2018-03-30 16:47 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-04-17 16:29 - 2018-03-27 23:30 - 003225600 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2018-04-17 16:29 - 2018-03-22 15:00 - 025742336 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2018-04-17 16:29 - 2018-03-22 13:32 - 002724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2018-04-17 16:29 - 2018-03-22 13:19 - 002901504 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2018-04-17 16:29 - 2018-03-22 13:18 - 000066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2018-04-17 16:29 - 2018-03-22 13:17 - 000578048 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2018-04-17 16:29 - 2018-03-22 13:17 - 000417280 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2018-04-17 16:29 - 2018-03-22 13:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2018-04-17 16:29 - 2018-03-22 13:15 - 005780480 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2018-04-17 16:29 - 2018-03-22 13:10 - 000054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2018-04-17 16:29 - 2018-03-22 13:07 - 000615936 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2018-04-17 16:29 - 2018-03-22 13:06 - 000794112 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2018-04-17 16:29 - 2018-03-22 13:06 - 000144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2018-04-17 16:29 - 2018-03-22 13:05 - 000814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2018-04-17 16:29 - 2018-03-22 13:04 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-04-17 16:29 - 2018-03-22 12:55 - 000489984 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2018-04-17 16:29 - 2018-03-22 12:51 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-04-17 16:29 - 2018-03-22 12:51 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-04-17 16:29 - 2018-03-22 12:48 - 000087552 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2018-04-17 16:29 - 2018-03-22 12:45 - 000199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2018-04-17 16:29 - 2018-03-22 12:44 - 000092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2018-04-17 16:29 - 2018-03-22 12:31 - 000262144 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2018-04-17 16:29 - 2018-03-22 12:29 - 015282688 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2018-04-17 16:29 - 2018-03-22 12:27 - 002135552 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2018-04-17 16:29 - 2018-03-22 12:27 - 001359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2018-04-17 16:29 - 2018-03-22 12:25 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-04-17 16:29 - 2018-03-22 12:21 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-04-17 16:29 - 2018-03-22 12:20 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-04-17 16:29 - 2018-03-22 12:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-04-17 16:29 - 2018-03-22 12:15 - 003241472 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2018-04-17 16:29 - 2018-03-22 12:14 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-04-17 16:29 - 2018-03-22 11:55 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-04-17 16:29 - 2018-03-22 11:53 - 000800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2018-04-17 16:29 - 2018-03-10 09:11 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-04-17 16:29 - 2018-03-09 10:18 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-04-17 16:29 - 2018-03-09 10:12 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2018-04-17 16:29 - 2018-03-09 10:12 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-04-17 16:29 - 2018-03-09 10:12 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-04-17 16:29 - 2018-03-09 10:12 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-04-17 16:29 - 2018-03-09 10:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-04-17 16:29 - 2018-03-09 10:07 - 000152064 _____ (Microsoft Corporation) C:\Windows\System32\t2embed.dll
2018-04-17 16:29 - 2018-03-09 10:07 - 000100864 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2018-04-17 16:29 - 2018-03-09 10:07 - 000041472 _____ (Microsoft Corporation) C:\Windows\System32\lpk.dll
2018-04-17 16:29 - 2018-03-09 10:06 - 000046080 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2018-04-17 16:29 - 2018-03-09 10:06 - 000014336 _____ (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2018-04-17 16:29 - 2018-03-09 09:31 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-04-17 16:29 - 2018-03-06 10:13 - 000148160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-04-17 16:29 - 2018-03-06 10:11 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-04-17 16:29 - 2018-03-06 10:11 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2018-04-17 16:29 - 2018-03-06 10:10 - 000170176 _____ (Microsoft Corporation) C:\Windows\System32\basecsp.dll
2018-04-17 16:29 - 2018-03-06 10:07 - 000229376 _____ (Microsoft Corporation) C:\Windows\System32\scksp.dll
2018-04-17 16:29 - 2018-03-06 10:07 - 000067072 _____ (Microsoft Corporation) C:\Windows\System32\wsnmp32.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\System32\ucrtbase.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000063832 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-private-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000020824 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-math-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000019800 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-string-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-stdio-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000016216 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-runtime-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-convert-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-time-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-2-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-process-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-heap-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-conio-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-utility-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-locale-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-crt-environment-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-2-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-1.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l2-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-timezone-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l2-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-2-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000922944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000066392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000019800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000017752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000017752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000016216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000014168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000014168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000012632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000012632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000012632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-04-17 16:29 - 2018-01-25 06:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-04-17 16:22 - 2018-03-14 09:14 - 000135360 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2018-04-17 16:22 - 2018-03-14 09:09 - 000656384 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2018-04-17 16:22 - 2018-03-14 05:05 - 001993728 _____ (Microsoft Corporation) C:\Windows\System32\aitstatic.exe
2018-04-17 16:22 - 2018-03-14 05:05 - 001559552 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2018-04-17 16:22 - 2018-03-14 05:05 - 000739840 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2018-04-17 16:22 - 2018-03-14 05:05 - 000599552 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2018-04-17 16:22 - 2018-03-14 05:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\System32\centel.dll
2018-04-17 16:22 - 2018-03-14 05:05 - 000414720 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2018-04-17 16:22 - 2018-03-14 05:05 - 000291840 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2018-04-17 16:22 - 2018-03-14 05:05 - 000237056 _____ (Microsoft Corporation) C:\Windows\System32\aepic.dll
2018-04-17 14:14 - 2018-04-17 14:13 - 000376536 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
2018-04-05 12:14 - 2018-04-05 12:14 - 000000000 ____D C:\Windows\System32\Tasks\Apple
2018-04-05 12:14 - 2018-04-05 12:14 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-04-05 12:03 - 2018-04-05 12:03 - 000584560 _____ C:\Users\Ryan\Documents\PMRresearchhelp.pptx
2018-04-05 10:43 - 2018-04-05 10:43 - 000329977 _____ C:\Users\Ryan\Downloads\PMR_Research_Help.pdf
2018-04-03 13:53 - 2018-04-03 13:53 - 000017036 _____ C:\Users\Ryan\Downloads\691-01170-1-6_2018_Jan_21_FF.pdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-05-01 19:48 - 2011-09-16 07:51 - 000171390 _____ C:\Windows\System32\fastboot.set
2018-04-29 05:45 - 2014-03-30 18:57 - 000000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-187235433-2376178177-1320971933-1001UA1cf4c8d4e07c7f.job
2018-04-29 05:30 - 2016-01-12 17:06 - 000000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-04-29 05:26 - 2014-10-22 14:40 - 000000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-187235433-2376178177-1320971933-1001UA1cfee4934f1abd9.job
2018-04-29 05:19 - 2011-09-16 07:47 - 000000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2018-04-29 04:25 - 2009-07-13 21:13 - 000805012 _____ C:\Windows\System32\PerfStringBackup.INI
2018-04-29 04:25 - 2009-07-13 19:20 - 000000000 ____D C:\Windows\inf
2018-04-29 04:22 - 2009-07-13 20:45 - 000028928 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-04-29 04:22 - 2009-07-13 20:45 - 000028928 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-04-26 15:08 - 2017-08-30 14:23 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-04-25 17:21 - 2011-11-11 12:08 - 000000000 ____D C:\Users\Ryan\AppData\Local\Spotify
2018-04-25 17:20 - 2011-11-11 12:08 - 000000000 ____D C:\Users\Ryan\AppData\Roaming\Spotify
2018-04-25 16:55 - 2017-07-14 04:33 - 000003416 _____ C:\Windows\System32\Tasks\Apple Diagnostics
2018-04-24 16:36 - 2016-01-12 17:06 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-04-23 18:04 - 2016-04-04 16:09 - 000000000 _____ C:\Users\Ryan\.jline-jython.history
2018-04-23 18:04 - 2016-04-04 15:50 - 000000000 ____D C:\OpenSim 3.3
2018-04-23 17:09 - 2018-01-18 06:27 - 000000000 ____D C:\Users\Ryan\Desktop\Simulation data
2018-04-23 14:45 - 2014-05-08 13:49 - 000000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-187235433-2376178177-1320971933-1001Core1cf6b07640be4a1.job
2018-04-23 14:30 - 2016-01-12 17:06 - 000000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-04-22 11:49 - 2013-07-17 06:23 - 000000000 ____D C:\Program Files (x86)\Java
2018-04-22 11:45 - 2015-07-15 03:17 - 000098760 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-04-22 11:01 - 2009-07-13 21:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-22 11:00 - 2009-07-13 20:45 - 000412424 _____ C:\Windows\System32\FNTCACHE.DAT
2018-04-22 10:50 - 2014-12-11 14:42 - 000000000 ____D C:\Windows\System32\appraiser
2018-04-19 17:47 - 2013-07-19 04:39 - 000000000 ____D C:\Windows\System32\MRT
2018-04-19 13:58 - 2017-10-12 14:22 - 136971704 ____C (Microsoft Corporation) C:\Windows\System32\MRT-KB890830.exe
2018-04-19 13:58 - 2011-11-12 03:36 - 136971704 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe
2018-04-18 18:09 - 2016-01-12 17:09 - 000000000 ___RD C:\Users\Ryan\Dropbox (Personal)
2018-04-17 16:31 - 2012-04-12 05:12 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-04-17 16:30 - 2017-04-09 12:01 - 000004470 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-04-17 16:30 - 2012-04-12 05:12 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-04-17 16:30 - 2012-02-26 14:11 - 000000000 ____D C:\Windows\System32\Macromed
2018-04-17 16:30 - 2011-11-22 13:22 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-04-17 16:29 - 2011-09-16 07:37 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-04-17 14:33 - 2018-03-14 13:59 - 000004458 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-04-17 14:18 - 2017-03-17 17:46 - 000147224 _____ (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2018-04-17 14:18 - 2017-03-17 17:46 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-04-17 14:13 - 2017-11-09 15:06 - 000196640 _____ (AVAST Software) C:\Windows\System32\Drivers\aswArPot.sys
2018-04-17 14:13 - 2017-03-17 17:46 - 000460520 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2018-04-17 14:13 - 2017-03-17 17:46 - 000380528 _____ (AVAST Software) C:\Windows\System32\Drivers\aswVmm.sys
2018-04-17 14:13 - 2017-03-17 17:46 - 000205976 _____ (AVAST Software) C:\Windows\System32\Drivers\aswStm.sys
2018-04-17 14:13 - 2017-03-17 17:46 - 000111352 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2018-04-17 14:13 - 2017-03-17 17:46 - 000084368 _____ (AVAST Software) C:\Windows\System32\Drivers\aswRvrt.sys
2018-04-17 14:13 - 2017-03-17 17:46 - 000046968 _____ (AVAST Software) C:\Windows\System32\Drivers\aswHwid.sys
2018-04-17 14:10 - 2017-03-17 17:46 - 001026696 _____ (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2018-04-17 14:09 - 2017-12-21 10:36 - 000227784 _____ (AVAST Software) C:\Windows\System32\Drivers\aswHdsKe.sys
2018-04-05 10:02 - 2012-05-20 10:18 - 000000000 ____D C:\Users\Ryan\AppData\Roaming\Skype
2018-04-05 09:33 - 2018-01-03 18:33 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
 
Some files in TEMP:
====================
2018-03-23 11:30 - 2018-03-20 13:27 - 000060080 _____ (Zoom Video Communications, Inc.) C:\Users\Ryan\AppData\Local\Temp\CptInstall.exe
2018-03-23 11:30 - 2018-03-20 13:27 - 000171696 _____ (Zoom Video Communications, Inc.) C:\Users\Ryan\AppData\Local\Temp\CptShare.dll
2018-01-18 06:35 - 2018-04-23 18:04 - 000048128 ____N () C:\Users\Ryan\AppData\Local\Temp\jline_.dll
2018-04-22 11:44 - 2018-04-22 11:44 - 001884616 _____ (Oracle Corporation) C:\Users\Ryan\AppData\Local\Temp\jre-8u171-windows-au.exe
2018-04-23 14:51 - 2018-04-23 14:51 - 004299968 _____ (Don HO don.h@free.fr) C:\Users\Ryan\AppData\Local\Temp\npp.7.5.6.Installer.exe
2018-03-23 11:30 - 2018-03-20 13:27 - 000089264 _____ () C:\Users\Ryan\AppData\Local\Temp\zCrashReport.dll
 
==================== Known DLLs (Whitelisted) =========================
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe
[2018-01-08 17:09] - [2017-12-31 17:50] - 000455680 _____ (Microsoft Corporation) 11D6A262B617130F7C16E308C12E0D41
 
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2018-01-08 17:09] - [2017-12-31 18:18] - 000512000 _____ (Microsoft Corporation) BA6C9EE518A11DA4AD061B223EBED3D3
 
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== Association (Whitelisted) =============
 
 
==================== Restore Points  =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 17%
Total physical RAM: 4010.14 MB
Available physical RAM: 3310.2 MB
Total Virtual: 4008.34 MB
Available Virtual: 3301.39 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:254.14 GB) (Free:81.13 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.78 GB) NTFS
Drive g: () (Removable) (Total:0.96 GB) (Free:0.95 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: () (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS ==>[system with boot components (obtained from drive)]
 
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: DF63B5BD)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=254.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
 
========================================================
Disk: 1 (Size: 983 MB) (Disk ID: 3B5DDE86)
Partition 1: (Active) - (Size=983 MB) - (Type=0C)
 
LastRegBack: 2018-03-21 15:12
 
==================== End of FRST.txt ============================

Edited by britechguy, 03 May 2018 - 06:34 PM.
Moved from BSOD forum


BC AdBot (Login to Remove)

 


#2 polskamachina

polskamachina

  • Malware Response Team
  • 4,071 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:58 AM

Posted 05 May 2018 - 12:10 AM

Hi JimBrody :)

My name is polskamachina and I would like to :welcome: you to the Malware Removal Forum. I will be helping you with your malware issues.

What follows below are some ground rules for this forum.
 
I will reply as soon as possible (typically within 24-48 hours). In turn, I ask that you please respond within 72 hours. If you know you will be away longer than that, please let me know. I am in California at GMT-7 hours (Pacific Standard Time). If I do not respond to you within 48 hours, feel free to send me a private message.

Some points for you to keep in mind:

  • Do NOT run any tools unless instructed to do so.
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine. Running any additional tools may detect false positives, interfere with our tools, cause unforeseen damage, or system instability.
  • Do not attach logs or use code boxes, just copy and paste the text into your replies to me.
  • I cannot see your computer. Periodically update me on the condition of your computer, and provide as much detail as you can in every post.
  • Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end.
  • NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a flash drive, anywhere except on the computer.
  • NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. Please remember to copy the entire post so you do not miss any instructions.

Let's begin. Please answer the following:

  • When was the last time your computer booted successfully?
  • Do you get a BSOD? If so, what is the reported error and/or message?
  • After you power on your computer, do you see anything resembling a normal boot before things go awry? For example, do you see the screen that says Windows is loading?

Let me know if you have any questions.
 
polskamachina



#3 polskamachina

polskamachina

  • Malware Response Team
  • 4,071 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:58 AM

Posted 08 May 2018 - 12:31 AM

Hi JimBrody :)

 

It's been a while since you've checked in. Did you need any more help with this? If not, this topic will be closed in 48 hours.
 
Please let me know if you have any questions.
 
polskamachina



#4 polskamachina

polskamachina

  • Malware Response Team
  • 4,071 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:58 AM

Posted 10 May 2018 - 02:50 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users