Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

combofix results analysis


  • This topic is locked This topic is locked
5 replies to this topic

#1 iagargurevich18

iagargurevich18

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 24 June 2018 - 12:01 AM

I have ran combofix software on my PC to find leftover malware etc....

I need some help in analyzing the results if additional removal needs to be performed.

 

My PC is Alienware Aurora R3 win 7 64 bit.

 

Is there any results on the file to be considered as malware or infection

 

I seem to have numerous locked Keys ???

 

Ivan_gargurevich @yahoo.com

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,541 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:23 AM

Posted 24 June 2018 - 08:32 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===

Please post the logs for my review.

Let me know why you have executed ComboFix.

Wait for further instructions.

#3 iagargurevich18

iagargurevich18
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 24 June 2018 - 01:22 PM

Thank you so much for your assistant of course. Your advice is most welcomed.

 

Alienware Aurora R3 win 7 Home Premium 64 bit.

 

 

I have executed combofix because I seemed to be having recurring problems with internet explorer 11 performance and also sometimes upon reboot a long lasting black screen.

 

FFRST Note Pad Text Copy (run on 06 24 2018):

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by ivan (administrator) on ENGINEERING (24-06-2018 11:07:08)
Running from C:\Users\ivan\Desktop
Loaded Profiles: ivan (Available Profiles: ivan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Alienware) C:\Program Files\Alienware\Command Center\ThermalController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1175\DSAPI.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1175\pcdrwi.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(IPVanish) C:\Program Files\IPVanish VPN\IPVanish.VpnClient.exe
(The OpenVPN Project) C:\Program Files\IPVanish VPN\OpenVPN\ipvanish.openvpn.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS\System32\MsSpellCheckingFacility.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13776088 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3784400 2018-06-08] (Malwarebytes)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [12656 2012-06-18] (Alienware)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-10] (Creative Technology Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-21-4183597289-645686457-369926866-1000\...\Policies\system: [DisableLockWorkstation] 0
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL: EldosMountNotificator-cbfs6 - {F213F255-CF0A-44BE-829E-78EDF70FAC1A} - C:\Windows\system32\cbfsMntNtf6.dll (/n software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {F213F255-CF0A-44BE-829E-78EDF70FAC1A} - C:\Windows\SysWOW64\cbfsMntNtf6.dll (/n software, Inc.)
GroupPolicy: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 198.18.0.1 198.18.0.2
Tcpip\..\Interfaces\{34629004-74FB-499D-864B-39279E66DCC6}: [DhcpNameServer] 198.18.0.1 198.18.0.2
Tcpip\..\Interfaces\{3CEBA230-997F-48B2-9284-1F9A1F7B7214}: [NameServer] 156.154.70.1,156.154.71.22
Tcpip\..\Interfaces\{3CEBA230-997F-48B2-9284-1F9A1F7B7214}: [DhcpNameServer] 209.18.47.61 209.18.47.62 209.18.47.63

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4183597289-645686457-369926866-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4183597289-645686457-369926866-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4183597289-645686457-369926866-1000 -> {FFA20B43-571C-494F-B827-B627EB505D60} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-06-11] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-06-11] (Oracle Corporation)
DPF: HKLM {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {3CBA13C3-58C7-47F1-9758-D4B255A50D51} hxxp://www.engin.umich.edu/~cre/fogler&gurmen/html/search/ses_ocx/sessearch.ocx
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1529369567015
DPF: HKLM-x32 {682C59F5-478C-4421-9070-AD170D143B77} hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-06-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-06-11] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.4.1.5521329\npmathplugin.dll [2016-04-24] (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-10] (Adobe Systems Inc.)
StartMenuInternet: firefox.exe - firefox.exe

Chrome:
=======
CHR RestoreOnStartup: Default -> "hxxps:\/\/search.yahoo.com\/?fr=vmn&type=auslog_ya_hp"
CHR Profile: C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default [2018-06-23]
CHR Extension: (Slides) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-08]
CHR Extension: (Docs) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-08]
CHR Extension: (Google Drive) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-27]
CHR Extension: (YouTube) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-27]
CHR Extension: (Google Search) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-27]
CHR Extension: (Sheets) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-08]
CHR Extension: (Google Docs Offline) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-21]
CHR Extension: (Gmail) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-27]
CHR Extension: (Chrome Media Router) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2018-02-11] (SUPERAntiSpyware.com)
S4 ADVService; C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe [23040 2015-02-22] (Amazon.com) [File not signed]
S3 Apache2.2; C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [20549 2013-07-10] (Apache Software Foundation) [File not signed]
S2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2018-02-10] (Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3346320 2018-02-10] (Dell Inc.)
S2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2018-02-10] (Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1175\DSAPI.exe [935232 2018-06-15] (PC-Doctor, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-08-29] (Disc Soft Ltd)
S3 DMDefragService; C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe [1147040 2012-08-24] (PC Tools)
S3 DMRepairService; C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe [1134240 2012-08-24] (PC Tools)
S3 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [9872688 2018-06-16] (EnigmaSoft Limited)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2018-04-17] (Foxit Software Inc.)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-16] (NVIDIA Corporation)
S4 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [4367824 2018-01-18] (SecureMix LLC)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 msftesql$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe [91992 2010-03-26] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S4 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQLSERVER; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-16] (NVIDIA Corporation)
S4 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-16] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-16] (NVIDIA Corporation)
S4 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-24] (PC Tools)
S4 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe [135056 2012-08-15] (Nuance Communications, Inc.)
S3 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [538416 2018-06-16] (EnigmaSoft Limited)
S4 SophosVirusRemovalTool; C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [163680 2017-06-15] (Sophos Limited)
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-20] (DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [45528 2018-06-05] (Dell Inc.)
S3 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-07-20] (Western Digital Technologies, Inc.)
S3 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-07-20] (Western Digital Technologies, Inc.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-09-29] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S4 avgntflt; C:\Windows\SysWOW64\DRIVERS\avgntflt.sys [171752 2016-08-18] (Avira Operations GmbH & Co. KG)
S4 avipbb; C:\Windows\SysWOW64\DRIVERS\avipbb.sys [145984 2016-08-18] (Avira Operations GmbH & Co. KG)
S4 avkmgr; C:\Windows\SysWOW64\DRIVERS\avkmgr.sys [28600 2016-08-18] (Avira Operations GmbH & Co. KG)
R1 BTOWSFF; C:\Windows\System32\Drivers\BTOWSFF.sys [31576 2018-02-15] (Toolwiz.com)
R0 BTOWSVF; C:\Windows\System32\Drivers\BTOWSVF.sys [50520 2018-02-15] (Toolwiz.com)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352008 2012-11-10] (EldoS Corporation)
R1 cbfs6; C:\Windows\system32\drivers\cbfs6.sys [460992 2016-09-21] (/n software, Inc.)
S3 cpuz137; C:\Program Files\CPUID\PC Wizard 2014\pcwiz_x64.sys [26856 2014-02-17] (CPUID)
S4 ctsvgn; no ImagePath
S3 DbusAudio; C:\Windows\System32\drivers\DbusAudio.sys [34504 2013-12-16] (Windows ® Win 7 DDK provider)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Dell Inc.)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2017-12-14] (Dell Computer Corporation)
S3 DrmCAudio; C:\Windows\System32\drivers\DrmCAudio.sys [34504 2013-12-16] (Windows ® Win 7 DDK provider)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-10-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-10-04] (Disc Soft Ltd)
R1 epp; C:\EEK\bin64\epp.sys [142448 2018-04-27] (Emsisoft Ltd)
R1 gwdrv; C:\Windows\System32\DRIVERS\gwdrv.sys [33248 2015-05-28] (SecureMix LLC)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.)
S4 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-10-17] (REALiX™)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-18] (Intel Corporation)
R0 KSafeDISK; C:\Windows\System32\Drivers\KSafeDISK.sys [51544 2018-02-15] (Toolwiz.com)
S4 kxqcsx; no ImagePath
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [125952 2014-06-16] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-17] (NVIDIA Corporation)
S4 ofvpmj; no ImagePath
S4 pefxbo; no ImagePath
S4 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S4 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S4 rqkdql; no ImagePath
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [24744 2013-10-07] (Audials AG)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [158024 2014-12-02] (MCCI Corporation)
R3 tapipvanish; C:\Windows\System32\DRIVERS\tapipvanish.sys [34520 2016-09-23] (The OpenVPN Project)
S4 tljkva; no ImagePath
S4 uezndl; no ImagePath
S4 uotote; no ImagePath
S3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN60.sys [29472 2010-01-14] (Windows ® Codename Longhorn DDK provider)
R1 vmkbd3; C:\Windows\System32\DRIVERS\vmkbd.sys [52288 2016-09-06] (VMware, Inc.)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [93248 2016-09-02] (VMware, Inc.)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2018-02-18] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2018-02-19] (Zemana Ltd.)
S4 aswVmm; \??\C:\Users\ivan\AppData\Local\Temp\aswVmm.sys [X] <==== ATTENTION
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 cpuz134; \??\C:\Users\ivan\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATTENTION
S4 dbx; system32\DRIVERS\dbx.sys [X]
S4 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [X]
S4 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-24 00:19 - 2018-06-24 00:20 - 000000000 ____D C:\Users\ivan\My Documents\engineering genetic circuits
2018-06-23 21:06 - 2018-06-23 21:06 - 000035537 _____ C:\ComboFix.txt
2018-06-23 20:42 - 2018-06-23 21:06 - 000000000 ____D C:\Qoobox
2018-06-23 20:42 - 2011-06-25 23:45 - 000256000 _____ C:\Windows\PEV.exe
2018-06-23 20:42 - 2010-11-07 10:20 - 000208896 _____ C:\Windows\MBR.exe
2018-06-23 20:42 - 2009-04-19 21:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2018-06-23 20:42 - 2000-08-30 17:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2018-06-23 20:42 - 2000-08-30 17:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2018-06-23 20:42 - 2000-08-30 17:00 - 000098816 _____ C:\Windows\sed.exe
2018-06-23 20:42 - 2000-08-30 17:00 - 000080412 _____ C:\Windows\grep.exe
2018-06-23 20:42 - 2000-08-30 17:00 - 000068096 _____ C:\Windows\zip.exe
2018-06-23 20:40 - 2018-06-23 20:40 - 005660124 ____R (Swearware) C:\Users\ivan\Desktop\ComboFix.exe
2018-06-23 20:39 - 2018-06-23 22:02 - 000000514 _____ C:\Users\ivan\Desktop\BleepingComputer.website
2018-06-23 19:12 - 2018-06-23 19:12 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Wise Euask
2018-06-23 09:42 - 2018-06-23 09:42 - 000000000 ____D C:\Users\ivan\My Documents\scalacs dr keys obituary
2018-06-22 05:25 - 2018-06-22 05:27 - 000000000 ____D C:\Users\ivan\My Documents\Amnest International Request for Legal Conusel
2018-06-22 04:57 - 2018-06-22 05:04 - 000392032 _____ C:\Windows\system32\FNTCACHE.DAT
2018-06-21 00:41 - 2018-06-21 00:41 - 000000730 _____ C:\Users\ivan\Desktop\4 Repair Utilities to Fix the Majority of Known Windows Problems • Raymond.CC.website
2018-06-20 15:50 - 2018-06-20 15:50 - 000000934 _____ C:\Users\ivan\Desktop\Anti Hacker.lnk
2018-06-20 15:50 - 2018-06-20 15:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti Hacker
2018-06-20 15:50 - 2018-06-20 15:50 - 000000000 ____D C:\Program Files (x86)\Anti Hacker
2018-06-20 15:13 - 2018-06-20 15:13 - 000002883 _____ C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk
2018-06-20 15:13 - 2018-06-20 15:13 - 000000000 ____D C:\Program Files (x86)\Windows Installer Clean Up
2018-06-20 15:05 - 2018-06-20 15:12 - 000000000 ____D C:\Program Files (x86)\windows installer clean up utility 7.2
2018-06-20 14:27 - 2018-06-20 14:27 - 000050615 _____ C:\Users\ivan\Desktop\appcrashview.zip
2018-06-20 12:25 - 2018-06-24 11:07 - 000023089 _____ C:\Users\ivan\Desktop\FRST.txt
2018-06-19 11:06 - 2015-06-16 23:48 - 000937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2018-06-19 11:06 - 2015-06-16 23:03 - 000571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2018-06-19 02:35 - 2018-06-19 02:35 - 001061808 _____ (My Privacy Tools, Inc. ) C:\Users\ivan\Desktop\antihacker.exe
2018-06-19 00:21 - 2010-03-22 13:57 - 000347680 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2018-06-19 00:21 - 2010-01-05 19:39 - 000107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2018-06-18 18:11 - 2018-06-18 18:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2018-06-18 18:06 - 2018-06-18 18:13 - 000000000 ____D C:\9a6b4d8996406514826e9d
2018-06-17 14:47 - 2018-06-17 14:47 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-06-17 13:53 - 2018-06-17 13:53 - 000892416 _____ (Farbar) C:\Users\ivan\Downloads\MiniToolBox.exe
2018-06-16 22:42 - 2018-06-16 22:42 - 000000000 ____D C:\ProgramData\Firewall_Scanner
2018-06-16 22:42 - 2018-06-16 22:42 - 000000000 ____D C:\LOG
2018-06-16 16:48 - 2018-06-16 20:10 - 000001246 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2018-06-16 16:48 - 2018-06-16 16:48 - 000000000 ____D C:\sh5ldr
2018-06-16 16:48 - 2018-06-16 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2018-06-16 16:48 - 2018-06-16 16:48 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2018-06-16 16:47 - 2018-06-16 16:47 - 000000000 ____D C:\Program Files\EnigmaSoft
2018-06-16 10:27 - 2018-06-16 10:27 - 000001359 _____ C:\Users\ivan\My Documents\Recruiter Army statement.txt
2018-06-15 13:56 - 2018-06-15 13:56 - 000002135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2018-06-15 13:56 - 2018-06-15 13:56 - 000000000 ____D C:\Program Files\Microsoft Security Client
2018-06-15 13:56 - 2018-06-15 13:56 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2018-06-15 13:32 - 2018-06-15 13:32 - 000000000 ____D C:\found.001
2018-06-15 13:17 - 2018-06-15 13:17 - 000003816 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2018-06-15 13:17 - 2018-06-15 13:17 - 000002160 _____ C:\Users\Public\Desktop\SupportAssist.lnk
2018-06-15 13:17 - 2018-06-15 13:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2018-06-14 20:25 - 2018-06-14 20:25 - 000735680 _____ C:\Users\ivan\Downloads\435049_intl_x64_zip.exe
2018-06-14 18:20 - 2018-06-14 18:20 - 000003120 _____ C:\Windows\System32\Tasks\{FDEBAADE-044A-4E61-8ABC-237E0081C19D}
2018-06-13 15:33 - 2018-06-13 15:33 - 000000000 ____D C:\found.000
2018-06-13 14:15 - 2018-06-24 11:07 - 000060912 _____ C:\Windows\ZAM.krnl.trace
2018-06-13 14:15 - 2018-06-24 11:07 - 000028603 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-06-13 08:09 - 2018-05-29 13:36 - 000396960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-06-13 08:09 - 2018-05-29 12:40 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-06-13 08:09 - 2018-05-28 19:43 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-06-13 08:09 - 2018-05-28 19:41 - 005577408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-06-13 08:09 - 2018-05-28 19:41 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-06-13 08:09 - 2018-05-28 19:41 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-06-13 08:09 - 2018-05-28 19:41 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-06-13 08:09 - 2018-05-28 19:41 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-06-13 08:09 - 2018-05-28 19:35 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 004050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-06-13 08:09 - 2018-05-28 19:32 - 003962048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-06-13 08:09 - 2018-05-28 19:32 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:25 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:03 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-06-13 08:09 - 2018-05-28 19:03 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-06-13 08:09 - 2018-05-28 19:03 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-06-13 08:09 - 2018-05-28 19:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-06-13 08:09 - 2018-05-28 19:03 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-06-13 08:09 - 2018-05-28 18:59 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-06-13 08:09 - 2018-05-28 18:59 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-06-13 08:09 - 2018-05-28 18:59 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-06-13 08:09 - 2018-05-28 18:59 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-06-13 08:09 - 2018-05-28 18:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-06-13 08:09 - 2018-05-28 18:59 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-06-13 08:09 - 2018-05-28 18:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-06-13 08:09 - 2018-05-28 18:58 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-06-13 08:09 - 2018-05-28 18:58 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 18:58 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 18:58 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 18:58 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 18:56 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-06-13 08:09 - 2018-05-28 18:55 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-06-13 08:09 - 2018-05-28 18:55 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-06-13 08:09 - 2018-05-28 18:54 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-06-13 08:09 - 2018-05-28 18:54 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-06-13 08:09 - 2018-05-28 17:04 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-06-13 08:09 - 2018-05-24 22:10 - 025742848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-06-13 08:09 - 2018-05-24 21:59 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-06-13 08:09 - 2018-05-24 21:59 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-06-13 08:09 - 2018-05-24 21:46 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-06-13 08:09 - 2018-05-24 21:45 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-06-13 08:09 - 2018-05-24 21:44 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-06-13 08:09 - 2018-05-24 21:44 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-06-13 08:09 - 2018-05-24 21:44 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-06-13 08:09 - 2018-05-24 21:43 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-06-13 08:09 - 2018-05-24 21:38 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-06-13 08:09 - 2018-05-24 21:37 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-06-13 08:09 - 2018-05-24 21:36 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-06-13 08:09 - 2018-05-24 21:34 - 020286976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-06-13 08:09 - 2018-05-24 21:33 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-06-13 08:09 - 2018-05-24 21:32 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-06-13 08:09 - 2018-05-24 21:32 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-06-13 08:09 - 2018-05-24 21:32 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-06-13 08:09 - 2018-05-24 21:32 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-06-13 08:09 - 2018-05-24 21:28 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-06-13 08:09 - 2018-05-24 21:24 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-06-13 08:09 - 2018-05-24 21:21 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-06-13 08:09 - 2018-05-24 21:16 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-06-13 08:09 - 2018-05-24 21:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-06-13 08:09 - 2018-05-24 21:15 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-06-13 08:09 - 2018-05-24 21:15 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-06-13 08:09 - 2018-05-24 21:14 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-06-13 08:09 - 2018-05-24 21:14 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-06-13 08:09 - 2018-05-24 21:14 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-06-13 08:09 - 2018-05-24 21:13 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-06-13 08:09 - 2018-05-24 21:12 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-06-13 08:09 - 2018-05-24 21:10 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-06-13 08:09 - 2018-05-24 21:10 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-06-13 08:09 - 2018-05-24 21:09 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-06-13 08:09 - 2018-05-24 21:08 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-06-13 08:09 - 2018-05-24 21:08 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-06-13 08:09 - 2018-05-24 21:07 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-06-13 08:09 - 2018-05-24 21:06 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-06-13 08:09 - 2018-05-24 21:06 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-06-13 08:09 - 2018-05-24 21:05 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-06-13 08:09 - 2018-05-24 21:05 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-06-13 08:09 - 2018-05-24 20:57 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-06-13 08:09 - 2018-05-24 20:57 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-06-13 08:09 - 2018-05-24 20:55 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-06-13 08:09 - 2018-05-24 20:55 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-06-13 08:09 - 2018-05-24 20:53 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-06-13 08:09 - 2018-05-24 20:53 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-06-13 08:09 - 2018-05-24 20:53 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-06-13 08:09 - 2018-05-24 20:52 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-06-13 08:09 - 2018-05-24 20:52 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-06-13 08:09 - 2018-05-24 20:51 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-06-13 08:09 - 2018-05-24 20:49 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-06-13 08:09 - 2018-05-24 20:48 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-06-13 08:09 - 2018-05-24 20:47 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-06-13 08:09 - 2018-05-24 20:45 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-06-13 08:09 - 2018-05-24 20:42 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-06-13 08:09 - 2018-05-24 20:40 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-06-13 08:09 - 2018-05-24 20:39 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-06-13 08:09 - 2018-05-24 20:39 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-06-13 08:09 - 2018-05-24 20:38 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-06-13 08:09 - 2018-05-24 20:38 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-06-13 08:09 - 2018-05-24 20:37 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-06-13 08:09 - 2018-05-24 20:29 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-06-13 08:09 - 2018-05-24 20:19 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-06-13 08:09 - 2018-05-24 20:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-06-13 08:09 - 2018-05-24 20:15 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-06-13 08:09 - 2018-05-24 20:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-06-13 08:09 - 2018-05-14 21:16 - 001681088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-06-13 08:09 - 2018-05-14 20:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-06-13 08:09 - 2018-05-14 20:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-06-13 08:09 - 2018-05-14 20:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-06-13 08:09 - 2018-05-14 20:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-06-13 08:09 - 2018-05-14 20:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-06-13 08:09 - 2018-05-14 20:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-06-13 08:09 - 2018-05-14 20:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-06-13 08:09 - 2018-05-14 20:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-06-13 08:09 - 2018-05-14 20:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-06-13 08:09 - 2018-05-14 20:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-06-13 08:09 - 2018-05-14 20:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-06-13 08:09 - 2018-05-14 20:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-06-13 08:09 - 2018-05-14 18:20 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-06-13 08:09 - 2018-05-14 18:20 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-06-13 08:09 - 2018-05-11 19:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-06-13 08:09 - 2018-05-11 19:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-06-13 08:09 - 2018-05-11 19:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-06-13 08:09 - 2018-05-11 14:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-06-13 08:09 - 2018-05-11 14:19 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-06-13 08:09 - 2018-05-11 14:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-06-13 08:09 - 2018-05-10 17:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-06-13 08:09 - 2018-05-10 17:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-06-13 08:09 - 2018-05-10 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-06-13 08:09 - 2018-04-06 09:39 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-06-13 08:09 - 2018-04-06 09:38 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-06-12 19:07 - 2018-06-22 05:31 - 000000000 ____D C:\Users\ivan\My Documents\Rutherford organization constitutional 061218
2018-06-11 03:47 - 2018-06-15 01:45 - 000000000 ____D C:\ProgramData\Foxit ContentPlatform
2018-06-11 03:47 - 2018-06-15 01:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2018-06-11 03:47 - 2018-06-11 03:47 - 000001313 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2018-06-11 03:47 - 2018-06-11 03:47 - 000000000 ____D C:\ProgramData\Foxit Software
2018-06-11 03:46 - 2018-06-11 03:46 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2018-06-11 02:52 - 2018-06-15 01:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-06-11 02:52 - 2018-06-11 02:52 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Sun
2018-06-11 02:52 - 2018-06-11 02:51 - 000111048 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2018-06-11 02:50 - 2018-06-11 02:50 - 000000000 ____D C:\Program Files\Java
2018-06-11 00:19 - 2018-06-11 00:19 - 000003272 _____ C:\Windows\System32\Tasks\{38D4E838-B48D-41AC-AAA6-02EA4C71CA23}
2018-06-10 07:58 - 2018-06-15 01:43 - 000000000 ____D C:\Users\TEMP
2018-06-10 07:58 - 2018-06-10 08:29 - 000001044 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-06-10 07:58 - 2018-06-10 07:58 - 000095432 _____ C:\Users\TEMP\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-10 07:58 - 2018-06-10 07:58 - 000002217 _____ C:\Users\TEMP\Desktop\Google Chrome.lnk
2018-06-10 07:58 - 2018-06-10 07:58 - 000000020 ___SH C:\Users\TEMP\ntuser.ini
2018-06-10 07:58 - 2018-06-10 07:58 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Adobe
2018-06-10 07:58 - 2018-06-10 07:58 - 000000000 ____D C:\Users\TEMP\AppData\Local\VirtualStore
2018-06-10 07:58 - 2018-06-10 07:58 - 000000000 ____D C:\Users\TEMP\AppData\Local\SoftThinks
2018-06-10 07:58 - 2018-06-10 07:58 - 000000000 ____D C:\Users\TEMP\AppData\Local\Google
2018-06-10 07:58 - 2015-09-20 07:10 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Media Center Programs
2018-06-10 07:58 - 2012-02-10 10:30 - 000000000 ____D C:\Users\TEMP\AppData\Local\Western Digital
2018-06-07 17:56 - 2018-06-07 17:56 - 000093231 _____ C:\Users\ivan\My Documents\Bank Of America Account Closing Hacking 3215.pdf
2018-06-06 14:54 - 2018-06-06 14:54 - 000000043 _____ C:\Windows\gswin32.ini
2018-06-05 13:02 - 2018-06-15 01:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-06-05 13:02 - 2018-06-08 06:56 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-06-04 13:17 - 2018-06-04 13:17 - 000000000 ____D C:\Users\Public\Foxit Software
2018-06-04 13:17 - 2018-06-04 13:17 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Foxit AgentInformation
2018-06-04 13:16 - 2018-06-11 03:47 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Foxit Software
2018-06-04 12:42 - 2018-06-11 04:17 - 000000311 _____ C:\Users\ivan\.EjsConsole.txt
2018-06-04 12:33 - 2018-06-11 00:43 - 000000371 _____ C:\Users\ivan\.Ejs.txt
2018-06-04 12:33 - 2018-06-11 00:43 - 000000000 ____D C:\Users\ivan\.Ejs.tmp
2018-06-03 00:23 - 2018-06-03 00:23 - 000087021 _____ C:\Users\ivan\My Documents\Knife Tactical survival 325s billing 060218.pdf
2018-06-02 15:51 - 2018-06-02 15:51 - 000193663 _____ C:\Users\ivan\My Documents\spyhunter renewal bill 060218.pdf
2018-06-01 15:37 - 2018-06-01 15:37 - 000096364 _____ C:\Users\ivan\My Documents\striker knife fight fast 060118 billing.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-24 11:06 - 2016-12-19 07:14 - 000000000 ____D C:\FRST
2018-06-24 09:37 - 2018-02-10 08:09 - 000000000 ____D C:\Program Files\IPVanish VPN
2018-06-24 08:29 - 2009-07-13 21:45 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-06-24 08:29 - 2009-07-13 21:45 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-06-24 08:19 - 2009-07-13 22:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-24 00:47 - 2018-04-30 22:07 - 000000000 ____D C:\Users\ivan\My Documents\Library Part VI 041418
2018-06-23 20:55 - 2009-07-13 19:34 - 000000227 _____ C:\Windows\system.ini
2018-06-23 20:50 - 2009-07-13 19:34 - 125304832 _____ C:\Windows\system32\config\software.bak
2018-06-23 20:50 - 2009-07-13 19:34 - 043778048 _____ C:\Windows\system32\config\system.bak
2018-06-23 20:50 - 2009-07-13 19:34 - 001572864 _____ C:\Windows\system32\config\default.bak
2018-06-23 20:50 - 2009-07-13 19:34 - 000061440 _____ C:\Windows\system32\config\sam.bak
2018-06-23 20:50 - 2009-07-13 19:34 - 000032768 _____ C:\Windows\system32\config\security.bak
2018-06-23 20:49 - 2014-03-22 12:31 - 000000000 ____D C:\Windows\erdnt
2018-06-23 19:58 - 2016-03-23 02:29 - 000000000 ____D C:\Program Files\Recuva
2018-06-23 19:14 - 2012-12-27 14:25 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-06-23 19:13 - 2015-01-09 00:30 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Wise Disk Cleaner
2018-06-23 18:32 - 2018-04-30 20:46 - 000000000 ____D C:\Users\ivan\My Documents\Calibre Library
2018-06-23 16:28 - 2012-12-28 20:49 - 000000000 ____D C:\Users\ivan\My Documents\Letter of Recomendations
2018-06-23 15:55 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\system32\NDF
2018-06-23 13:29 - 2012-01-01 10:45 - 000000000 ____D C:\Users\ivan\My Documents\CCleaner Backup
2018-06-23 12:52 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\inf
2018-06-23 12:27 - 2014-09-12 14:33 - 000000000 ____D C:\Users\ivan\My Documents\Newspaper Articles Commentaries News
2018-06-23 12:27 - 2012-12-31 16:21 - 000000000 ____D C:\Users\ivan\AppData\Roaming\PrimoPDF
2018-06-22 23:13 - 2018-04-27 07:14 - 000000000 ____D C:\EEK
2018-06-21 16:51 - 2018-04-26 09:36 - 000000629 _____ C:\Windows\SysWOW64\SmartFlow.txt
2018-06-21 09:49 - 2012-01-05 21:01 - 000000000 ____D C:\Calnetix Aspen Spreadsht Simulations
2018-06-21 09:49 - 2012-01-01 12:07 - 000000017 ____H C:\Windows\SysWOW64\servdat.slm
2018-06-21 09:37 - 2012-01-01 12:07 - 000000219 _____ C:\Windows\SysWOW64\lsprst7.tgz
2018-06-20 20:57 - 2011-12-31 17:35 - 000000000 ____D C:\Users\ivan
2018-06-20 15:12 - 2012-01-02 20:42 - 000000000 ____D C:\Program Files (x86)\MSECache
2018-06-20 08:18 - 2014-12-10 00:01 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2018-06-20 07:53 - 2016-12-19 07:12 - 002412544 _____ (Farbar) C:\Users\ivan\Desktop\FRST64.exe
2018-06-20 07:51 - 2016-10-17 05:09 - 000000000 ____D C:\ProgramData\SecTaskMan
2018-06-20 06:17 - 2013-06-14 17:48 - 000000000 ____D C:\Users\ivan\AppData\Local\ElevatedDiagnostics
2018-06-19 13:50 - 2018-04-27 12:55 - 000004130 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-06-19 11:43 - 2018-02-06 21:53 - 000000000 ____D C:\Users\ivan\My Documents\Library Part V 102417
2018-06-19 11:38 - 2014-03-24 17:27 - 000000000 ____D C:\ProgramData\NVIDIA
2018-06-19 11:33 - 2012-01-08 12:27 - 000000000 ____D C:\ProgramData\TEMP
2018-06-19 11:32 - 2009-07-13 22:32 - 000000000 ____D C:\Windows\Downloaded Program Files
2018-06-19 11:11 - 2014-11-29 18:38 - 000000000 ____D C:\Users\ivan\Desktop\virus removal and tools
2018-06-19 11:06 - 2013-11-14 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-06-19 11:06 - 2011-04-25 18:30 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-06-19 11:06 - 2011-04-25 17:01 - 000000000 ____D C:\Temp
2018-06-19 11:05 - 2011-04-25 18:30 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-06-19 11:05 - 2011-04-25 16:48 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-06-19 08:02 - 2011-04-25 19:16 - 000000000 ____D C:\Windows\Panther
2018-06-19 00:41 - 2011-12-31 17:35 - 000000000 ____D C:\Users\ivan\AppData\Local\SoftThinks
2018-06-19 00:02 - 2011-04-25 17:01 - 000000000 ____D C:\Program Files (x86)\AlienRespawn
2018-06-18 18:30 - 2012-01-01 12:05 - 000000000 ____D C:\Users\ivan\AppData\Roaming\DAEMON Tools Lite
2018-06-18 17:58 - 2012-01-01 11:14 - 000000000 ____D C:\Software Download Files
2018-06-18 17:50 - 2012-01-01 11:05 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2018-06-18 15:49 - 2009-07-13 22:13 - 000966584 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-18 15:02 - 2012-01-01 11:08 - 000917032 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-06-18 15:01 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\registration
2018-06-18 09:38 - 2012-01-05 22:40 - 000000000 ____D C:\SO2 Caustic Scrubber
2018-06-18 08:29 - 2009-07-13 19:34 - 000017618 _____ C:\Windows\system32\Drivers\etc\services
2018-06-18 08:11 - 2014-02-26 10:15 - 000000000 ____D C:\Users\ivan\AppData\Roaming\AnvSoft
2018-06-18 08:10 - 2016-01-08 14:42 - 000000580 _____ C:\Users\ivan\Desktop\Casio unveils smart watch for the outdoors.website
2018-06-17 23:54 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\rescache
2018-06-17 17:11 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-06-17 15:51 - 2016-03-19 15:33 - 000001415 _____ C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-06-17 14:51 - 2013-11-14 15:29 - 000000000 ____D C:\Windows\system32\MRT
2018-06-17 14:47 - 2012-02-05 08:37 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-06-17 13:56 - 2018-02-08 07:52 - 000000000 ____D C:\Users\ivan\Desktop\Process Monitors
2018-06-16 09:32 - 2014-03-21 07:35 - 000000000 ____D C:\Users\ivan\AppData\Local\CrashDumps
2018-06-15 13:56 - 2015-01-09 05:36 - 000095432 _____ C:\Users\ivan\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-15 13:56 - 2012-12-27 09:02 - 000001945 _____ C:\Windows\epplauncher.mif
2018-06-15 13:44 - 2013-03-03 11:19 - 000000000 ____D C:\e-ExMa
2018-06-15 13:38 - 2015-12-12 06:06 - 000000000 ____D C:\ProgramData\PCDr
2018-06-15 13:17 - 2018-02-05 09:46 - 000000000 ____D C:\ProgramData\SupportAssist
2018-06-15 11:57 - 2015-02-21 17:36 - 000000576 _____ C:\Users\ivan\Desktop\Create an XP Mode for Windows 7 Home Versions & Vista.website
2018-06-15 08:34 - 2016-03-10 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0
2018-06-15 08:33 - 2016-09-20 03:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2
2018-06-15 08:33 - 2016-09-14 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Port Scanner v2
2018-06-15 08:33 - 2016-05-04 02:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBMonitor
2018-06-15 08:33 - 2016-05-02 17:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NADetector
2018-06-15 08:33 - 2016-05-02 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RemoteDeviceExplorer
2018-06-15 08:33 - 2016-05-02 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetworkProcMonitor
2018-06-15 08:33 - 2016-01-30 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePortScanner
2018-06-15 08:33 - 2014-11-29 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeSysInfo
2018-06-15 08:33 - 2014-11-29 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BhoScanner
2018-06-15 08:33 - 2014-11-29 10:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RemoteServiceMonitoring
2018-06-15 08:33 - 2014-10-15 14:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Schrodinger-2013-1
2018-06-15 08:33 - 2014-03-22 00:28 - 000000000 ____D C:\Program Files\HitmanPro
2018-06-15 08:33 - 2014-02-26 22:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2018-06-15 08:33 - 2013-11-21 04:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTC Mathcad
2018-06-15 08:33 - 2012-12-30 03:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2018-06-15 08:33 - 2012-12-27 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica
2018-06-15 08:33 - 2012-12-27 08:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Utilities
2018-06-15 08:33 - 2012-12-27 06:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegAuditor
2018-06-15 08:33 - 2012-08-13 08:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polymath Software
2018-06-15 08:33 - 2012-08-11 14:37 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Windows Performance Toolkit
2018-06-15 08:33 - 2012-05-26 03:20 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REFPROP
2018-06-15 08:33 - 2012-01-01 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenBabel 2.3.1
2018-06-15 08:33 - 2012-01-01 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-06-15 08:32 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\system32\Msdtc
2018-06-15 01:55 - 2012-01-01 08:30 - 000000000 ____D C:\Windows\{B251C9DD-FCEA-4039-966F-B989C65D2302}
2018-06-15 01:55 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\system32\ias
2018-06-15 01:54 - 2016-10-13 09:24 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-06-15 01:54 - 2016-03-05 15:26 - 000000000 ____D C:\Windows\system32\STRING
2018-06-15 01:54 - 2016-03-04 16:32 - 000000000 ____D C:\Windows\SysWOW64\shared
2018-06-15 01:54 - 2016-03-04 16:30 - 000000000 ____D C:\Windows\SysWOW64\chdl
2018-06-15 01:54 - 2015-07-31 16:40 - 000000000 ____D C:\Windows\PIXTRAN
2018-06-15 01:54 - 2014-10-15 14:43 - 000000000 ____D C:\Windows\SysWOW64\instcheck-engineering-diagnostics
2018-06-15 01:54 - 2014-03-15 15:09 - 000000000 ____D C:\Windows\en
2018-06-15 01:54 - 2014-02-26 09:33 - 000000000 ____D C:\Windows\SysWOW64\SmitfraudFix
2018-06-15 01:54 - 2012-02-04 19:16 - 000000000 ____D C:\Windows\System32\Tasks\Apple
2018-06-15 01:54 - 2012-01-18 19:38 - 000000000 ____D C:\Windows\pss
2018-06-15 01:54 - 2012-01-04 05:52 - 000000000 ____D C:\Windows\system32\SPReview
2018-06-15 01:54 - 2012-01-04 05:51 - 000000000 ____D C:\Windows\system32\EventProviders
2018-06-15 01:54 - 2011-12-31 16:22 - 000000000 ____D C:\Windows\SMINST
2018-06-15 01:54 - 2011-04-25 18:30 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-06-15 01:54 - 2009-07-14 00:45 - 000000000 ____D C:\Windows\ShellNew
2018-06-15 01:54 - 2009-07-13 22:32 - 000000000 ____D C:\Windows\Offline Web Pages
2018-06-15 01:54 - 2009-07-13 22:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2018-06-15 01:54 - 2009-07-13 20:20 - 000000000 __RSD C:\Windows\Media
2018-06-15 01:54 - 2009-07-13 20:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2018-06-15 01:54 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\TAPI
2018-06-15 01:54 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2018-06-15 01:54 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\system32\spool
2018-06-15 01:54 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\IME
2018-06-15 01:54 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\Help
2018-06-15 01:53 - 2018-02-08 07:55 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Runscanner.net
2018-06-15 01:53 - 2018-02-08 07:41 - 000000000 ____D C:\Users\ivan\My Documents\Bankruptcy Documents 0ct 2017
2018-06-15 01:53 - 2017-08-03 21:45 - 000000000 ____D C:\Users\ivan\My Documents\RegRun2
2018-06-15 01:53 - 2016-12-18 17:20 - 000000000 ____D C:\Users\ivan\AppData\Local\ToolwizCareFree
2018-06-15 01:53 - 2016-10-17 06:33 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2018-06-15 01:53 - 2016-10-17 06:33 - 000000000 ____D C:\Users\ivan\AppData\Roaming\IrfanView
2018-06-15 01:53 - 2016-09-26 02:06 - 000000000 ____D C:\Users\ivan\Desktop\port scanners
2018-06-15 01:53 - 2016-04-08 08:21 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto
2018-06-15 01:53 - 2016-02-25 07:30 - 000000000 ___RD C:\Users\ivan\Dropbox
2018-06-15 01:53 - 2015-12-30 09:23 - 000000000 ____D C:\Users\ivan\AppData\Local\FreeFixer
2018-06-15 01:53 - 2015-02-24 07:26 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore Explorer
2018-06-15 01:53 - 2015-02-21 18:30 - 000000000 ____D C:\Users\ivan\AppData\Roaming\VMware
2018-06-15 01:53 - 2015-01-13 11:57 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools 2014
2018-06-15 01:53 - 2015-01-06 14:22 - 000000000 ____D C:\Users\ivan\AppData\Local\OurrarUdl
2018-06-15 01:53 - 2014-12-31 07:43 - 000000000 ____D C:\uninstall
2018-06-15 01:53 - 2014-11-05 00:06 - 000000000 ____D C:\Users\ivan\AppData\Roaming\dvdcss
2018-06-15 01:53 - 2014-11-05 00:04 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Digiarty
2018-06-15 01:53 - 2014-10-15 14:10 - 000000000 ____D C:\Schrodinger2013-1_x86
2018-06-15 01:53 - 2014-05-11 13:53 - 000000000 ____D C:\SpectrumView
2018-06-15 01:53 - 2014-03-15 06:25 - 000000000 ____D C:\Users\ivan\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2018-06-15 01:53 - 2014-03-02 22:07 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Expired Cookies Cleaner
2018-06-15 01:53 - 2014-02-16 06:57 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2018-06-15 01:53 - 2014-02-08 13:27 - 000000000 ____D C:\Users\ivan\AppData\Roaming\DVDVideoSoft
2018-06-15 01:53 - 2013-06-15 01:53 - 000000000 ____D C:\Users\ivan\Downloads\pagefixzip
2018-06-15 01:53 - 2013-04-15 04:34 - 000000000 ____D C:\Users\ivan\dell retrived contents
2018-06-15 01:53 - 2013-03-05 21:09 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2018-06-15 01:53 - 2013-03-05 17:53 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner
2018-06-15 01:53 - 2012-12-30 03:14 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-06-15 01:53 - 2012-12-29 11:31 - 000000000 ____D C:\Users\ivan\My Documents\calibre 64bit - E-book Management
2018-06-15 01:53 - 2012-12-27 17:58 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2018-06-15 01:53 - 2012-06-16 08:15 - 000000000 ___RD C:\Users\ivan\My Documents\Scanned Documents
2018-06-15 01:53 - 2012-01-22 17:17 - 000000000 ___SD C:\Users\ivan\My Documents\My Shapes
2018-06-15 01:53 - 2012-01-03 21:55 - 000000000 ___SD C:\Users\ivan\My Shapes
2018-06-15 01:53 - 2009-07-13 20:20 - 000000000 __RHD C:\Users\Public\Libraries
2018-06-15 01:53 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\AppCompat
2018-06-15 01:52 - 2018-05-02 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nonlinear Oscillations
2018-06-15 01:52 - 2018-05-02 14:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Physics of Oscillations
2018-06-15 01:52 - 2018-05-02 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Planets and Satellites
2018-06-15 01:52 - 2018-02-10 20:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GlassWire
2018-06-15 01:52 - 2018-02-09 07:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yet Another (remote) Process Monitor
2018-06-15 01:52 - 2018-02-09 07:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\What's my computer doing
2018-06-15 01:52 - 2018-02-09 07:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\What's Running
2018-06-15 01:52 - 2018-02-09 07:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
2018-06-15 01:52 - 2018-02-09 07:25 - 000000000 ____D C:\Program Files\Process Hacker 2
2018-06-15 01:52 - 2018-02-08 07:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2018-06-15 01:52 - 2017-08-03 05:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-06-15 01:52 - 2016-12-20 05:59 - 000000000 ____D C:\Program Files\Registrar Registry Manager
2018-06-15 01:52 - 2016-12-19 03:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Files Finder
2018-06-15 01:52 - 2016-12-18 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dupeGuru
2018-06-15 01:52 - 2016-12-18 17:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ToolwizCareFree
2018-06-15 01:52 - 2016-10-17 09:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apache HTTP Server 2.2
2018-06-15 01:52 - 2016-10-17 08:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivePerl 5.24.0 Build 2400 (64-bit)
2018-06-15 01:52 - 2016-10-16 06:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPVanish
2018-06-15 01:52 - 2016-10-15 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astroburn Lite
2018-06-15 01:52 - 2016-10-14 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACDLabs Freeware 2015
2018-06-15 01:52 - 2016-10-13 14:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDjView
2018-06-15 01:52 - 2016-10-13 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2018-06-15 01:52 - 2016-10-06 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-06-15 01:52 - 2016-10-04 09:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2018-06-15 01:52 - 2016-09-28 08:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2900 series User Registration
2018-06-15 01:52 - 2016-09-21 07:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftPerfect Network Scanner
2018-06-15 01:52 - 2016-09-21 07:38 - 000000000 ____D C:\Program Files\SoftPerfect Network Scanner
2018-06-15 01:52 - 2016-09-07 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Slitheris Network Discovery
2018-06-15 01:52 - 2016-05-27 06:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram CDF Player
2018-06-15 01:52 - 2016-05-02 06:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftPerfect WiFi Guard
2018-06-15 01:52 - 2016-05-02 06:34 - 000000000 ____D C:\Program Files\SoftPerfect WiFi Guard
2018-06-15 01:52 - 2016-04-29 21:03 - 000000000 ____D C:\ProgramData\Licenses
2018-06-15 01:52 - 2016-04-29 21:03 - 000000000 ____D C:\Program Files\WinPcap
2018-06-15 01:52 - 2016-04-14 06:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2900 series Manual
2018-06-15 01:52 - 2016-03-23 02:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2018-06-15 01:52 - 2016-03-06 00:40 - 000000000 ___HD C:\ProgramData\CanonIJScan
2018-06-15 01:52 - 2016-03-05 20:41 - 000000000 ___HD C:\ProgramData\CanonIJEGV
2018-06-15 01:52 - 2016-03-05 15:14 - 000000000 ___HD C:\ProgramData\CanonIJETV
2018-06-15 01:52 - 2016-03-04 16:14 - 000000000 ____D C:\ProgramData\BOINC
2018-06-15 01:52 - 2016-02-27 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.1
2018-06-15 01:52 - 2015-12-13 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-06-15 01:52 - 2015-12-13 19:40 - 000000000 ____D C:\Program Files\Speccy
2018-06-15 01:52 - 2015-12-10 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClamWin Antivirus
2018-06-15 01:52 - 2015-12-08 05:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2018-06-15 01:52 - 2015-07-31 16:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PDF Converter Professional 8
2018-06-15 01:52 - 2015-04-11 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2018-06-15 01:52 - 2015-04-03 16:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2018-06-15 01:52 - 2015-01-13 05:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools 2014
2018-06-15 01:52 - 2015-01-09 05:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner
2018-06-15 01:52 - 2014-12-31 07:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Extreme Tuning Utility
2018-06-15 01:52 - 2014-05-14 06:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Analyser
2018-06-15 01:52 - 2014-05-11 13:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpectrumView
2018-06-15 01:52 - 2014-04-23 09:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 10
2018-06-15 01:52 - 2014-04-11 07:41 - 000000000 ____D C:\ProgramData\RapidSolution
2018-06-15 01:52 - 2014-03-22 00:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2018-06-15 01:52 - 2014-03-22 00:28 - 000000000 ____D C:\ProgramData\HitmanPro
2018-06-15 01:52 - 2014-02-26 22:51 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2018-06-15 01:52 - 2013-11-21 04:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTC
2018-06-15 01:52 - 2013-11-17 00:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMSOL 4.3a
2018-06-15 01:52 - 2013-11-15 12:22 - 000000000 ____D C:\QB64
2018-06-15 01:52 - 2013-11-15 02:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spartan '14 V1.1.0 (x86)
2018-06-15 01:52 - 2013-06-20 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2018-06-15 01:52 - 2013-06-20 11:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIMzLAB
2018-06-15 01:52 - 2013-06-19 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOPAC 2009
2018-06-15 01:52 - 2013-06-19 19:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHEMKED I & II
2018-06-15 01:52 - 2013-06-19 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
2018-06-15 01:52 - 2013-06-15 01:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PageFix 2.0
2018-06-15 01:52 - 2013-05-16 19:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint
2018-06-15 01:52 - 2012-12-30 03:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-06-15 01:52 - 2012-12-30 03:13 - 000000000 ____D C:\Program Files\WinRAR
2018-06-15 01:52 - 2012-12-29 18:15 - 000000000 ____D C:\Program Files\WinDjView
2018-06-15 01:52 - 2012-12-29 07:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
2018-06-15 01:52 - 2012-12-27 17:35 - 000000000 ____D C:\Program Files\Psexec
2018-06-15 01:52 - 2012-12-27 05:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrimoPDF
2018-06-15 01:52 - 2012-12-27 05:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GaussView 5.0
2018-06-15 01:52 - 2012-08-11 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x64)
2018-06-15 01:52 - 2012-08-11 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Application Verifier (x64)
2018-06-15 01:52 - 2012-08-11 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Application Verifier
2018-06-15 01:52 - 2012-08-11 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows SDK v7.1
2018-06-15 01:52 - 2012-08-04 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Inspector for Windows
2018-06-15 01:52 - 2012-07-28 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Rider
2018-06-15 01:52 - 2012-07-23 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
2018-06-15 01:52 - 2012-07-23 16:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostgum
2018-06-15 01:52 - 2012-02-01 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivePerl 5.14.2 Build 1402 (64-bit)
2018-06-15 01:52 - 2012-01-01 12:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AspenTech
2018-06-15 01:52 - 2012-01-01 12:05 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2018-06-15 01:52 - 2012-01-01 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gaussian 09W
2018-06-15 01:52 - 2012-01-01 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spartan '10 V1.0.1
2018-06-15 01:52 - 2012-01-01 11:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
2018-06-15 01:52 - 2012-01-01 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RasWin
2018-06-15 01:52 - 2012-01-01 10:55 - 000000000 ____D C:\ProgramData\Advanced Chemistry Development
2018-06-15 01:52 - 2012-01-01 10:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMopac
2018-06-15 01:52 - 2012-01-01 09:04 - 000000000 ____D C:\ProgramData\Ezprint
2018-06-15 01:52 - 2012-01-01 09:04 - 000000000 ____D C:\ProgramData\Dl_cats
2018-06-15 01:52 - 2012-01-01 00:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-06-15 01:52 - 2011-04-25 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Documentation
2018-06-15 01:52 - 2011-04-25 17:08 - 000000000 ____D C:\ProgramData\FLEXnet
2018-06-15 01:52 - 2011-04-25 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2018-06-15 01:52 - 2011-04-25 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AlienRespawn
2018-06-15 01:52 - 2011-04-25 16:51 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-06-15 01:52 - 2009-07-13 22:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-06-15 01:52 - 2009-07-13 22:32 - 000000000 ____D C:\Program Files\Windows Sidebar
2018-06-15 01:51 - 2016-10-15 19:58 - 000000000 ____D C:\Program Files\IrfanView
2018-06-15 01:51 - 2016-10-06 18:12 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2018-06-15 01:51 - 2016-02-27 18:47 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard Free 9.1
2018-06-15 01:51 - 2015-12-08 05:51 - 000000000 ____D C:\Program Files\HWiNFO64
2018-06-15 01:51 - 2015-07-24 11:32 - 000000000 ____D C:\Program Files\Dell Printable Web
2018-06-15 01:51 - 2015-04-11 17:45 - 000000000 ____D C:\Program Files\Defraggler
2018-06-15 01:51 - 2012-08-11 14:37 - 000000000 ____D C:\Program Files\Microsoft Windows Performance Toolkit
2018-06-15 01:51 - 2012-08-11 14:36 - 000000000 ____D C:\Program Files\Debugging Tools for Windows (x64)
2018-06-15 01:51 - 2012-01-01 11:38 - 000000000 ____D C:\Program Files\MOPAC
2018-06-15 01:51 - 2012-01-01 11:06 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2018-06-15 01:50 - 2018-05-02 14:11 - 000000000 ____D C:\Program Files (x86)\Physics of Oscillations
2018-06-15 01:50 - 2018-02-10 20:05 - 000000000 ____D C:\Program Files (x86)\GlassWire
2018-06-15 01:50 - 2018-02-09 07:50 - 000000000 ____D C:\Program Files (x86)\Yet Another (remote) Process Monitor
2018-06-15 01:50 - 2018-02-09 07:31 - 000000000 ____D C:\Program Files (x86)\What's my computer doing
2018-06-15 01:50 - 2018-02-09 07:30 - 000000000 ____D C:\Program Files (x86)\WhatsRunning
2018-06-15 01:50 - 2017-08-03 05:08 - 000000000 ____D C:\Program Files\7-Zip
2018-06-15 01:50 - 2016-12-18 17:20 - 000000000 ____D C:\Program Files (x86)\ToolwizCareFree
2018-06-15 01:50 - 2016-10-06 18:12 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2018-06-15 01:50 - 2016-03-04 16:12 - 000000000 ____D C:\Program Files\BitTorrent
2018-06-15 01:50 - 2015-12-08 05:30 - 000000000 ____D C:\Program Files (x86)\Security Task Manager
2018-06-15 01:50 - 2015-07-31 16:25 - 000000000 ____D C:\Program Files (x86)\Microsoft ActiveSync
2018-06-15 01:50 - 2015-05-07 02:20 - 000000000 ____D C:\Program Files (x86)\Scan-X
2018-06-15 01:50 - 2015-03-12 23:53 - 000000000 ____D C:\Program Files (x86)\WinRarPasswordRemover
2018-06-15 01:50 - 2015-02-24 07:26 - 000000000 ____D C:\Program Files (x86)\System Restore Explorer
2018-06-15 01:50 - 2015-01-13 05:10 - 000000000 ____D C:\Program Files (x86)\jv16 PowerTools 2014
2018-06-15 01:50 - 2014-05-14 06:26 - 000000000 ____D C:\Program Files (x86)\Visual Analyser
2018-06-15 01:50 - 2014-05-12 14:57 - 000000000 ____D C:\Program Files (x86)\TrueRTA_3
2018-06-15 01:50 - 2013-06-20 16:18 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2018-06-15 01:50 - 2013-06-18 10:12 - 000000000 ____D C:\Program Files\Bonjour
2018-06-15 01:50 - 2013-06-15 01:53 - 000000000 ____D C:\Program Files (x86)\PageFix 2.0
2018-06-15 01:50 - 2013-03-05 21:09 - 000000000 ____D C:\Program Files (x86)\GPU-Z
2018-06-15 01:50 - 2013-01-06 22:21 - 000000000 ____D C:\Program Files (x86)\SimzLab
2018-06-15 01:50 - 2012-12-30 03:29 - 000000000 ____D C:\Program Files (x86)\IrfanView
2018-06-15 01:50 - 2012-12-29 09:17 - 000000000 ____D C:\Program Files (x86)\Startup Lite
2018-06-15 01:50 - 2012-12-27 08:07 - 000000000 ____D C:\Program Files (x86)\Free Window Registry Repair
2018-06-15 01:50 - 2012-08-11 14:36 - 000000000 ____D C:\Program Files\Application Verifier (x64)
2018-06-15 01:50 - 2012-08-04 22:24 - 000000000 ____D C:\Program Files (x86)\Startup Inspector for Windows
2018-06-15 01:50 - 2012-07-28 09:16 - 000000000 ____D C:\Program Files (x86)\PDFRider
2018-06-15 01:50 - 2012-05-26 03:20 - 000000000 ____D C:\Program Files (x86)\REFPROP
2018-06-15 01:50 - 2012-01-08 19:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2018-06-15 01:50 - 2012-01-01 16:09 - 000000000 ____D C:\Program Files (x86)\GASEQ
2018-06-15 01:50 - 2012-01-01 11:00 - 000000000 ____D C:\Program Files (x86)\RasWin
2018-06-15 01:50 - 2012-01-01 10:57 - 000000000 ____D C:\Program Files (x86)\OpenBabel-2.3.1
2018-06-15 01:50 - 2012-01-01 10:46 - 000000000 ____D C:\Program Files (x86)\WinMopac
2018-06-15 01:50 - 2012-01-01 00:17 - 000000000 ____D C:\Program Files\CCleaner
2018-06-15 01:50 - 2009-07-13 22:32 - 000000000 ____D C:\Program Files (x86)\Windows Sidebar
2018-06-15 01:49 - 2016-12-19 03:44 - 000000000 ____D C:\Program Files (x86)\Duplicate Files Finder
2018-06-15 01:49 - 2016-10-14 15:08 - 000000000 ____D C:\ACD2015FREE
2018-06-15 01:49 - 2016-10-04 09:59 - 000000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2018-06-15 01:49 - 2016-09-20 03:34 - 000000000 ____D C:\Program Files (x86)\Advanced IP Scanner
2018-06-15 01:49 - 2016-09-14 17:57 - 000000000 ____D C:\Program Files (x86)\Advanced Port Scanner
2018-06-15 01:49 - 2016-03-04 18:52 - 000000000 ____D C:\Program Files (x86)\DLLEscort
2018-06-15 01:49 - 2015-12-10 20:03 - 000000000 ____D C:\Program Files (x86)\ClamWin
2018-06-15 01:49 - 2015-08-01 09:54 - 000000000 ____D C:\AdwCleaner
2018-06-15 01:49 - 2014-04-04 02:39 - 000000000 ____D C:\eptsoft basic programing
2018-06-15 01:49 - 2014-04-03 10:34 - 000000000 ____D C:\eptsoft computing
2018-06-15 01:49 - 2014-04-03 10:08 - 000000000 ____D C:\eptsoft
2018-06-15 01:49 - 2014-03-02 22:07 - 000000000 ____D C:\Program Files (x86)\Expired Cookies Cleaner
2018-06-15 01:49 - 2013-06-18 10:12 - 000000000 ____D C:\Program Files (x86)\Bonjour
2018-06-15 01:49 - 2013-05-16 19:33 - 000000000 ____D C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint
2018-06-15 01:49 - 2012-12-29 09:10 - 000000000 ____D C:\Program Files (x86)\Chameleon
2018-06-15 01:49 - 2012-12-29 07:52 - 000000000 ____D C:\Program Files (x86)\FileASSASSIN
2018-06-15 01:49 - 2012-12-27 15:41 - 000000000 ____D C:\gamess.64
2018-06-15 01:49 - 2012-08-11 14:36 - 000000000 ____D C:\Program Files (x86)\Application Verifier
2018-06-15 01:49 - 2012-05-19 14:05 - 000000000 ____D C:\Program Files (x86)\Astroburn Lite
2018-06-15 01:49 - 2012-02-04 19:16 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-06-15 01:49 - 2012-01-05 21:01 - 000000000 ____D C:\Mopac Input Files
2018-06-15 01:49 - 2012-01-01 12:01 - 000000000 ____D C:\Aspen License
2018-06-15 01:49 - 2012-01-01 11:29 - 000000000 ____D C:\G09W
2018-06-15 01:49 - 2012-01-01 11:12 - 000000000 ____D C:\Program Files (x86)\ChemkedII34
2018-06-15 01:49 - 2012-01-01 11:10 - 000000000 ____D C:\Program Files (x86)\Chemked40
2018-06-15 01:48 - 2012-06-04 13:43 - 000000000 ____D C:\Dell
2018-06-15 01:47 - 2015-07-31 15:04 - 000000000 ____D C:\Program Files (x86)\HIjackThis
2018-06-15 01:47 - 2009-07-13 20:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-06-15 01:45 - 2018-02-19 08:12 - 000000000 ____D C:\Program Files\RogueKiller
2018-06-15 01:45 - 2014-02-16 06:57 - 000000000 ____D C:\Program Files\Unlocker
2018-06-15 01:44 - 2018-02-19 08:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-06-15 01:44 - 2016-08-28 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-06-15 01:44 - 2014-12-10 00:01 - 000000000 ____D C:\ProgramData\RogueKiller
2018-06-15 01:42 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\servicing
2018-06-15 01:41 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\system32\sysprep
2018-06-14 20:55 - 2016-03-17 09:28 - 000000479 _____ C:\Users\ivan\Desktop\Healing Mudras.website
2018-06-14 19:44 - 2009-07-13 22:08 - 000032582 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-06-14 12:02 - 2015-12-27 17:01 - 000002186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-12 19:19 - 2017-08-03 21:45 - 000000000 ____D C:\Users\ivan\My Documents\Linkedin Posts Gargurevich
2018-06-12 19:08 - 2018-02-08 07:41 - 000000000 ____D C:\Users\ivan\My Documents\Civil Rights Violations Wildomar DA Statement 013018
2018-06-12 19:06 - 2012-12-28 20:48 - 000000000 ____D C:\Users\ivan\My Documents\Cedar Spring Court Conflict
2018-06-11 02:52 - 2012-01-01 00:20 - 000000000 ____D C:\Users\ivan\AppData\LocalLow\Sun
2018-06-11 02:51 - 2013-11-16 03:48 - 000000000 ____D C:\ProgramData\Oracle
2018-06-10 17:11 - 2013-11-19 06:52 - 000000503 _____ C:\Users\ivan\Desktop\Crash Course in Basic Night Sky Observing Day 3  One-Minute Astronomer.website
2018-06-10 17:09 - 2013-11-19 06:52 - 000000519 _____ C:\Users\ivan\Desktop\Amateur Observers' Beginner's Guide.website
2018-06-10 12:21 - 2014-03-29 13:59 - 000000000 ____D C:\Users\ivan\AppData\Local\calibre-cache
2018-06-07 18:32 - 2016-10-13 13:51 - 000000000 ____D C:\Users\ivan\AppData\Roaming\WiseUpdate
2018-06-07 15:59 - 2012-08-04 22:28 - 000000000 ____D C:\Users\ivan\AppData\Roaming\wsInspector
2018-06-06 15:04 - 2015-02-06 05:09 - 000011407 _____ C:\Users\ivan\gsview64.ini
2018-06-04 11:46 - 2017-08-02 19:36 - 000000000 ____D C:\Users\ivan\My Documents\Library Part IV 06202017
2018-06-03 20:11 - 2014-03-14 23:11 - 000012800 _____ C:\Users\ivan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-06-01 18:11 - 2018-04-30 21:06 - 000000000 ____D C:\Users\ivan\My Documents\My Kindle Content
2018-05-31 14:23 - 2016-09-16 06:38 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-05-31 14:23 - 2016-09-16 06:38 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-31 14:23 - 2014-08-15 05:55 - 000000000 ____D C:\Users\ivan\AppData\Local\Adobe
2018-05-31 14:23 - 2012-01-07 03:01 - 000000000 ____D C:\Windows\system32\Macromed
2018-05-31 14:23 - 2011-04-25 16:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-05-31 13:44 - 2009-07-13 19:34 - 125304832 _____ C:\Windows\system32\config\software.rmbak
2018-05-31 13:44 - 2009-07-13 19:34 - 001572864 _____ C:\Windows\system32\config\default.rmbak
2018-05-28 07:54 - 2018-05-03 17:37 - 000000584 _____ C:\Users\ivan\Desktop\Can I Keep My Car in Chapter 7 Bankruptcy - AllLaw.com.website
2018-05-28 07:54 - 2018-05-03 04:05 - 000000592 _____ C:\Users\ivan\Desktop\Can I Keep My Car in Bankruptcy .website
2018-05-28 06:20 - 2018-05-17 08:49 - 000000000 ____D C:\Users\ivan\My Documents\credit report fraud alert 051718

==================== Files in the root of some directories =======

2012-01-02 14:56 - 2011-05-11 19:08 - 685513468 _____ () C:\Program Files\S154G122P17T2274146441757FB.zip
2014-12-05 06:49 - 2014-12-05 06:49 - 015728304 _____ () C:\Program Files (x86)\jv16pt_setup.exe
2014-03-15 12:34 - 2014-11-04 21:58 - 000000096 _____ () C:\Users\ivan\AppData\Roaming\Camdata.ini
2014-03-15 12:34 - 2014-11-04 21:58 - 000000408 _____ () C:\Users\ivan\AppData\Roaming\CamLayout.ini
2014-03-15 12:34 - 2014-11-04 21:58 - 000000408 _____ () C:\Users\ivan\AppData\Roaming\CamShapes.ini
2014-03-15 12:34 - 2014-11-04 21:58 - 000004531 _____ () C:\Users\ivan\AppData\Roaming\CamStudio.cfg
2014-03-15 13:52 - 2014-03-19 21:52 - 000000000 _____ () C:\Users\ivan\AppData\Roaming\CamStudio.Producer.Data.ini
2014-03-15 13:52 - 2014-03-19 21:52 - 000001206 _____ () C:\Users\ivan\AppData\Roaming\CamStudio.Producer.ini
2015-01-08 21:49 - 2015-01-09 05:27 - 000000115 _____ () C:\Users\ivan\AppData\Roaming\LogFile.txt
2014-02-08 14:53 - 2014-02-08 14:53 - 000007859 _____ () C:\Users\ivan\AppData\Roaming\pcouffin.cat
2014-02-08 14:53 - 2014-02-08 14:53 - 000001167 _____ () C:\Users\ivan\AppData\Roaming\pcouffin.inf
2014-02-08 14:53 - 2014-02-26 05:50 - 000000055 _____ () C:\Users\ivan\AppData\Roaming\pcouffin.log
2014-02-08 14:53 - 2014-02-08 14:53 - 000082816 _____ (VSO Software) C:\Users\ivan\AppData\Roaming\pcouffin.sys
2015-01-13 05:11 - 2015-01-13 05:11 - 000000024 ___SH () C:\Users\ivan\AppData\Roaming\System5908ConfigCollection.dat
2014-03-15 10:47 - 2014-11-04 21:58 - 000000096 _____ () C:\Users\ivan\AppData\Roaming\version2.xml
2014-03-14 23:11 - 2018-06-03 20:11 - 000012800 _____ () C:\Users\ivan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-07 23:53 - 2018-02-19 20:12 - 000007599 _____ () C:\Users\ivan\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-17 23:47

==================== End of FRST.txt ============================

 

 

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,541 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:23 AM

Posted 24 June 2018 - 01:42 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Remove these programs in bold via the Control Panel > Programs > Programs and Features.
CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
SlimCleaner (HKLM-x32\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)

This program is no longer supported. It should be removed. Used the Farbar program instead.
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
===

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
CloseProcesses:

CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR RestoreOnStartup: Default -> "hxxps:\/\/search.yahoo.com\/?fr=vmn&type=auslog_ya_hp"
S4 kxqcsx; no ImagePath
S4 ofvpmj; no ImagePath
S4 pefxbo; no ImagePath
S4 rqkdql; no ImagePath
S4 tljkva; no ImagePath
S4 uezndl; no ImagePath
S4 uotote; no ImagePath
S4 cpuz134; \??\C:\Users\ivan\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] <==== ATTENTION[

AlternateDataStreams: C:\ProgramData\TEMP:0D786AE3 [314]
AlternateDataStreams: C:\ProgramData\TEMP:403E9384 [128]
AlternateDataStreams: C:\ProgramData\TEMP:649FE6EB [286]
AlternateDataStreams: C:\ProgramData\TEMP:65C88071 [157]
AlternateDataStreams: C:\ProgramData\TEMP:6D3F84D7 [129]
AlternateDataStreams: C:\ProgramData\TEMP:7C784982 [150]
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [942]
AlternateDataStreams: C:\ProgramData\TEMP:AEC0AC81 [302]
AlternateDataStreams: C:\ProgramData\TEMP:F169C698 [137]
AlternateDataStreams: C:\ProgramData\TEMP:F297470E [131]
AlternateDataStreams: C:\ProgramData\TEMP:FC53BBE6 [123]

Reboot:

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Plese let me know of any remaining issues.

#5 iagargurevich18

iagargurevich18
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:23 AM

Posted 24 June 2018 - 10:55 PM

Hello:

 

The following software was uninstalled with the assistance of revo uninstaller.

 

CPUID CPU-Z 1.77
SlimCleaner

HiJackThis

 

A Fixlist file was also prepared. FRST fix option was then ran as adviced. The FRST log is copied below, and I am attaching the Addition and fix.log files.

 

Please let me know if any a dditional fixes are necessary. the exploere seems to run well. Same  with the ie 11 browser I believe.

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by ivan (administrator) on ENGINEERING (24-06-2018 20:33:10)
Running from C:\Users\ivan\Desktop
Loaded Profiles: ivan (Available Profiles: ivan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Alienware) C:\Program Files\Alienware\Command Center\ThermalController.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Microsoft Corporation) C:\WINDOWS\System32\msiexec.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1175\DSAPI.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1175\pcdrwi.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13776088 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\EptMon64.dll,RunDLLEntry EptMon64
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3784400 2018-06-08] (Malwarebytes)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [12656 2012-06-18] (Alienware)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-10] (Creative Technology Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKU\S-1-5-21-4183597289-645686457-369926866-1000\...\Policies\system: [DisableLockWorkstation] 0
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL: EldosMountNotificator-cbfs6 - {F213F255-CF0A-44BE-829E-78EDF70FAC1A} - C:\Windows\system32\cbfsMntNtf6.dll (/n software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {F213F255-CF0A-44BE-829E-78EDF70FAC1A} - C:\Windows\SysWOW64\cbfsMntNtf6.dll (/n software, Inc.)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 209.18.47.63
Tcpip\..\Interfaces\{34629004-74FB-499D-864B-39279E66DCC6}: [DhcpNameServer] 198.18.0.1 198.18.0.2
Tcpip\..\Interfaces\{3CEBA230-997F-48B2-9284-1F9A1F7B7214}: [NameServer] 156.154.70.1,156.154.71.22
Tcpip\..\Interfaces\{3CEBA230-997F-48B2-9284-1F9A1F7B7214}: [DhcpNameServer] 209.18.47.61 209.18.47.62 209.18.47.63

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4183597289-645686457-369926866-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4183597289-645686457-369926866-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4183597289-645686457-369926866-1000 -> {FFA20B43-571C-494F-B827-B627EB505D60} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-06-11] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-06-11] (Oracle Corporation)
DPF: HKLM {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {3CBA13C3-58C7-47F1-9758-D4B255A50D51} hxxp://www.engin.umich.edu/~cre/fogler&gurmen/html/search/ses_ocx/sessearch.ocx
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1529369567015
DPF: HKLM-x32 {682C59F5-478C-4421-9070-AD170D143B77} hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-06-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-06-11] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.4.1.5521329\npmathplugin.dll [2016-04-24] (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-10] (Adobe Systems Inc.)
StartMenuInternet: firefox.exe - firefox.exe

Chrome:
=======
CHR Profile: C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default [2018-06-24]
CHR Extension: (Slides) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-08]
CHR Extension: (Docs) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-08]
CHR Extension: (Google Drive) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-27]
CHR Extension: (YouTube) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-27]
CHR Extension: (Google Search) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-27]
CHR Extension: (Sheets) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-08]
CHR Extension: (Google Docs Offline) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-21]
CHR Extension: (Gmail) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-27]
CHR Extension: (Chrome Media Router) - C:\Users\ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-24]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2018-02-11] (SUPERAntiSpyware.com)
S4 ADVService; C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe [23040 2015-02-22] (Amazon.com) [File not signed]
S3 Apache2.2; C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [20549 2013-07-10] (Apache Software Foundation) [File not signed]
S2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2018-02-10] (Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3346320 2018-02-10] (Dell Inc.)
S2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2018-02-10] (Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1175\DSAPI.exe [935232 2018-06-15] (PC-Doctor, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-08-29] (Disc Soft Ltd)
S3 DMDefragService; C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Defrag\DMDefragSrv.exe [1147040 2012-08-24] (PC Tools)
S3 DMRepairService; C:\Program Files (x86)\PC Tools\PC Tools Utilities\Tools\Repair\DMRepairSrv.exe [1134240 2012-08-24] (PC Tools)
S3 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [9872688 2018-06-16] (EnigmaSoft Limited)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2018-04-17] (Foxit Software Inc.)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-16] (NVIDIA Corporation)
S4 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [4367824 2018-01-18] (SecureMix LLC)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 msftesql$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe [91992 2010-03-26] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S4 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQLSERVER; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-16] (NVIDIA Corporation)
S4 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-16] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-16] (NVIDIA Corporation)
S4 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-24] (PC Tools)
S4 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe [135056 2012-08-15] (Nuance Communications, Inc.)
S3 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [538416 2018-06-16] (EnigmaSoft Limited)
S4 SophosVirusRemovalTool; C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [163680 2017-06-15] (Sophos Limited)
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-20] (DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [45528 2018-06-05] (Dell Inc.)
S3 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-07-20] (Western Digital Technologies, Inc.)
S3 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-07-20] (Western Digital Technologies, Inc.)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-09-29] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S4 avgntflt; C:\Windows\SysWOW64\DRIVERS\avgntflt.sys [171752 2016-08-18] (Avira Operations GmbH & Co. KG)
S4 avipbb; C:\Windows\SysWOW64\DRIVERS\avipbb.sys [145984 2016-08-18] (Avira Operations GmbH & Co. KG)
S4 avkmgr; C:\Windows\SysWOW64\DRIVERS\avkmgr.sys [28600 2016-08-18] (Avira Operations GmbH & Co. KG)
R1 BTOWSFF; C:\Windows\System32\Drivers\BTOWSFF.sys [31576 2018-02-15] (Toolwiz.com)
R0 BTOWSVF; C:\Windows\System32\Drivers\BTOWSVF.sys [50520 2018-02-15] (Toolwiz.com)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352008 2012-11-10] (EldoS Corporation)
R1 cbfs6; C:\Windows\system32\drivers\cbfs6.sys [460992 2016-09-21] (/n software, Inc.)
S3 cpuz137; C:\Program Files\CPUID\PC Wizard 2014\pcwiz_x64.sys [26856 2014-02-17] (CPUID)
S4 ctsvgn; no ImagePath
S3 DbusAudio; C:\Windows\System32\drivers\DbusAudio.sys [34504 2013-12-16] (Windows ® Win 7 DDK provider)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Dell Inc.)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2017-12-14] (Dell Computer Corporation)
S3 DrmCAudio; C:\Windows\System32\drivers\DrmCAudio.sys [34504 2013-12-16] (Windows ® Win 7 DDK provider)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-10-04] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-10-04] (Disc Soft Ltd)
R1 epp; C:\EEK\bin64\epp.sys [142448 2018-04-27] (Emsisoft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152184 2018-06-08] (Malwarebytes)
R1 gwdrv; C:\Windows\System32\DRIVERS\gwdrv.sys [33248 2015-05-28] (SecureMix LLC)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.)
S4 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-10-17] (REALiX™)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-18] (Intel Corporation)
R0 KSafeDISK; C:\Windows\System32\Drivers\KSafeDISK.sys [51544 2018-02-15] (Toolwiz.com)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [190696 2018-06-24] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112872 2018-06-24] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-06-24] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-06-24] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [94840 2018-06-24] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [125952 2014-06-16] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-17] (NVIDIA Corporation)
S4 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S4 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [24744 2013-10-07] (Audials AG)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [158024 2014-12-02] (MCCI Corporation)
R3 tapipvanish; C:\Windows\System32\DRIVERS\tapipvanish.sys [34520 2016-09-23] (The OpenVPN Project)
S4 uezndl; no ImagePath
S3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN60.sys [29472 2010-01-14] (Windows ® Codename Longhorn DDK provider)
R1 vmkbd3; C:\Windows\System32\DRIVERS\vmkbd.sys [52288 2016-09-06] (VMware, Inc.)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [93248 2016-09-02] (VMware, Inc.)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2018-02-18] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2018-02-19] (Zemana Ltd.)
S4 aswVmm; \??\C:\Users\ivan\AppData\Local\Temp\aswVmm.sys [X] <==== ATTENTION
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 dbx; system32\DRIVERS\dbx.sys [X]
S4 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [X]
S4 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-24 20:20 - 2018-06-24 20:20 - 000003291 _____ C:\Users\ivan\Desktop\Fixlog.txt
2018-06-24 12:48 - 2018-06-24 20:27 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-06-24 12:48 - 2018-06-24 20:27 - 000112872 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-06-24 12:48 - 2018-06-24 20:27 - 000094840 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-06-24 12:48 - 2018-06-24 20:27 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-06-24 12:48 - 2018-06-24 12:48 - 000190696 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-06-24 11:07 - 2018-06-24 11:08 - 000064589 _____ C:\Users\ivan\Desktop\Addition.txt
2018-06-24 00:19 - 2018-06-24 00:20 - 000000000 ____D C:\Users\ivan\My Documents\engineering genetic circuits
2018-06-23 21:06 - 2018-06-23 21:06 - 000035537 _____ C:\ComboFix.txt
2018-06-23 20:42 - 2018-06-23 21:06 - 000000000 ____D C:\Qoobox
2018-06-23 20:42 - 2011-06-25 23:45 - 000256000 _____ C:\Windows\PEV.exe
2018-06-23 20:42 - 2010-11-07 10:20 - 000208896 _____ C:\Windows\MBR.exe
2018-06-23 20:42 - 2009-04-19 21:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2018-06-23 20:42 - 2000-08-30 17:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2018-06-23 20:42 - 2000-08-30 17:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2018-06-23 20:42 - 2000-08-30 17:00 - 000098816 _____ C:\Windows\sed.exe
2018-06-23 20:42 - 2000-08-30 17:00 - 000080412 _____ C:\Windows\grep.exe
2018-06-23 20:42 - 2000-08-30 17:00 - 000068096 _____ C:\Windows\zip.exe
2018-06-23 20:40 - 2018-06-23 20:40 - 005660124 ____R (Swearware) C:\Users\ivan\Desktop\ComboFix.exe
2018-06-23 20:39 - 2018-06-23 22:02 - 000000514 _____ C:\Users\ivan\Desktop\BleepingComputer.website
2018-06-23 19:12 - 2018-06-23 19:12 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Wise Euask
2018-06-23 09:42 - 2018-06-23 09:42 - 000000000 ____D C:\Users\ivan\My Documents\scalacs dr keys obituary
2018-06-22 05:25 - 2018-06-22 05:27 - 000000000 ____D C:\Users\ivan\My Documents\Amnest International Request for Legal Conusel
2018-06-22 04:57 - 2018-06-22 05:04 - 000392032 _____ C:\Windows\system32\FNTCACHE.DAT
2018-06-21 00:41 - 2018-06-21 00:41 - 000000730 _____ C:\Users\ivan\Desktop\4 Repair Utilities to Fix the Majority of Known Windows Problems • Raymond.CC.website
2018-06-20 15:50 - 2018-06-20 15:50 - 000000934 _____ C:\Users\ivan\Desktop\Anti Hacker.lnk
2018-06-20 15:50 - 2018-06-20 15:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti Hacker
2018-06-20 15:50 - 2018-06-20 15:50 - 000000000 ____D C:\Program Files (x86)\Anti Hacker
2018-06-20 15:13 - 2018-06-20 15:13 - 000002883 _____ C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk
2018-06-20 15:13 - 2018-06-20 15:13 - 000000000 ____D C:\Program Files (x86)\Windows Installer Clean Up
2018-06-20 15:05 - 2018-06-20 15:12 - 000000000 ____D C:\Program Files (x86)\windows installer clean up utility 7.2
2018-06-20 14:27 - 2018-06-20 14:27 - 000050615 _____ C:\Users\ivan\Desktop\appcrashview.zip
2018-06-20 12:25 - 2018-06-24 20:33 - 000023192 _____ C:\Users\ivan\Desktop\FRST.txt
2018-06-19 11:06 - 2015-06-16 23:48 - 000937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2018-06-19 11:06 - 2015-06-16 23:03 - 000571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2018-06-19 02:35 - 2018-06-19 02:35 - 001061808 _____ (My Privacy Tools, Inc. ) C:\Users\ivan\Desktop\antihacker.exe
2018-06-19 00:21 - 2010-03-22 13:57 - 000347680 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2018-06-19 00:21 - 2010-01-05 19:39 - 000107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2018-06-18 18:11 - 2018-06-18 18:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2018-06-18 18:06 - 2018-06-18 18:13 - 000000000 ____D C:\9a6b4d8996406514826e9d
2018-06-17 14:47 - 2018-06-17 14:47 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-06-17 13:53 - 2018-06-17 13:53 - 000892416 _____ (Farbar) C:\Users\ivan\Downloads\MiniToolBox.exe
2018-06-16 22:42 - 2018-06-16 22:42 - 000000000 ____D C:\ProgramData\Firewall_Scanner
2018-06-16 22:42 - 2018-06-16 22:42 - 000000000 ____D C:\LOG
2018-06-16 16:48 - 2018-06-16 20:10 - 000001246 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2018-06-16 16:48 - 2018-06-16 16:48 - 000000000 ____D C:\sh5ldr
2018-06-16 16:48 - 2018-06-16 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2018-06-16 16:48 - 2018-06-16 16:48 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2018-06-16 16:47 - 2018-06-16 16:47 - 000000000 ____D C:\Program Files\EnigmaSoft
2018-06-16 10:27 - 2018-06-16 10:27 - 000001359 _____ C:\Users\ivan\My Documents\Recruiter Army statement.txt
2018-06-15 13:56 - 2018-06-15 13:56 - 000002135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2018-06-15 13:56 - 2018-06-15 13:56 - 000000000 ____D C:\Program Files\Microsoft Security Client
2018-06-15 13:56 - 2018-06-15 13:56 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2018-06-15 13:32 - 2018-06-15 13:32 - 000000000 ____D C:\found.001
2018-06-15 13:17 - 2018-06-15 13:17 - 000003816 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2018-06-15 13:17 - 2018-06-15 13:17 - 000002160 _____ C:\Users\Public\Desktop\SupportAssist.lnk
2018-06-15 13:17 - 2018-06-15 13:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2018-06-14 20:25 - 2018-06-14 20:25 - 000735680 _____ C:\Users\ivan\Downloads\435049_intl_x64_zip.exe
2018-06-14 18:20 - 2018-06-14 18:20 - 000003120 _____ C:\Windows\System32\Tasks\{FDEBAADE-044A-4E61-8ABC-237E0081C19D}
2018-06-13 15:33 - 2018-06-13 15:33 - 000000000 ____D C:\found.000
2018-06-13 14:15 - 2018-06-24 20:33 - 000051082 _____ C:\Windows\ZAM.krnl.trace
2018-06-13 14:15 - 2018-06-24 20:33 - 000016339 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-06-13 08:09 - 2018-05-29 13:36 - 000396960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-06-13 08:09 - 2018-05-29 12:40 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-06-13 08:09 - 2018-05-28 19:43 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-06-13 08:09 - 2018-05-28 19:41 - 005577408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-06-13 08:09 - 2018-05-28 19:41 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-06-13 08:09 - 2018-05-28 19:41 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-06-13 08:09 - 2018-05-28 19:41 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-06-13 08:09 - 2018-05-28 19:41 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-06-13 08:09 - 2018-05-28 19:35 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 004050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-06-13 08:09 - 2018-05-28 19:32 - 003962048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-06-13 08:09 - 2018-05-28 19:32 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:25 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 19:03 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-06-13 08:09 - 2018-05-28 19:03 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-06-13 08:09 - 2018-05-28 19:03 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-06-13 08:09 - 2018-05-28 19:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-06-13 08:09 - 2018-05-28 19:03 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-06-13 08:09 - 2018-05-28 18:59 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-06-13 08:09 - 2018-05-28 18:59 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-06-13 08:09 - 2018-05-28 18:59 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-06-13 08:09 - 2018-05-28 18:59 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-06-13 08:09 - 2018-05-28 18:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-06-13 08:09 - 2018-05-28 18:59 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-06-13 08:09 - 2018-05-28 18:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-06-13 08:09 - 2018-05-28 18:58 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-06-13 08:09 - 2018-05-28 18:58 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 18:58 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 18:58 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 18:58 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-06-13 08:09 - 2018-05-28 18:56 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-06-13 08:09 - 2018-05-28 18:55 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-06-13 08:09 - 2018-05-28 18:55 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-06-13 08:09 - 2018-05-28 18:54 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-06-13 08:09 - 2018-05-28 18:54 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-06-13 08:09 - 2018-05-28 17:04 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-06-13 08:09 - 2018-05-24 22:10 - 025742848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-06-13 08:09 - 2018-05-24 21:59 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-06-13 08:09 - 2018-05-24 21:59 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-06-13 08:09 - 2018-05-24 21:46 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-06-13 08:09 - 2018-05-24 21:45 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-06-13 08:09 - 2018-05-24 21:44 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-06-13 08:09 - 2018-05-24 21:44 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-06-13 08:09 - 2018-05-24 21:44 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-06-13 08:09 - 2018-05-24 21:43 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-06-13 08:09 - 2018-05-24 21:38 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-06-13 08:09 - 2018-05-24 21:37 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-06-13 08:09 - 2018-05-24 21:36 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-06-13 08:09 - 2018-05-24 21:34 - 020286976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-06-13 08:09 - 2018-05-24 21:33 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-06-13 08:09 - 2018-05-24 21:32 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-06-13 08:09 - 2018-05-24 21:32 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-06-13 08:09 - 2018-05-24 21:32 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-06-13 08:09 - 2018-05-24 21:32 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-06-13 08:09 - 2018-05-24 21:28 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-06-13 08:09 - 2018-05-24 21:24 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-06-13 08:09 - 2018-05-24 21:21 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-06-13 08:09 - 2018-05-24 21:16 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-06-13 08:09 - 2018-05-24 21:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-06-13 08:09 - 2018-05-24 21:15 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-06-13 08:09 - 2018-05-24 21:15 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-06-13 08:09 - 2018-05-24 21:14 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-06-13 08:09 - 2018-05-24 21:14 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-06-13 08:09 - 2018-05-24 21:14 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-06-13 08:09 - 2018-05-24 21:13 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-06-13 08:09 - 2018-05-24 21:12 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-06-13 08:09 - 2018-05-24 21:10 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-06-13 08:09 - 2018-05-24 21:10 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-06-13 08:09 - 2018-05-24 21:09 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-06-13 08:09 - 2018-05-24 21:08 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-06-13 08:09 - 2018-05-24 21:08 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-06-13 08:09 - 2018-05-24 21:07 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-06-13 08:09 - 2018-05-24 21:06 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-06-13 08:09 - 2018-05-24 21:06 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-06-13 08:09 - 2018-05-24 21:05 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-06-13 08:09 - 2018-05-24 21:05 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-06-13 08:09 - 2018-05-24 20:57 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-06-13 08:09 - 2018-05-24 20:57 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-06-13 08:09 - 2018-05-24 20:55 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-06-13 08:09 - 2018-05-24 20:55 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-06-13 08:09 - 2018-05-24 20:53 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-06-13 08:09 - 2018-05-24 20:53 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-06-13 08:09 - 2018-05-24 20:53 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-06-13 08:09 - 2018-05-24 20:52 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-06-13 08:09 - 2018-05-24 20:52 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-06-13 08:09 - 2018-05-24 20:51 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-06-13 08:09 - 2018-05-24 20:49 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-06-13 08:09 - 2018-05-24 20:48 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-06-13 08:09 - 2018-05-24 20:47 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-06-13 08:09 - 2018-05-24 20:45 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-06-13 08:09 - 2018-05-24 20:42 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-06-13 08:09 - 2018-05-24 20:40 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-06-13 08:09 - 2018-05-24 20:39 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-06-13 08:09 - 2018-05-24 20:39 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-06-13 08:09 - 2018-05-24 20:38 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-06-13 08:09 - 2018-05-24 20:38 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-06-13 08:09 - 2018-05-24 20:37 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-06-13 08:09 - 2018-05-24 20:29 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-06-13 08:09 - 2018-05-24 20:19 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-06-13 08:09 - 2018-05-24 20:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-06-13 08:09 - 2018-05-24 20:15 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-06-13 08:09 - 2018-05-24 20:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-06-13 08:09 - 2018-05-14 21:16 - 001681088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-06-13 08:09 - 2018-05-14 20:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-06-13 08:09 - 2018-05-14 20:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-06-13 08:09 - 2018-05-14 20:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-06-13 08:09 - 2018-05-14 20:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-06-13 08:09 - 2018-05-14 20:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-06-13 08:09 - 2018-05-14 20:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-06-13 08:09 - 2018-05-14 20:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-06-13 08:09 - 2018-05-14 20:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-06-13 08:09 - 2018-05-14 20:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-06-13 08:09 - 2018-05-14 20:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-06-13 08:09 - 2018-05-14 20:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-06-13 08:09 - 2018-05-14 20:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-06-13 08:09 - 2018-05-14 18:20 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-06-13 08:09 - 2018-05-14 18:20 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-06-13 08:09 - 2018-05-11 19:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-06-13 08:09 - 2018-05-11 19:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-06-13 08:09 - 2018-05-11 19:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-06-13 08:09 - 2018-05-11 14:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-06-13 08:09 - 2018-05-11 14:19 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-06-13 08:09 - 2018-05-11 14:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-06-13 08:09 - 2018-05-10 17:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-06-13 08:09 - 2018-05-10 17:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-06-13 08:09 - 2018-05-10 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-06-13 08:09 - 2018-04-06 09:39 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-06-13 08:09 - 2018-04-06 09:38 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-06-12 19:07 - 2018-06-22 05:31 - 000000000 ____D C:\Users\ivan\My Documents\Rutherford organization constitutional 061218
2018-06-11 03:47 - 2018-06-15 01:45 - 000000000 ____D C:\ProgramData\Foxit ContentPlatform
2018-06-11 03:47 - 2018-06-15 01:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2018-06-11 03:47 - 2018-06-11 03:47 - 000001313 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2018-06-11 03:47 - 2018-06-11 03:47 - 000000000 ____D C:\ProgramData\Foxit Software
2018-06-11 03:46 - 2018-06-11 03:46 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2018-06-11 02:52 - 2018-06-15 01:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-06-11 02:52 - 2018-06-11 02:52 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Sun
2018-06-11 02:52 - 2018-06-11 02:51 - 000111048 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2018-06-11 02:50 - 2018-06-11 02:50 - 000000000 ____D C:\Program Files\Java
2018-06-11 00:19 - 2018-06-11 00:19 - 000003272 _____ C:\Windows\System32\Tasks\{38D4E838-B48D-41AC-AAA6-02EA4C71CA23}
2018-06-10 07:58 - 2018-06-15 01:43 - 000000000 ____D C:\Users\TEMP
2018-06-10 07:58 - 2018-06-10 08:29 - 000001044 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-06-10 07:58 - 2018-06-10 07:58 - 000095432 _____ C:\Users\TEMP\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-10 07:58 - 2018-06-10 07:58 - 000002217 _____ C:\Users\TEMP\Desktop\Google Chrome.lnk
2018-06-10 07:58 - 2018-06-10 07:58 - 000000020 ___SH C:\Users\TEMP\ntuser.ini
2018-06-10 07:58 - 2018-06-10 07:58 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Adobe
2018-06-10 07:58 - 2018-06-10 07:58 - 000000000 ____D C:\Users\TEMP\AppData\Local\VirtualStore
2018-06-10 07:58 - 2018-06-10 07:58 - 000000000 ____D C:\Users\TEMP\AppData\Local\SoftThinks
2018-06-10 07:58 - 2018-06-10 07:58 - 000000000 ____D C:\Users\TEMP\AppData\Local\Google
2018-06-10 07:58 - 2015-09-20 07:10 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Media Center Programs
2018-06-10 07:58 - 2012-02-10 10:30 - 000000000 ____D C:\Users\TEMP\AppData\Local\Western Digital
2018-06-07 17:56 - 2018-06-07 17:56 - 000093231 _____ C:\Users\ivan\My Documents\Bank Of America Account Closing Hacking 3215.pdf
2018-06-06 14:54 - 2018-06-06 14:54 - 000000043 _____ C:\Windows\gswin32.ini
2018-06-05 13:02 - 2018-06-15 01:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-06-05 13:02 - 2018-06-08 06:56 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-06-04 13:17 - 2018-06-04 13:17 - 000000000 ____D C:\Users\Public\Foxit Software
2018-06-04 13:17 - 2018-06-04 13:17 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Foxit AgentInformation
2018-06-04 13:16 - 2018-06-11 03:47 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Foxit Software
2018-06-04 12:42 - 2018-06-11 04:17 - 000000311 _____ C:\Users\ivan\.EjsConsole.txt
2018-06-04 12:33 - 2018-06-11 00:43 - 000000371 _____ C:\Users\ivan\.Ejs.txt
2018-06-04 12:33 - 2018-06-11 00:43 - 000000000 ____D C:\Users\ivan\.Ejs.tmp
2018-06-03 00:23 - 2018-06-03 00:23 - 000087021 _____ C:\Users\ivan\My Documents\Knife Tactical survival 325s billing 060218.pdf
2018-06-02 15:51 - 2018-06-02 15:51 - 000193663 _____ C:\Users\ivan\My Documents\spyhunter renewal bill 060218.pdf
2018-06-01 15:37 - 2018-06-01 15:37 - 000096364 _____ C:\Users\ivan\My Documents\striker knife fight fast 060118 billing.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-24 20:33 - 2016-12-19 07:14 - 000000000 ____D C:\FRST
2018-06-24 20:24 - 2009-07-13 22:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-24 20:20 - 2014-11-29 18:38 - 000000000 ____D C:\Users\ivan\Desktop\virus removal and tools
2018-06-24 19:54 - 2013-03-05 21:07 - 000000000 ____D C:\Program Files\CPUID
2018-06-24 19:54 - 2013-03-05 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2018-06-24 19:16 - 2009-07-13 21:45 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-06-24 19:16 - 2009-07-13 21:45 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-06-24 18:39 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\system32\NDF
2018-06-24 11:43 - 2014-03-21 07:35 - 000000000 ____D C:\Users\ivan\AppData\Local\CrashDumps
2018-06-24 09:37 - 2018-02-10 08:09 - 000000000 ____D C:\Program Files\IPVanish VPN
2018-06-24 00:47 - 2018-04-30 22:07 - 000000000 ____D C:\Users\ivan\My Documents\Library Part VI 041418
2018-06-23 20:55 - 2009-07-13 19:34 - 000000227 _____ C:\Windows\system.ini
2018-06-23 20:50 - 2009-07-13 19:34 - 125304832 _____ C:\Windows\system32\config\software.bak
2018-06-23 20:50 - 2009-07-13 19:34 - 043778048 _____ C:\Windows\system32\config\system.bak
2018-06-23 20:50 - 2009-07-13 19:34 - 001572864 _____ C:\Windows\system32\config\default.bak
2018-06-23 20:50 - 2009-07-13 19:34 - 000061440 _____ C:\Windows\system32\config\sam.bak
2018-06-23 20:50 - 2009-07-13 19:34 - 000032768 _____ C:\Windows\system32\config\security.bak
2018-06-23 20:49 - 2014-03-22 12:31 - 000000000 ____D C:\Windows\erdnt
2018-06-23 19:58 - 2016-03-23 02:29 - 000000000 ____D C:\Program Files\Recuva
2018-06-23 19:14 - 2012-12-27 14:25 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-06-23 19:13 - 2015-01-09 00:30 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Wise Disk Cleaner
2018-06-23 18:32 - 2018-04-30 20:46 - 000000000 ____D C:\Users\ivan\My Documents\Calibre Library
2018-06-23 16:28 - 2012-12-28 20:49 - 000000000 ____D C:\Users\ivan\My Documents\Letter of Recomendations
2018-06-23 13:29 - 2012-01-01 10:45 - 000000000 ____D C:\Users\ivan\My Documents\CCleaner Backup
2018-06-23 12:52 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\inf
2018-06-23 12:27 - 2014-09-12 14:33 - 000000000 ____D C:\Users\ivan\My Documents\Newspaper Articles Commentaries News
2018-06-23 12:27 - 2012-12-31 16:21 - 000000000 ____D C:\Users\ivan\AppData\Roaming\PrimoPDF
2018-06-22 23:13 - 2018-04-27 07:14 - 000000000 ____D C:\EEK
2018-06-21 16:51 - 2018-04-26 09:36 - 000000629 _____ C:\Windows\SysWOW64\SmartFlow.txt
2018-06-21 09:49 - 2012-01-05 21:01 - 000000000 ____D C:\Calnetix Aspen Spreadsht Simulations
2018-06-21 09:49 - 2012-01-01 12:07 - 000000017 ____H C:\Windows\SysWOW64\servdat.slm
2018-06-21 09:37 - 2012-01-01 12:07 - 000000219 _____ C:\Windows\SysWOW64\lsprst7.tgz
2018-06-20 20:57 - 2011-12-31 17:35 - 000000000 ____D C:\Users\ivan
2018-06-20 15:12 - 2012-01-02 20:42 - 000000000 ____D C:\Program Files (x86)\MSECache
2018-06-20 08:18 - 2014-12-10 00:01 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2018-06-20 07:53 - 2016-12-19 07:12 - 002412544 _____ (Farbar) C:\Users\ivan\Desktop\FRST64.exe
2018-06-20 07:51 - 2016-10-17 05:09 - 000000000 ____D C:\ProgramData\SecTaskMan
2018-06-20 06:17 - 2013-06-14 17:48 - 000000000 ____D C:\Users\ivan\AppData\Local\ElevatedDiagnostics
2018-06-19 13:50 - 2018-04-27 12:55 - 000004130 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-06-19 11:43 - 2018-02-06 21:53 - 000000000 ____D C:\Users\ivan\My Documents\Library Part V 102417
2018-06-19 11:38 - 2014-03-24 17:27 - 000000000 ____D C:\ProgramData\NVIDIA
2018-06-19 11:33 - 2012-01-08 12:27 - 000000000 ____D C:\ProgramData\TEMP
2018-06-19 11:32 - 2009-07-13 22:32 - 000000000 ____D C:\Windows\Downloaded Program Files
2018-06-19 11:06 - 2013-11-14 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-06-19 11:06 - 2011-04-25 18:30 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-06-19 11:06 - 2011-04-25 17:01 - 000000000 ____D C:\Temp
2018-06-19 11:05 - 2011-04-25 18:30 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-06-19 11:05 - 2011-04-25 16:48 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-06-19 08:02 - 2011-04-25 19:16 - 000000000 ____D C:\Windows\Panther
2018-06-19 00:41 - 2011-12-31 17:35 - 000000000 ____D C:\Users\ivan\AppData\Local\SoftThinks
2018-06-19 00:02 - 2011-04-25 17:01 - 000000000 ____D C:\Program Files (x86)\AlienRespawn
2018-06-18 18:30 - 2012-01-01 12:05 - 000000000 ____D C:\Users\ivan\AppData\Roaming\DAEMON Tools Lite
2018-06-18 17:58 - 2012-01-01 11:14 - 000000000 ____D C:\Software Download Files
2018-06-18 17:50 - 2012-01-01 11:05 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2018-06-18 15:49 - 2009-07-13 22:13 - 000966584 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-18 15:02 - 2012-01-01 11:08 - 000917032 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-06-18 15:01 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\registration
2018-06-18 09:38 - 2012-01-05 22:40 - 000000000 ____D C:\SO2 Caustic Scrubber
2018-06-18 08:29 - 2009-07-13 19:34 - 000017618 _____ C:\Windows\system32\Drivers\etc\services
2018-06-18 08:11 - 2014-02-26 10:15 - 000000000 ____D C:\Users\ivan\AppData\Roaming\AnvSoft
2018-06-18 08:10 - 2016-01-08 14:42 - 000000580 _____ C:\Users\ivan\Desktop\Casio unveils smart watch for the outdoors.website
2018-06-17 23:54 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\rescache
2018-06-17 17:11 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-06-17 15:51 - 2016-03-19 15:33 - 000001415 _____ C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-06-17 14:51 - 2013-11-14 15:29 - 000000000 ____D C:\Windows\system32\MRT
2018-06-17 14:47 - 2012-02-05 08:37 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-06-17 13:56 - 2018-02-08 07:52 - 000000000 ____D C:\Users\ivan\Desktop\Process Monitors
2018-06-15 13:56 - 2015-01-09 05:36 - 000095432 _____ C:\Users\ivan\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-15 13:56 - 2012-12-27 09:02 - 000001945 _____ C:\Windows\epplauncher.mif
2018-06-15 13:44 - 2013-03-03 11:19 - 000000000 ____D C:\e-ExMa
2018-06-15 13:38 - 2015-12-12 06:06 - 000000000 ____D C:\ProgramData\PCDr
2018-06-15 13:17 - 2018-02-05 09:46 - 000000000 ____D C:\ProgramData\SupportAssist
2018-06-15 11:57 - 2015-02-21 17:36 - 000000576 _____ C:\Users\ivan\Desktop\Create an XP Mode for Windows 7 Home Versions & Vista.website
2018-06-15 08:34 - 2016-03-10 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0
2018-06-15 08:33 - 2016-09-20 03:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2
2018-06-15 08:33 - 2016-09-14 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Port Scanner v2
2018-06-15 08:33 - 2016-05-04 02:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBMonitor
2018-06-15 08:33 - 2016-05-02 17:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NADetector
2018-06-15 08:33 - 2016-05-02 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RemoteDeviceExplorer
2018-06-15 08:33 - 2016-05-02 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetworkProcMonitor
2018-06-15 08:33 - 2016-01-30 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePortScanner
2018-06-15 08:33 - 2014-11-29 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeSysInfo
2018-06-15 08:33 - 2014-11-29 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BhoScanner
2018-06-15 08:33 - 2014-11-29 10:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RemoteServiceMonitoring
2018-06-15 08:33 - 2014-10-15 14:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Schrodinger-2013-1
2018-06-15 08:33 - 2014-03-22 00:28 - 000000000 ____D C:\Program Files\HitmanPro
2018-06-15 08:33 - 2014-02-26 22:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2018-06-15 08:33 - 2013-11-21 04:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTC Mathcad
2018-06-15 08:33 - 2012-12-30 03:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2018-06-15 08:33 - 2012-12-27 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica
2018-06-15 08:33 - 2012-12-27 08:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Utilities
2018-06-15 08:33 - 2012-12-27 06:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegAuditor
2018-06-15 08:33 - 2012-08-13 08:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Polymath Software
2018-06-15 08:33 - 2012-08-11 14:37 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Windows Performance Toolkit
2018-06-15 08:33 - 2012-05-26 03:20 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REFPROP
2018-06-15 08:33 - 2012-01-01 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenBabel 2.3.1
2018-06-15 08:33 - 2012-01-01 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-06-15 08:32 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\system32\Msdtc
2018-06-15 01:55 - 2012-01-01 08:30 - 000000000 ____D C:\Windows\{B251C9DD-FCEA-4039-966F-B989C65D2302}
2018-06-15 01:55 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\system32\ias
2018-06-15 01:54 - 2016-10-13 09:24 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-06-15 01:54 - 2016-03-05 15:26 - 000000000 ____D C:\Windows\system32\STRING
2018-06-15 01:54 - 2016-03-04 16:32 - 000000000 ____D C:\Windows\SysWOW64\shared
2018-06-15 01:54 - 2016-03-04 16:30 - 000000000 ____D C:\Windows\SysWOW64\chdl
2018-06-15 01:54 - 2015-07-31 16:40 - 000000000 ____D C:\Windows\PIXTRAN
2018-06-15 01:54 - 2014-10-15 14:43 - 000000000 ____D C:\Windows\SysWOW64\instcheck-engineering-diagnostics
2018-06-15 01:54 - 2014-03-15 15:09 - 000000000 ____D C:\Windows\en
2018-06-15 01:54 - 2014-02-26 09:33 - 000000000 ____D C:\Windows\SysWOW64\SmitfraudFix
2018-06-15 01:54 - 2012-02-04 19:16 - 000000000 ____D C:\Windows\System32\Tasks\Apple
2018-06-15 01:54 - 2012-01-18 19:38 - 000000000 ____D C:\Windows\pss
2018-06-15 01:54 - 2012-01-04 05:52 - 000000000 ____D C:\Windows\system32\SPReview
2018-06-15 01:54 - 2012-01-04 05:51 - 000000000 ____D C:\Windows\system32\EventProviders
2018-06-15 01:54 - 2011-12-31 16:22 - 000000000 ____D C:\Windows\SMINST
2018-06-15 01:54 - 2011-04-25 18:30 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-06-15 01:54 - 2009-07-14 00:45 - 000000000 ____D C:\Windows\ShellNew
2018-06-15 01:54 - 2009-07-13 22:32 - 000000000 ____D C:\Windows\Offline Web Pages
2018-06-15 01:54 - 2009-07-13 22:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2018-06-15 01:54 - 2009-07-13 20:20 - 000000000 __RSD C:\Windows\Media
2018-06-15 01:54 - 2009-07-13 20:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2018-06-15 01:54 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\TAPI
2018-06-15 01:54 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2018-06-15 01:54 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\system32\spool
2018-06-15 01:54 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\IME
2018-06-15 01:54 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\Help
2018-06-15 01:53 - 2018-02-08 07:55 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Runscanner.net
2018-06-15 01:53 - 2018-02-08 07:41 - 000000000 ____D C:\Users\ivan\My Documents\Bankruptcy Documents 0ct 2017
2018-06-15 01:53 - 2017-08-03 21:45 - 000000000 ____D C:\Users\ivan\My Documents\RegRun2
2018-06-15 01:53 - 2016-12-18 17:20 - 000000000 ____D C:\Users\ivan\AppData\Local\ToolwizCareFree
2018-06-15 01:53 - 2016-10-17 06:33 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2018-06-15 01:53 - 2016-10-17 06:33 - 000000000 ____D C:\Users\ivan\AppData\Roaming\IrfanView
2018-06-15 01:53 - 2016-09-26 02:06 - 000000000 ____D C:\Users\ivan\Desktop\port scanners
2018-06-15 01:53 - 2016-04-08 08:21 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto
2018-06-15 01:53 - 2016-02-25 07:30 - 000000000 ___RD C:\Users\ivan\Dropbox
2018-06-15 01:53 - 2015-12-30 09:23 - 000000000 ____D C:\Users\ivan\AppData\Local\FreeFixer
2018-06-15 01:53 - 2015-02-24 07:26 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore Explorer
2018-06-15 01:53 - 2015-02-21 18:30 - 000000000 ____D C:\Users\ivan\AppData\Roaming\VMware
2018-06-15 01:53 - 2015-01-13 11:57 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools 2014
2018-06-15 01:53 - 2015-01-06 14:22 - 000000000 ____D C:\Users\ivan\AppData\Local\OurrarUdl
2018-06-15 01:53 - 2014-12-31 07:43 - 000000000 ____D C:\uninstall
2018-06-15 01:53 - 2014-11-05 00:06 - 000000000 ____D C:\Users\ivan\AppData\Roaming\dvdcss
2018-06-15 01:53 - 2014-11-05 00:04 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Digiarty
2018-06-15 01:53 - 2014-10-15 14:10 - 000000000 ____D C:\Schrodinger2013-1_x86
2018-06-15 01:53 - 2014-05-11 13:53 - 000000000 ____D C:\SpectrumView
2018-06-15 01:53 - 2014-03-15 06:25 - 000000000 ____D C:\Users\ivan\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2018-06-15 01:53 - 2014-03-02 22:07 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Expired Cookies Cleaner
2018-06-15 01:53 - 2014-02-16 06:57 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2018-06-15 01:53 - 2014-02-08 13:27 - 000000000 ____D C:\Users\ivan\AppData\Roaming\DVDVideoSoft
2018-06-15 01:53 - 2013-06-15 01:53 - 000000000 ____D C:\Users\ivan\Downloads\pagefixzip
2018-06-15 01:53 - 2013-04-15 04:34 - 000000000 ____D C:\Users\ivan\dell retrived contents
2018-06-15 01:53 - 2013-03-05 21:09 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2018-06-15 01:53 - 2013-03-05 17:53 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner
2018-06-15 01:53 - 2012-12-30 03:14 - 000000000 ____D C:\Users\ivan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-06-15 01:53 - 2012-12-29 11:31 - 000000000 ____D C:\Users\ivan\My Documents\calibre 64bit - E-book Management
2018-06-15 01:53 - 2012-06-16 08:15 - 000000000 ___RD C:\Users\ivan\My Documents\Scanned Documents
2018-06-15 01:53 - 2012-01-22 17:17 - 000000000 ___SD C:\Users\ivan\My Documents\My Shapes
2018-06-15 01:53 - 2012-01-03 21:55 - 000000000 ___SD C:\Users\ivan\My Shapes
2018-06-15 01:53 - 2009-07-13 20:20 - 000000000 __RHD C:\Users\Public\Libraries
2018-06-15 01:53 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\AppCompat
2018-06-15 01:52 - 2018-05-02 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nonlinear Oscillations
2018-06-15 01:52 - 2018-05-02 14:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Physics of Oscillations
2018-06-15 01:52 - 2018-05-02 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Planets and Satellites
2018-06-15 01:52 - 2018-02-10 20:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GlassWire
2018-06-15 01:52 - 2018-02-09 07:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yet Another (remote) Process Monitor
2018-06-15 01:52 - 2018-02-09 07:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\What's my computer doing
2018-06-15 01:52 - 2018-02-09 07:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\What's Running
2018-06-15 01:52 - 2018-02-09 07:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
2018-06-15 01:52 - 2018-02-09 07:25 - 000000000 ____D C:\Program Files\Process Hacker 2
2018-06-15 01:52 - 2018-02-08 07:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2018-06-15 01:52 - 2017-08-03 05:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-06-15 01:52 - 2016-12-20 05:59 - 000000000 ____D C:\Program Files\Registrar Registry Manager
2018-06-15 01:52 - 2016-12-19 03:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Files Finder
2018-06-15 01:52 - 2016-12-18 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dupeGuru
2018-06-15 01:52 - 2016-12-18 17:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ToolwizCareFree
2018-06-15 01:52 - 2016-10-17 09:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apache HTTP Server 2.2
2018-06-15 01:52 - 2016-10-17 08:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivePerl 5.24.0 Build 2400 (64-bit)
2018-06-15 01:52 - 2016-10-16 06:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPVanish
2018-06-15 01:52 - 2016-10-15 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astroburn Lite
2018-06-15 01:52 - 2016-10-14 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACDLabs Freeware 2015
2018-06-15 01:52 - 2016-10-13 14:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDjView
2018-06-15 01:52 - 2016-10-13 11:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2018-06-15 01:52 - 2016-10-06 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-06-15 01:52 - 2016-10-04 09:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2018-06-15 01:52 - 2016-09-28 08:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2900 series User Registration
2018-06-15 01:52 - 2016-09-21 07:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftPerfect Network Scanner
2018-06-15 01:52 - 2016-09-21 07:38 - 000000000 ____D C:\Program Files\SoftPerfect Network Scanner
2018-06-15 01:52 - 2016-09-07 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Slitheris Network Discovery
2018-06-15 01:52 - 2016-05-27 06:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram CDF Player
2018-06-15 01:52 - 2016-05-02 06:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftPerfect WiFi Guard
2018-06-15 01:52 - 2016-05-02 06:34 - 000000000 ____D C:\Program Files\SoftPerfect WiFi Guard
2018-06-15 01:52 - 2016-04-29 21:03 - 000000000 ____D C:\ProgramData\Licenses
2018-06-15 01:52 - 2016-04-29 21:03 - 000000000 ____D C:\Program Files\WinPcap
2018-06-15 01:52 - 2016-04-14 06:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2900 series Manual
2018-06-15 01:52 - 2016-03-23 02:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2018-06-15 01:52 - 2016-03-06 00:40 - 000000000 ___HD C:\ProgramData\CanonIJScan
2018-06-15 01:52 - 2016-03-05 20:41 - 000000000 ___HD C:\ProgramData\CanonIJEGV
2018-06-15 01:52 - 2016-03-05 15:14 - 000000000 ___HD C:\ProgramData\CanonIJETV
2018-06-15 01:52 - 2016-03-04 16:14 - 000000000 ____D C:\ProgramData\BOINC
2018-06-15 01:52 - 2016-02-27 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.1
2018-06-15 01:52 - 2015-12-13 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-06-15 01:52 - 2015-12-13 19:40 - 000000000 ____D C:\Program Files\Speccy
2018-06-15 01:52 - 2015-12-10 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClamWin Antivirus
2018-06-15 01:52 - 2015-12-08 05:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2018-06-15 01:52 - 2015-07-31 16:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PDF Converter Professional 8
2018-06-15 01:52 - 2015-04-11 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2018-06-15 01:52 - 2015-04-03 16:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2018-06-15 01:52 - 2015-01-13 05:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools 2014
2018-06-15 01:52 - 2015-01-09 05:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Disk Cleaner
2018-06-15 01:52 - 2014-12-31 07:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Extreme Tuning Utility
2018-06-15 01:52 - 2014-05-14 06:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Analyser
2018-06-15 01:52 - 2014-05-11 13:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpectrumView
2018-06-15 01:52 - 2014-04-23 09:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 10
2018-06-15 01:52 - 2014-04-11 07:41 - 000000000 ____D C:\ProgramData\RapidSolution
2018-06-15 01:52 - 2014-03-22 00:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2018-06-15 01:52 - 2014-03-22 00:28 - 000000000 ____D C:\ProgramData\HitmanPro
2018-06-15 01:52 - 2014-02-26 22:51 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2018-06-15 01:52 - 2013-11-21 04:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTC
2018-06-15 01:52 - 2013-11-17 00:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMSOL 4.3a
2018-06-15 01:52 - 2013-11-15 12:22 - 000000000 ____D C:\QB64
2018-06-15 01:52 - 2013-11-15 02:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spartan '14 V1.1.0 (x86)
2018-06-15 01:52 - 2013-06-20 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2018-06-15 01:52 - 2013-06-20 11:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIMzLAB
2018-06-15 01:52 - 2013-06-19 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOPAC 2009
2018-06-15 01:52 - 2013-06-19 19:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHEMKED I & II
2018-06-15 01:52 - 2013-06-19 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
2018-06-15 01:52 - 2013-06-15 01:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PageFix 2.0
2018-06-15 01:52 - 2013-05-16 19:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint
2018-06-15 01:52 - 2012-12-30 03:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-06-15 01:52 - 2012-12-30 03:13 - 000000000 ____D C:\Program Files\WinRAR
2018-06-15 01:52 - 2012-12-29 18:15 - 000000000 ____D C:\Program Files\WinDjView
2018-06-15 01:52 - 2012-12-29 07:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
2018-06-15 01:52 - 2012-12-27 17:35 - 000000000 ____D C:\Program Files\Psexec
2018-06-15 01:52 - 2012-12-27 05:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrimoPDF
2018-06-15 01:52 - 2012-12-27 05:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GaussView 5.0
2018-06-15 01:52 - 2012-08-11 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debugging Tools for Windows (x64)
2018-06-15 01:52 - 2012-08-11 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Application Verifier (x64)
2018-06-15 01:52 - 2012-08-11 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Application Verifier
2018-06-15 01:52 - 2012-08-11 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows SDK v7.1
2018-06-15 01:52 - 2012-08-04 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Inspector for Windows
2018-06-15 01:52 - 2012-07-28 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Rider
2018-06-15 01:52 - 2012-07-23 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
2018-06-15 01:52 - 2012-07-23 16:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostgum
2018-06-15 01:52 - 2012-02-01 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivePerl 5.14.2 Build 1402 (64-bit)
2018-06-15 01:52 - 2012-01-01 12:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AspenTech
2018-06-15 01:52 - 2012-01-01 12:05 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2018-06-15 01:52 - 2012-01-01 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gaussian 09W
2018-06-15 01:52 - 2012-01-01 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spartan '10 V1.0.1
2018-06-15 01:52 - 2012-01-01 11:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
2018-06-15 01:52 - 2012-01-01 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RasWin
2018-06-15 01:52 - 2012-01-01 10:55 - 000000000 ____D C:\ProgramData\Advanced Chemistry Development
2018-06-15 01:52 - 2012-01-01 10:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMopac
2018-06-15 01:52 - 2012-01-01 09:04 - 000000000 ____D C:\ProgramData\Ezprint
2018-06-15 01:52 - 2012-01-01 09:04 - 000000000 ____D C:\ProgramData\Dl_cats
2018-06-15 01:52 - 2012-01-01 00:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-06-15 01:52 - 2011-04-25 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Documentation
2018-06-15 01:52 - 2011-04-25 17:08 - 000000000 ____D C:\ProgramData\FLEXnet
2018-06-15 01:52 - 2011-04-25 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2018-06-15 01:52 - 2011-04-25 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AlienRespawn
2018-06-15 01:52 - 2011-04-25 16:51 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-06-15 01:52 - 2009-07-13 22:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-06-15 01:52 - 2009-07-13 22:32 - 000000000 ____D C:\Program Files\Windows Sidebar
2018-06-15 01:51 - 2016-10-15 19:58 - 000000000 ____D C:\Program Files\IrfanView
2018-06-15 01:51 - 2016-10-06 18:12 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2018-06-15 01:51 - 2016-02-27 18:47 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard Free 9.1
2018-06-15 01:51 - 2015-12-08 05:51 - 000000000 ____D C:\Program Files\HWiNFO64
2018-06-15 01:51 - 2015-07-24 11:32 - 000000000 ____D C:\Program Files\Dell Printable Web
2018-06-15 01:51 - 2015-04-11 17:45 - 000000000 ____D C:\Program Files\Defraggler
2018-06-15 01:51 - 2012-08-11 14:37 - 000000000 ____D C:\Program Files\Microsoft Windows Performance Toolkit
2018-06-15 01:51 - 2012-08-11 14:36 - 000000000 ____D C:\Program Files\Debugging Tools for Windows (x64)
2018-06-15 01:51 - 2012-01-01 11:38 - 000000000 ____D C:\Program Files\MOPAC
2018-06-15 01:51 - 2012-01-01 11:06 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2018-06-15 01:50 - 2018-05-02 14:11 - 000000000 ____D C:\Program Files (x86)\Physics of Oscillations
2018-06-15 01:50 - 2018-02-10 20:05 - 000000000 ____D C:\Program Files (x86)\GlassWire
2018-06-15 01:50 - 2018-02-09 07:50 - 000000000 ____D C:\Program Files (x86)\Yet Another (remote) Process Monitor
2018-06-15 01:50 - 2018-02-09 07:31 - 000000000 ____D C:\Program Files (x86)\What's my computer doing
2018-06-15 01:50 - 2018-02-09 07:30 - 000000000 ____D C:\Program Files (x86)\WhatsRunning
2018-06-15 01:50 - 2017-08-03 05:08 - 000000000 ____D C:\Program Files\7-Zip
2018-06-15 01:50 - 2016-12-18 17:20 - 000000000 ____D C:\Program Files (x86)\ToolwizCareFree
2018-06-15 01:50 - 2016-10-06 18:12 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2018-06-15 01:50 - 2016-03-04 16:12 - 000000000 ____D C:\Program Files\BitTorrent
2018-06-15 01:50 - 2015-12-08 05:30 - 000000000 ____D C:\Program Files (x86)\Security Task Manager
2018-06-15 01:50 - 2015-07-31 16:25 - 000000000 ____D C:\Program Files (x86)\Microsoft ActiveSync
2018-06-15 01:50 - 2015-05-07 02:20 - 000000000 ____D C:\Program Files (x86)\Scan-X
2018-06-15 01:50 - 2015-03-12 23:53 - 000000000 ____D C:\Program Files (x86)\WinRarPasswordRemover
2018-06-15 01:50 - 2015-02-24 07:26 - 000000000 ____D C:\Program Files (x86)\System Restore Explorer
2018-06-15 01:50 - 2015-01-13 05:10 - 000000000 ____D C:\Program Files (x86)\jv16 PowerTools 2014
2018-06-15 01:50 - 2014-05-14 06:26 - 000000000 ____D C:\Program Files (x86)\Visual Analyser
2018-06-15 01:50 - 2014-05-12 14:57 - 000000000 ____D C:\Program Files (x86)\TrueRTA_3
2018-06-15 01:50 - 2013-06-20 16:18 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2018-06-15 01:50 - 2013-06-18 10:12 - 000000000 ____D C:\Program Files\Bonjour
2018-06-15 01:50 - 2013-06-15 01:53 - 000000000 ____D C:\Program Files (x86)\PageFix 2.0
2018-06-15 01:50 - 2013-03-05 21:09 - 000000000 ____D C:\Program Files (x86)\GPU-Z
2018-06-15 01:50 - 2013-01-06 22:21 - 000000000 ____D C:\Program Files (x86)\SimzLab
2018-06-15 01:50 - 2012-12-30 03:29 - 000000000 ____D C:\Program Files (x86)\IrfanView
2018-06-15 01:50 - 2012-12-29 09:17 - 000000000 ____D C:\Program Files (x86)\Startup Lite
2018-06-15 01:50 - 2012-12-27 08:07 - 000000000 ____D C:\Program Files (x86)\Free Window Registry Repair
2018-06-15 01:50 - 2012-08-11 14:36 - 000000000 ____D C:\Program Files\Application Verifier (x64)
2018-06-15 01:50 - 2012-08-04 22:24 - 000000000 ____D C:\Program Files (x86)\Startup Inspector for Windows
2018-06-15 01:50 - 2012-07-28 09:16 - 000000000 ____D C:\Program Files (x86)\PDFRider
2018-06-15 01:50 - 2012-05-26 03:20 - 000000000 ____D C:\Program Files (x86)\REFPROP
2018-06-15 01:50 - 2012-01-08 19:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2018-06-15 01:50 - 2012-01-01 16:09 - 000000000 ____D C:\Program Files (x86)\GASEQ
2018-06-15 01:50 - 2012-01-01 11:00 - 000000000 ____D C:\Program Files (x86)\RasWin
2018-06-15 01:50 - 2012-01-01 10:57 - 000000000 ____D C:\Program Files (x86)\OpenBabel-2.3.1
2018-06-15 01:50 - 2012-01-01 10:46 - 000000000 ____D C:\Program Files (x86)\WinMopac
2018-06-15 01:50 - 2012-01-01 00:17 - 000000000 ____D C:\Program Files\CCleaner
2018-06-15 01:50 - 2009-07-13 22:32 - 000000000 ____D C:\Program Files (x86)\Windows Sidebar
2018-06-15 01:49 - 2016-12-19 03:44 - 000000000 ____D C:\Program Files (x86)\Duplicate Files Finder
2018-06-15 01:49 - 2016-10-14 15:08 - 000000000 ____D C:\ACD2015FREE
2018-06-15 01:49 - 2016-10-04 09:59 - 000000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2018-06-15 01:49 - 2016-09-20 03:34 - 000000000 ____D C:\Program Files (x86)\Advanced IP Scanner
2018-06-15 01:49 - 2016-09-14 17:57 - 000000000 ____D C:\Program Files (x86)\Advanced Port Scanner
2018-06-15 01:49 - 2016-03-04 18:52 - 000000000 ____D C:\Program Files (x86)\DLLEscort
2018-06-15 01:49 - 2015-12-10 20:03 - 000000000 ____D C:\Program Files (x86)\ClamWin
2018-06-15 01:49 - 2015-08-01 09:54 - 000000000 ____D C:\AdwCleaner
2018-06-15 01:49 - 2014-04-04 02:39 - 000000000 ____D C:\eptsoft basic programing
2018-06-15 01:49 - 2014-04-03 10:34 - 000000000 ____D C:\eptsoft computing
2018-06-15 01:49 - 2014-04-03 10:08 - 000000000 ____D C:\eptsoft
2018-06-15 01:49 - 2014-03-02 22:07 - 000000000 ____D C:\Program Files (x86)\Expired Cookies Cleaner
2018-06-15 01:49 - 2013-06-18 10:12 - 000000000 ____D C:\Program Files (x86)\Bonjour
2018-06-15 01:49 - 2013-05-16 19:33 - 000000000 ____D C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint
2018-06-15 01:49 - 2012-12-29 09:10 - 000000000 ____D C:\Program Files (x86)\Chameleon
2018-06-15 01:49 - 2012-12-29 07:52 - 000000000 ____D C:\Program Files (x86)\FileASSASSIN
2018-06-15 01:49 - 2012-12-27 15:41 - 000000000 ____D C:\gamess.64
2018-06-15 01:49 - 2012-08-11 14:36 - 000000000 ____D C:\Program Files (x86)\Application Verifier
2018-06-15 01:49 - 2012-05-19 14:05 - 000000000 ____D C:\Program Files (x86)\Astroburn Lite
2018-06-15 01:49 - 2012-02-04 19:16 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-06-15 01:49 - 2012-01-05 21:01 - 000000000 ____D C:\Mopac Input Files
2018-06-15 01:49 - 2012-01-01 12:01 - 000000000 ____D C:\Aspen License
2018-06-15 01:49 - 2012-01-01 11:29 - 000000000 ____D C:\G09W
2018-06-15 01:49 - 2012-01-01 11:12 - 000000000 ____D C:\Program Files (x86)\ChemkedII34
2018-06-15 01:49 - 2012-01-01 11:10 - 000000000 ____D C:\Program Files (x86)\Chemked40
2018-06-15 01:48 - 2012-06-04 13:43 - 000000000 ____D C:\Dell
2018-06-15 01:47 - 2009-07-13 20:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-06-15 01:45 - 2018-02-19 08:12 - 000000000 ____D C:\Program Files\RogueKiller
2018-06-15 01:45 - 2014-02-16 06:57 - 000000000 ____D C:\Program Files\Unlocker
2018-06-15 01:44 - 2018-02-19 08:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-06-15 01:44 - 2016-08-28 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-06-15 01:44 - 2014-12-10 00:01 - 000000000 ____D C:\ProgramData\RogueKiller
2018-06-15 01:42 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\servicing
2018-06-15 01:41 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\system32\sysprep
2018-06-14 20:55 - 2016-03-17 09:28 - 000000479 _____ C:\Users\ivan\Desktop\Healing Mudras.website
2018-06-14 19:44 - 2009-07-13 22:08 - 000032582 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-06-14 12:02 - 2015-12-27 17:01 - 000002186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-12 19:19 - 2017-08-03 21:45 - 000000000 ____D C:\Users\ivan\My Documents\Linkedin Posts Gargurevich
2018-06-12 19:08 - 2018-02-08 07:41 - 000000000 ____D C:\Users\ivan\My Documents\Civil Rights Violations Wildomar DA Statement 013018
2018-06-12 19:06 - 2012-12-28 20:48 - 000000000 ____D C:\Users\ivan\My Documents\Cedar Spring Court Conflict
2018-06-11 02:52 - 2012-01-01 00:20 - 000000000 ____D C:\Users\ivan\AppData\LocalLow\Sun
2018-06-11 02:51 - 2013-11-16 03:48 - 000000000 ____D C:\ProgramData\Oracle
2018-06-10 17:11 - 2013-11-19 06:52 - 000000503 _____ C:\Users\ivan\Desktop\Crash Course in Basic Night Sky Observing Day 3  One-Minute Astronomer.website
2018-06-10 17:09 - 2013-11-19 06:52 - 000000519 _____ C:\Users\ivan\Desktop\Amateur Observers' Beginner's Guide.website
2018-06-10 12:21 - 2014-03-29 13:59 - 000000000 ____D C:\Users\ivan\AppData\Local\calibre-cache
2018-06-07 18:32 - 2016-10-13 13:51 - 000000000 ____D C:\Users\ivan\AppData\Roaming\WiseUpdate
2018-06-07 15:59 - 2012-08-04 22:28 - 000000000 ____D C:\Users\ivan\AppData\Roaming\wsInspector
2018-06-06 15:04 - 2015-02-06 05:09 - 000011407 _____ C:\Users\ivan\gsview64.ini
2018-06-04 11:46 - 2017-08-02 19:36 - 000000000 ____D C:\Users\ivan\My Documents\Library Part IV 06202017
2018-06-03 20:11 - 2014-03-14 23:11 - 000012800 _____ C:\Users\ivan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-06-01 18:11 - 2018-04-30 21:06 - 000000000 ____D C:\Users\ivan\My Documents\My Kindle Content
2018-05-31 14:23 - 2016-09-16 06:38 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-05-31 14:23 - 2016-09-16 06:38 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-31 14:23 - 2014-08-15 05:55 - 000000000 ____D C:\Users\ivan\AppData\Local\Adobe
2018-05-31 14:23 - 2012-01-07 03:01 - 000000000 ____D C:\Windows\system32\Macromed
2018-05-31 14:23 - 2011-04-25 16:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-05-31 13:44 - 2009-07-13 19:34 - 125304832 _____ C:\Windows\system32\config\software.rmbak
2018-05-31 13:44 - 2009-07-13 19:34 - 001572864 _____ C:\Windows\system32\config\default.rmbak
2018-05-28 07:54 - 2018-05-03 17:37 - 000000584 _____ C:\Users\ivan\Desktop\Can I Keep My Car in Chapter 7 Bankruptcy - AllLaw.com.website
2018-05-28 07:54 - 2018-05-03 04:05 - 000000592 _____ C:\Users\ivan\Desktop\Can I Keep My Car in Bankruptcy .website
2018-05-28 06:20 - 2018-05-17 08:49 - 000000000 ____D C:\Users\ivan\My Documents\credit report fraud alert 051718

==================== Files in the root of some directories =======

2012-01-02 14:56 - 2011-05-11 19:08 - 685513468 _____ () C:\Program Files\S154G122P17T2274146441757FB.zip
2014-12-05 06:49 - 2014-12-05 06:49 - 015728304 _____ () C:\Program Files (x86)\jv16pt_setup.exe
2014-03-15 12:34 - 2014-11-04 21:58 - 000000096 _____ () C:\Users\ivan\AppData\Roaming\Camdata.ini
2014-03-15 12:34 - 2014-11-04 21:58 - 000000408 _____ () C:\Users\ivan\AppData\Roaming\CamLayout.ini
2014-03-15 12:34 - 2014-11-04 21:58 - 000000408 _____ () C:\Users\ivan\AppData\Roaming\CamShapes.ini
2014-03-15 12:34 - 2014-11-04 21:58 - 000004531 _____ () C:\Users\ivan\AppData\Roaming\CamStudio.cfg
2014-03-15 13:52 - 2014-03-19 21:52 - 000000000 _____ () C:\Users\ivan\AppData\Roaming\CamStudio.Producer.Data.ini
2014-03-15 13:52 - 2014-03-19 21:52 - 000001206 _____ () C:\Users\ivan\AppData\Roaming\CamStudio.Producer.ini
2015-01-08 21:49 - 2015-01-09 05:27 - 000000115 _____ () C:\Users\ivan\AppData\Roaming\LogFile.txt
2014-02-08 14:53 - 2014-02-08 14:53 - 000007859 _____ () C:\Users\ivan\AppData\Roaming\pcouffin.cat
2014-02-08 14:53 - 2014-02-08 14:53 - 000001167 _____ () C:\Users\ivan\AppData\Roaming\pcouffin.inf
2014-02-08 14:53 - 2014-02-26 05:50 - 000000055 _____ () C:\Users\ivan\AppData\Roaming\pcouffin.log
2014-02-08 14:53 - 2014-02-08 14:53 - 000082816 _____ (VSO Software) C:\Users\ivan\AppData\Roaming\pcouffin.sys
2015-01-13 05:11 - 2015-01-13 05:11 - 000000024 ___SH () C:\Users\ivan\AppData\Roaming\System5908ConfigCollection.dat
2014-03-15 10:47 - 2014-11-04 21:58 - 000000096 _____ () C:\Users\ivan\AppData\Roaming\version2.xml
2014-03-14 23:11 - 2018-06-03 20:11 - 000012800 _____ () C:\Users\ivan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-07 23:53 - 2018-02-19 20:12 - 000007599 _____ () C:\Users\ivan\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-17 23:47

==================== End of FRST.txt ============================

 

 

I   ran FRST after the fix and the results:

 

 

 

 

Attached Files



#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,541 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:23 AM

Posted 25 June 2018 - 08:47 AM

Hi,

Good work.

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/


https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
Simple and easy ways to keep your computer safe and secure on the Internet.
===




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users