Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

infected with Agent malware please help


  • This topic is locked This topic is locked
5 replies to this topic

#1 spoonman21

spoonman21

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Minnesota
  • Local time:10:33 PM

Posted 29 July 2018 - 04:47 PM

Hello,

 

I recently purchased Superantispyware for my Dell PC and it came back with some unrecognizable files and such.

 

After a little research it appears I might be infected with something called Agent malware.

 

If I could get some help removing this thing I would greatly appreciate it.

 

Thanks 

 

Spoonman21

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.07.2018
Ran by shawn (29-07-2018 16:46:00)
Running from C:\Users\shawn\Desktop
Windows 10 Home Version 1803 17134.191 (X64) (2018-07-22 03:55:56)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2601882220-278460563-2001962017-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2601882220-278460563-2001962017-503 - Limited - Disabled)
Guest (S-1-5-21-2601882220-278460563-2001962017-501 - Limited - Disabled)
shawn (S-1-5-21-2601882220-278460563-2001962017-1001 - Administrator - Enabled) => C:\Users\shawn
WDAGUtilityAccount (S-1-5-21-2601882220-278460563-2001962017-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Crucial Storage Executive (HKU\S-1-5-21-2601882220-278460563-2001962017-1001\...\Crucial Storage Executive 3.55.032018.04) (Version: 3.55.032018.04 - Crucial)
Dell SupportAssist (HKLM\...\{4CB4741A-20C1-454E-8276-993D06A76D67}) (Version: 2.2.3.2 - Dell Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.75 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.9.1.1020 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
IPVanish (HKLM\...\{F37899FA-64B1-4F74-885C-CF177117777B}) (Version: 3.1.3.0 - IPVanish) Hidden
IPVanish (HKLM-x32\...\IPVanish 3.1.3.0) (Version: 3.1.3.0 - IPVanish)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.8942.2 - Waves Audio Ltd.) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2601882220-278460563-2001962017-1001\...\OneDriveSetup.exe) (Version: 18.111.0603.0006 - Microsoft Corporation)
NVIDIA Graphics Driver 391.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.25 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10586.11224 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1260 - SUPERAntiSpyware.com)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Tweaking.com - Simple System Tweaker (HKLM-x32\...\Tweaking.com - Simple System Tweaker) (Version: 2.2.0 - Tweaking.com)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.0.24 - Tweaking.com)
UCheck version 2.3.5.0 (HKLM\...\C4E7EE54-826F-41C4-BE3C-375CC70DC1D8_is1) (Version: 2.3.5.0 - Adlice Software)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2018-04-11] (Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\igfxDTCM.dll [2017-11-07] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-16] (NVIDIA Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {459E8834-F431-4384-A6EB-6296B6077E16} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-21] (Microsoft Corporation)
Task: {494EBEFC-E3EB-47EC-97AC-B8B1A94D681C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-21] (Microsoft Corporation)
Task: {53EE9CF4-3FD6-4DEF-B583-98631BBBA824} - System32\Tasks\SUPERAntiSpyware Scheduled Task 37dea2c7-b66d-44cc-956a-4b582018e36d => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {6F6F50AC-8DB8-4E94-9733-4D75E1602B26} - System32\Tasks\IPVanish.VpnClient => C:\Program Files\IPVanish VPN\IPVanish.VpnClient.exe [2018-04-13] (IPVanish)
Task: {7894546A-BDE3-4DFF-8DF4-D60C5E8796A8} - System32\Tasks\SUPERAntiSpyware Scheduled Task 596dd88c-e4bf-410d-9102-303d12830101 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {7B0B337A-0297-45C7-9C7C-9A2516A19C96} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-21] (Microsoft Corporation)
Task: {8C6787A8-23A9-4641-B281-12DD7D0CD1CC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-23] (Google Inc.)
Task: {A00BC608-C4DF-4A15-AE96-B9582F8509BB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-07-24] (AVAST Software)
Task: {B269B843-84FE-4992-9C5F-1B472A32DCCC} - System32\Tasks\S-1-5-21-2601882220-278460563-2001962017-1001\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2018-04-11] (Microsoft Corporation)
Task: {CFB2B465-614A-49EB-8631-14285ECA1808} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-21] (Microsoft Corporation)
Task: {EB24F690-1283-40D7-A33B-22D675D572FD} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2018-07-08] (Dell Inc.)
Task: {F627F7AB-1537-4707-9E4A-DC2F465022C5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-23] (Google Inc.)
Task: {F886E2F7-E6A7-46C3-8D60-329A589B77C4} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-11-22] (Realtek Semiconductor)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 37dea2c7-b66d-44cc-956a-4b582018e36d.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 596dd88c-e4bf-410d-9102-303d12830101.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-04-04 18:03 - 2018-04-04 18:03 - 000173760 _____ () C:\Windows\system32\IntelWifiIhv04.dll
2018-07-25 18:43 - 2018-07-25 18:43 - 002587968 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\libprotobuf.dll
2018-04-11 18:34 - 2018-04-11 18:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-11 18:34 - 2018-04-11 18:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 18:34 - 2018-04-11 18:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-07-21 21:14 - 2018-07-06 01:55 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-21 21:10 - 2018-07-21 21:11 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-21 21:10 - 2018-07-21 21:11 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-21 21:10 - 2018-07-21 21:11 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-21 21:10 - 2018-07-21 21:11 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-07-21 21:10 - 2018-07-21 21:11 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-07-25 19:16 - 2018-07-25 19:17 - 035195392 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-07-25 19:16 - 2018-07-25 19:17 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-07-25 19:16 - 2018-07-25 19:17 - 006373376 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-04-12 04:22 - 2018-04-12 04:22 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-25 19:16 - 2018-07-25 19:17 - 008903168 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-07-27 09:35 - 2018-07-23 15:13 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.75\libglesv2.dll
2018-07-27 09:35 - 2018-07-23 15:13 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.75\libegl.dll
2018-07-27 09:10 - 2018-07-27 09:10 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-07-27 09:10 - 2018-07-27 09:10 - 068154880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-07-21 21:10 - 2018-07-21 21:12 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-07-21 21:10 - 2018-07-21 21:12 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-07-21 21:10 - 2018-07-21 21:12 - 004139008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-07-21 21:10 - 2018-07-21 21:12 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-07-21 21:10 - 2018-07-21 21:12 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-07-27 09:10 - 2018-07-27 09:10 - 014919168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-07-21 21:10 - 2018-07-21 21:12 - 003982848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-07-27 09:10 - 2018-07-27 09:10 - 002938880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-07-21 21:10 - 2018-07-21 21:12 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-21 21:10 - 2018-07-21 21:12 - 001396224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-07-27 09:10 - 2018-07-27 09:10 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-27 09:10 - 2018-07-27 09:10 - 000162816 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\SKU.dll
2018-03-28 13:06 - 2018-03-28 13:06 - 000108934 _____ () C:\Program Files\IPVanish VPN\OpenVPN\libpkcs11-helper-1.dll
2018-03-28 13:06 - 2018-03-28 13:06 - 000168687 _____ () C:\Program Files\IPVanish VPN\OpenVPN\liblzo2-2.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-04-11 18:38 - 2018-04-11 18:36 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2601882220-278460563-2001962017-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\shawn\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Tundra 3 (2018_04_18 05_44_29 UTC).JPG
DNS Servers: 198.18.0.1 - 198.18.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-2601882220-278460563-2001962017-1001\...\StartupApproved\Run: => "Steam"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{37071297-8ACE-4AFD-A6AD-A200AA91A42B}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [UDP Query User{4C07ABB3-91ED-4AA2-8293-CCE83B099489}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [TCP Query User{144CE851-A785-41E2-9764-D9974D311E33}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [UDP Query User{03AE01F0-4E98-484C-9FE7-0970905C1553}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{7406408F-D697-40E3-A38D-805DC813DA6A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{65C571E7-3A52-49FA-97E2-C02E91F54D03}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7FD23C1D-CBBD-47E8-8E35-39915C233EF2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D62580DA-DB4D-4F7A-9B23-C63628308FD8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6D6E19BF-22B7-465C-A362-4AA014DCB319}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{56CA27B5-8108-4937-A839-479ED39BE251}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe
FirewallRules: [{BDF5285F-2934-4D71-9496-51D77FCB76F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BeamNG.drive\BeamNG.drive.exe
FirewallRules: [{AF1A0DEB-B9D1-4435-A1D5-FDE99F4134E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BeamNG.drive\BeamNG.drive.exe
FirewallRules: [{FB730CA9-7154-4FFD-8418-7853EFE599DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe
FirewallRules: [{D1C6AF99-2D1C-4651-AF9F-E7D963BCE772}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe
FirewallRules: [{76E065E5-DAA5-4A73-9430-72CC7DFFB2B6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
23-07-2018 09:57:32 Windows Backup
24-07-2018 12:04:28 Installed DirectX
25-07-2018 18:45:29 IIF_MSI
25-07-2018 19:36:50 manual point
27-07-2018 09:26:13 JRT Pre-Junkware Removal
27-07-2018 20:37:15 Revo Uninstaller's restore point - Auslogics Duplicate File Finder
27-07-2018 20:38:58 Revo Uninstaller's restore point - PDF Architect 6
27-07-2018 20:39:51 Revo Uninstaller's restore point - PDF Architect 6
27-07-2018 20:42:13 Revo Uninstaller's restore point - PDFCreator
27-07-2018 20:55:37 Revo Uninstaller's restore point - PDF-XChange Editor
27-07-2018 21:07:33 Revo Uninstaller's restore point - NetSpot
27-07-2018 21:35:59 Windows Modules Installer
28-07-2018 00:31:44 Revo Uninstaller's restore point - NirSoft IPNetInfo
28-07-2018 00:32:08 Revo Uninstaller's restore point - NirSoft Wireless Network Watcher
28-07-2018 00:32:35 Revo Uninstaller's restore point - Wondershare Video Converter Ultimate(Build 10.2.6.168)
28-07-2018 00:33:21 Revo Uninstaller's restore point - Wondershare Helper Compact 2.5.3
28-07-2018 00:34:12 Revo Uninstaller's restore point - SmartByte Drivers and Services
28-07-2018 00:36:08 Revo Uninstaller's restore point - Duplicate Photo Finder
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/29/2018 03:04:15 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 140004745 ms
 
DPTF Build Version:  8.3.10207.5567
DPTF Build Date:  Nov  2 2017 14:28:00
Source File:  ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function:  PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:  
DPTF Build Version:  8.3.10207.5567
DPTF Build Date:  Nov  2 2017 14:28:00
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function:  EsifServices::primitiveExecuteSetAsUInt32
Message:  Error returned from ESIF services interface function call
Participant:  TCPU [0]
Domain:  CPU [1]
ESIF Primitive:  SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_ACPI_EVAL_FAILURE [1105]
 
 
Policy:  Passive Policy [1]
 
Error: (07/29/2018 03:04:15 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 140004737 ms
 
DPTF Build Version:  8.3.10207.5567
DPTF Build Date:  Nov  2 2017 14:28:00
Source File:  ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function:  PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:  
DPTF Build Version:  8.3.10207.5567
DPTF Build Date:  Nov  2 2017 14:28:00
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function:  EsifServices::primitiveExecuteSetAsUInt32
Message:  Error returned from ESIF services interface function call
Participant:  TCPU [0]
Domain:  CPU [1]
ESIF Primitive:  SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_ACPI_EVAL_FAILURE [1105]
 
 
Policy:  Passive Policy [1]
 
Error: (07/29/2018 03:04:14 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Object reference not set to an instance of an object.
 
Error: (07/28/2018 12:31:44 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {c41611f7-26c0-4e2b-9343-be5a57008a9f}
 
Error: (07/28/2018 12:11:17 AM) (Source: ESENT) (EventID: 908) (User: )
Description: svchost (1852,G,0) Terminating process due to non-recoverable failure: PV: 10.0.17134.0 SV: 10.0.17134.0 GLE: 0 ERR: 0(:0): dllentry.cxx(108) (ESENT[10.0.17134.0] RETAIL RTM MBCS). Tag: EnforceTag:InitdEseInstancesOnDllUnload.
 
Error: (07/27/2018 09:50:14 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 7500 ms
 
DPTF Build Version:  8.3.10207.5567
DPTF Build Date:  Nov  2 2017 14:28:00
Source File:  ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function:  PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:  
DPTF Build Version:  8.3.10207.5567
DPTF Build Date:  Nov  2 2017 14:28:00
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function:  EsifServices::primitiveExecuteSetAsUInt32
Message:  Error returned from ESIF services interface function call
Participant:  TCPU [2]
Domain:  CPU [1]
ESIF Primitive:  SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_ACPI_EVAL_FAILURE [1105]
 
 
Policy:  Passive Policy [1]
 
Error: (07/27/2018 09:50:14 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 7466 ms
 
DPTF Build Version:  8.3.10207.5567
DPTF Build Date:  Nov  2 2017 14:28:00
Source File:  ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function:  PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:  
DPTF Build Version:  8.3.10207.5567
DPTF Build Date:  Nov  2 2017 14:28:00
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function:  EsifServices::primitiveExecuteSetAsUInt32
Message:  Error returned from ESIF services interface function call
Participant:  TCPU [2]
Domain:  CPU [1]
ESIF Primitive:  SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_ACPI_EVAL_FAILURE [1105]
 
 
Policy:  Passive Policy [1]
 
Error: (07/27/2018 09:49:41 PM) (Source: ESENT) (EventID: 908) (User: )
Description: svchost (1788,G,0) Terminating process due to non-recoverable failure: PV: 10.0.17134.0 SV: 10.0.17134.0 GLE: 0 ERR: 2100(logshadow.cxx:140): dllentry.cxx(108) (ESENT[10.0.17134.0] RETAIL RTM MBCS). Tag: EnforceTag:InitdEseInstancesOnDllUnload.
 
 
System errors:
=============
Error: (07/29/2018 04:21:56 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NRSBEVV)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 and APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 to the user DESKTOP-NRSBEVV\shawn SID (S-1-5-21-2601882220-278460563-2001962017-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/29/2018 03:54:07 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NRSBEVV)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 and APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 to the user DESKTOP-NRSBEVV\shawn SID (S-1-5-21-2601882220-278460563-2001962017-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/29/2018 03:21:42 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NRSBEVV)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 and APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 to the user DESKTOP-NRSBEVV\shawn SID (S-1-5-21-2601882220-278460563-2001962017-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/29/2018 03:14:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/29/2018 03:07:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/29/2018 03:05:18 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NRSBEVV)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-NRSBEVV\shawn SID (S-1-5-21-2601882220-278460563-2001962017-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/29/2018 03:04:20 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NRSBEVV)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 and APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 to the user DESKTOP-NRSBEVV\shawn SID (S-1-5-21-2601882220-278460563-2001962017-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/29/2018 03:04:18 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NRSBEVV)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 and APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 to the user DESKTOP-NRSBEVV\shawn SID (S-1-5-21-2601882220-278460563-2001962017-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
Windows Defender:
===================================
Date: 2018-07-27 22:27:49.324
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7962F8B9-66F4-42C8-8A2E-7D456520CA6D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-07-26 14:37:14.524
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6CED8983-06F7-41B3-A512-03DE896FFC44}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-07-25 19:24:21.595
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {3C2CD3F3-94D6-41E0-A5DE-C238B826DFDE}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-07-24 18:06:34.813
Description: 
Windows Defender Antivirus has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80070002
Error description: The system cannot find the file specified. 
Signature version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0
 
Date: 2018-07-24 18:05:45.047
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80508023
Error description: The program could not find the malware and other potentially unwanted software on this device. 
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-7500U CPU @ 2.70GHz
Percentage of memory in use: 30%
Total physical RAM: 16250.14 MB
Available physical RAM: 11315.5 MB
Total Virtual: 19194.14 MB
Available Virtual: 14062.33 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:429.47 GB) (Free:279.79 GB) NTFS
Drive d: (Elements) (Fixed) (Total:1862.98 GB) (Free:980.96 GB) NTFS
 
\\?\Volume{7fdfff10-20a6-01d4-88fb-66355310ea00}\ () (Fixed) (Total:1.28 GB) (Free:0.89 GB) NTFS
\\?\Volume{00290d59-12c0-6b8e-a6e0-dc37b21a5200}\ (Image) (Fixed) (Total:30.3 GB) (Free:29.73 GB) NTFS
\\?\Volume{7dd77970-20a6-01d4-b8b0-03365310ea00}\ (DELLSUPPORT) (Fixed) (Total:3.19 GB) (Free:3.17 GB) NTFS
\\?\Volume{b78e8af0-20a2-01d4-7845-c75b5110ea00}\ (ESP) (Fixed) (Total:1.39 GB) (Free:1.36 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 5B6F1358)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 16F2A91F)
 
Partition: GPT.
 

==================== End of Addition.txt ============================ 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.07.2018
Ran by shawn (administrator) on DESKTOP-NRSBEVV (29-07-2018 16:45:34)
Running from C:\Users\shawn\Desktop
Loaded Profiles: shawn (Available Profiles: shawn)
Platform: Windows 10 Home Version 1803 17134.191 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\IntelCpHDCPSvc.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\DSAPI.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\pcdrwi.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(DELL) C:\Config.Msi\14e4bf.rbf
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18061.13911.0_x64__8wekyb3d8bbwe\Video.UI.exe
(IPVanish) C:\Program Files\IPVanish VPN\IPVanish.VpnClient.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(The OpenVPN Project) C:\Program Files\IPVanish VPN\OpenVPN\ipvanish.openvpn.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9080848 2016-11-22] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [940976 2016-11-19] (Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [321096 2017-11-27] (Intel Corporation)
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-2601882220-278460563-2001962017-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3205408 2018-07-24] (Valve Corporation)
HKU\S-1-5-21-2601882220-278460563-2001962017-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [8898480 2018-07-02] (SUPERAntiSpyware)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 198.18.0.1 198.18.0.2
Tcpip\..\Interfaces\{22833798-3431-4f07-bc79-de70686d4090}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{22833798-3431-4f07-bc79-de70686d4090}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ab0ef7fc-4d2b-41e4-bf89-88735ba13f9b}: [DhcpNameServer] 198.18.0.1 198.18.0.2
 
Internet Explorer:
==================
HKU\S-1-5-21-2601882220-278460563-2001962017-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
 
FireFox:
========
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-23] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-2601882220-278460563-2001962017-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-2601882220-278460563-2001962017-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
FF Plugin HKU\S-1-5-21-2601882220-278460563-2001962017-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File]
 
Chrome: 
=======
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\shawn\AppData\Local\Google\Chrome\User Data\Default [2018-07-29]
CHR Extension: (Docs) - C:\Users\shawn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-23]
CHR Extension: (Google Drive) - C:\Users\shawn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-23]
CHR Extension: (YouTube) - C:\Users\shawn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-23]
CHR Extension: (AdBlock) - C:\Users\shawn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-25]
CHR Extension: (HTML5 Storage Manager All in One) - C:\Users\shawn\AppData\Local\Google\Chrome\User Data\Default\Extensions\giompennnhheakjcnobejbnjgbbkmdnd [2018-07-24]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\shawn\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-07-27]
CHR Extension: (Post to Tumblr) - C:\Users\shawn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkpjkniknhaojcebeaallaglkmhlcno [2018-07-28]
CHR Extension: (Disable WebGL) - C:\Users\shawn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlapleiepodflfbclacdhmbldadobpah [2018-07-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\shawn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-23]
CHR Extension: (WebRTC Network Limiter) - C:\Users\shawn\AppData\Local\Google\Chrome\User Data\Default\Extensions\npeicpdbkakmehahjeeohfdhnlpdklia [2018-07-24]
CHR Extension: (Gmail) - C:\Users\shawn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-23]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2018-02-10] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3346320 2018-02-10] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2018-02-10] (Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\DSAPI.exe [935744 2018-07-25] (PC-Doctor, Inc.)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-21] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-11-27] (Intel Corporation)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [190208 2016-11-16] (Intel Corporation)
S2 MicronCacheMonitor; C:\Program Files\Crucial\Crucial Storage Executive\cache\MicronCacheMonitor.exe [689152 2016-07-26] (Micron Technology, Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [329736 2016-11-22] (Realtek Semiconductor)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [45016 2018-07-08] (Dell Inc.)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [410032 2016-11-19] (Waves Audio Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-07-21] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-07-21] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Wondershare Video Converter Ultimate\Transfer\DriverInstall.exe" [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [41608 2018-02-10] (Dell Inc.)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2018-02-10] (Dell Computer Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [74144 2017-11-21] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [69536 2017-11-21] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [382880 2017-11-21] (Intel Corporation)
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [63496 2017-01-12] (Intel Corporation)
R3 HID_PCI; C:\Windows\System32\drivers\HID_PCI.sys [31328 2016-08-09] (Intel)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [98968 2017-10-15] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [356608 2016-11-16] (Intel Corporation)
R3 ISH; C:\Windows\System32\drivers\ISH.sys [143984 2016-09-18] (Intel)
R3 ISH_BusDriver; C:\Windows\System32\drivers\ISH_BusDriver.sys [80496 2016-08-17] (Intel)
R0 mticache; C:\Windows\System32\Drivers\mticache.sys [61512 2015-07-13] (Micron Technology, Inc.) [File not signed]
R1 mtihint; C:\Windows\system32\Drivers\mtihint.sys [18504 2015-07-13] (Micron Technology, Inc.) [File not signed]
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [8623128 2018-04-04] (Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_2c7c773e20d8bcfa\nvlddmkm.sys [17538080 2018-06-12] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3149824 2016-11-14] (Realtek Semiconductor Corp.)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [40008 2015-06-25] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46592 2018-07-21] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [340008 2018-07-21] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [59944 2018-07-21] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\shawn\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-29 16:45 - 2018-07-29 16:45 - 002412544 _____ (Farbar) C:\Users\shawn\Desktop\FRST64.exe
2018-07-29 16:45 - 2018-07-29 16:45 - 000016502 _____ C:\Users\shawn\Desktop\FRST.txt
2018-07-29 15:40 - 2018-07-29 16:17 - 000000000 ____D C:\SUPERDelete
2018-07-29 15:26 - 2017-12-08 17:25 - 000798520 _____ C:\Windows\SysWOW64\vulkan-1.dll
2018-07-29 15:26 - 2017-12-08 17:25 - 000490808 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2018-07-29 15:26 - 2017-12-08 17:24 - 000928568 _____ C:\Windows\system32\vulkan-1.dll
2018-07-29 15:26 - 2017-12-08 17:24 - 000591672 _____ C:\Windows\system32\vulkaninfo.exe
2018-07-29 15:13 - 2018-07-29 15:13 - 000003782 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 596dd88c-e4bf-410d-9102-303d12830101
2018-07-29 15:13 - 2018-07-29 15:13 - 000003700 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 37dea2c7-b66d-44cc-956a-4b582018e36d
2018-07-29 15:13 - 2018-07-29 15:13 - 000000542 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 596dd88c-e4bf-410d-9102-303d12830101.job
2018-07-29 15:13 - 2018-07-29 15:13 - 000000542 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 37dea2c7-b66d-44cc-956a-4b582018e36d.job
2018-07-28 00:14 - 2018-07-29 15:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2018-07-28 00:14 - 2018-07-28 00:14 - 000001867 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2018-07-28 00:14 - 2018-07-28 00:14 - 000000000 ____D C:\Users\shawn\AppData\Roaming\SUPERAntiSpyware.com
2018-07-28 00:14 - 2018-07-28 00:14 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2018-07-28 00:14 - 2018-07-28 00:14 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2018-07-27 23:38 - 2018-07-27 23:38 - 034693240 _____ (SUPERAntiSpyware) C:\Users\shawn\Desktop\SUPERAntiSpyware.exe
2018-07-27 23:32 - 2018-07-27 23:35 - 000000084 _____ C:\Windows\system32\0
2018-07-27 21:39 - 2018-07-27 21:39 - 000000207 _____ C:\Windows\tweaking.com-regbackup-DESKTOP-NRSBEVV-Windows-10-Home-(64-bit).dat
2018-07-27 21:39 - 2018-07-27 21:39 - 000000000 ____D C:\RegBackup
2018-07-27 21:38 - 2018-07-28 00:04 - 000027747 _____ C:\Windows\Tweaking.com - Simple System Tweaker Setup Log.txt
2018-07-27 21:38 - 2018-07-27 21:38 - 000002381 _____ C:\Users\Public\Desktop\Tweaking.com - Simple System Tweaker.lnk
2018-07-27 21:36 - 2018-07-27 21:36 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-07-27 21:36 - 2018-07-27 21:36 - 000000000 ____D C:\Program Files\MSBuild
2018-07-27 21:36 - 2018-07-27 21:36 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-07-27 21:36 - 2018-07-27 21:36 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-07-27 21:36 - 2018-03-05 16:07 - 000778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2018-07-27 21:36 - 2018-03-05 16:07 - 000103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-07-27 21:36 - 2018-03-05 16:07 - 000035456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2018-07-27 21:36 - 2018-02-14 16:21 - 001166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2018-07-27 21:36 - 2018-02-14 16:21 - 000124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2018-07-27 21:36 - 2018-02-14 16:21 - 000035456 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2018-07-27 20:43 - 2018-07-27 20:43 - 000251096 _____ C:\Windows\system32\FNTCACHE.DAT
2018-07-27 20:36 - 2018-07-27 20:36 - 000001093 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-07-27 20:36 - 2018-07-27 20:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-07-27 20:36 - 2018-07-27 20:36 - 000000000 ____D C:\Program Files\VS Revo Group
2018-07-27 20:33 - 2018-07-29 16:43 - 000000000 ____D C:\Users\shawn\Downloads\Security
2018-07-27 09:49 - 2018-07-27 09:49 - 007197480 _____ (VS Revo Group ) C:\Users\shawn\Downloads\revosetup.exe
2018-07-27 09:39 - 2018-07-27 21:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2018-07-27 09:39 - 2018-07-27 21:38 - 000000000 ____D C:\Program Files (x86)\Tweaking.com
2018-07-27 09:39 - 2018-07-27 09:39 - 000194332 _____ C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
2018-07-27 09:39 - 2018-07-27 09:39 - 000002258 _____ C:\Users\shawn\Desktop\Tweaking.com - Windows Repair.lnk
2018-07-27 09:29 - 2018-07-27 09:35 - 000000000 ____D C:\ProgramData\UCheck
2018-07-27 09:29 - 2018-07-27 09:29 - 000000839 _____ C:\Users\Public\Desktop\UCheck.lnk
2018-07-27 09:29 - 2018-07-27 09:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck
2018-07-27 09:29 - 2018-07-27 09:29 - 000000000 ____D C:\Program Files\UCheck
2018-07-25 19:28 - 2018-07-25 19:28 - 000000037 _____ C:\Windows\SysWOW64\SmartFlow.txt
2018-07-25 18:59 - 2018-07-28 00:34 - 000000000 ____D C:\ProgramData\RivetNetworks
2018-07-25 18:56 - 2018-07-25 18:56 - 000017318 _____ C:\Windows\system32\results.xml
2018-07-25 18:45 - 2018-07-25 18:59 - 000000000 ____D C:\ProgramData\dell
2018-07-25 18:45 - 2018-07-25 18:45 - 000814996 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-07-25 18:45 - 2018-07-25 18:45 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-07-25 18:45 - 2018-07-25 18:45 - 000000000 ____D C:\Users\shawn\AppData\Roaming\Intel Corporation
2018-07-25 18:45 - 2018-07-25 18:45 - 000000000 ____D C:\ProgramData\Intel
2018-07-25 18:43 - 2018-07-25 18:58 - 000000000 ____D C:\ProgramData\PCDr
2018-07-25 18:43 - 2018-07-25 18:43 - 000002261 _____ C:\Users\Public\Desktop\SupportAssist.lnk
2018-07-25 18:43 - 2018-07-25 18:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2018-07-25 18:41 - 2018-07-25 18:43 - 000000000 ____D C:\Program Files\Dell
2018-07-25 18:41 - 2018-07-25 18:41 - 000003916 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2018-07-25 18:41 - 2018-07-25 18:41 - 000000000 ____D C:\ProgramData\SupportAssist
2018-07-25 18:41 - 2018-07-25 18:41 - 000000000 ____D C:\ProgramData\Dell Inc
2018-07-25 18:07 - 2018-07-25 18:07 - 000001062 _____ C:\Users\shawn\Desktop\Change screen saver - Shortcut.lnk
2018-07-25 18:05 - 2018-07-25 18:05 - 000000000 ____D C:\Users\shawn\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}
2018-07-25 11:49 - 2018-07-27 21:07 - 000000000 ____D C:\Users\shawn\AppData\Local\Deployment
2018-07-25 11:49 - 2018-07-25 11:49 - 000000000 ____D C:\ProgramData\Etwok Software
2018-07-25 11:36 - 2018-07-25 11:36 - 000322642 _____ (dnsleaktest.com ) C:\Users\shawn\Downloads\dnsfixsetup.exe
2018-07-25 11:13 - 2018-07-25 11:23 - 000008566 _____ C:\Users\shawn\Documents\Duplicate Cleaner log.txt
2018-07-25 11:08 - 2018-07-28 00:36 - 000000000 ____D C:\Users\shawn\AppData\Roaming\Ashisoft
2018-07-25 10:23 - 2018-07-25 10:23 - 000000000 ____D C:\Users\shawn\AppData\Roaming\Tracker Software
2018-07-25 10:21 - 2018-07-27 20:58 - 000000000 ____D C:\ProgramData\Package Cache
2018-07-25 10:14 - 2018-07-25 10:14 - 000000000 ____D C:\Users\shawn\AppData\Roaming\Apowersoft
2018-07-24 19:41 - 2018-07-24 19:41 - 000003682 _____ C:\Windows\System32\Tasks\IPVanish.VpnClient
2018-07-24 19:37 - 2018-07-14 19:58 - 000094112 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2018-07-24 19:37 - 2018-07-14 19:56 - 001523240 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2018-07-24 19:37 - 2018-07-14 19:44 - 006587392 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2018-07-24 19:37 - 2018-07-14 19:44 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2018-07-24 19:37 - 2018-07-14 19:43 - 012710400 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-07-24 19:37 - 2018-07-14 19:42 - 008624128 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-07-24 19:37 - 2018-07-14 19:42 - 004708864 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2018-07-24 19:37 - 2018-07-14 19:41 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.XamlHost.dll
2018-07-24 19:37 - 2018-07-14 19:41 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\ProvSysprep.dll
2018-07-24 19:37 - 2018-07-14 19:39 - 001787392 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2018-07-24 19:37 - 2018-07-14 19:39 - 001605632 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2018-07-24 19:37 - 2018-07-14 19:38 - 003652608 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2018-07-24 19:37 - 2018-07-14 19:38 - 002051584 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2018-07-24 19:37 - 2018-07-14 19:38 - 001364992 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2018-07-24 19:37 - 2018-07-14 19:38 - 001180160 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2018-07-24 19:37 - 2018-07-14 19:38 - 001004032 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2018-07-24 19:37 - 2018-07-14 19:38 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2018-07-24 19:37 - 2018-07-14 19:38 - 000391680 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-07-24 19:37 - 2018-07-14 19:36 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2018-07-24 19:37 - 2018-07-14 18:28 - 001327424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2018-07-24 19:37 - 2018-07-14 18:18 - 005657600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2018-07-24 19:37 - 2018-07-14 18:17 - 011901440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-07-24 19:37 - 2018-07-14 18:15 - 007987712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-07-24 19:37 - 2018-07-14 18:14 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.XamlHost.dll
2018-07-24 19:37 - 2018-07-14 18:13 - 002895360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2018-07-24 19:37 - 2018-07-14 18:13 - 001452544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2018-07-24 19:37 - 2018-07-14 18:13 - 001308160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2018-07-24 19:37 - 2018-07-14 18:13 - 000775168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2018-07-24 19:37 - 2018-07-14 18:13 - 000485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2018-07-24 19:37 - 2018-07-14 18:13 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-07-24 19:37 - 2018-07-14 18:11 - 000080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2018-07-24 19:37 - 2018-07-14 01:46 - 023862784 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2018-07-24 19:37 - 2018-07-14 01:42 - 019525632 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2018-07-24 19:37 - 2018-07-13 23:37 - 000375712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-07-24 19:37 - 2018-07-13 23:37 - 000230304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2018-07-24 19:37 - 2018-07-13 23:30 - 000272288 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave.dll
2018-07-24 19:37 - 2018-07-13 23:24 - 001174432 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2018-07-24 19:37 - 2018-07-13 23:23 - 001034624 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2018-07-24 19:37 - 2018-07-13 23:23 - 000760888 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2018-07-24 19:37 - 2018-07-13 23:23 - 000269224 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave_secure.dll
2018-07-24 19:37 - 2018-07-13 23:22 - 006813744 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2018-07-24 19:37 - 2018-07-13 23:22 - 001144664 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2018-07-24 19:37 - 2018-07-13 23:22 - 000510392 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2018-07-24 19:37 - 2018-07-13 23:22 - 000203560 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2018-07-24 19:37 - 2018-07-13 23:21 - 001063328 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2018-07-24 19:37 - 2018-07-13 23:21 - 001012640 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2018-07-24 19:37 - 2018-07-13 23:21 - 000722824 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-07-24 19:37 - 2018-07-13 23:21 - 000192920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-07-24 19:37 - 2018-07-13 23:20 - 001457128 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-07-24 19:37 - 2018-07-13 23:20 - 000567176 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2018-07-24 19:37 - 2018-07-13 23:20 - 000184472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2018-07-24 19:37 - 2018-07-13 23:20 - 000134552 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2018-07-24 19:37 - 2018-07-13 23:19 - 009147808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-07-24 19:37 - 2018-07-13 23:19 - 002535032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2018-07-24 19:37 - 2018-07-13 23:19 - 001946752 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2018-07-24 19:37 - 2018-07-13 23:19 - 001258280 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-07-24 19:37 - 2018-07-13 23:19 - 000981920 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2018-07-24 19:37 - 2018-07-13 23:19 - 000713368 _____ (Microsoft Corporation) C:\Windows\system32\MSVideoDSP.dll
2018-07-24 19:37 - 2018-07-13 23:19 - 000636944 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2018-07-24 19:37 - 2018-07-13 23:19 - 000483024 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll
2018-07-24 19:37 - 2018-07-13 23:18 - 007436112 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2018-07-24 19:37 - 2018-07-13 23:18 - 002563984 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2018-07-24 19:37 - 2018-07-13 23:18 - 002371416 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2018-07-24 19:37 - 2018-07-13 23:18 - 001097648 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2018-07-24 19:37 - 2018-07-13 23:18 - 001017584 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-07-24 19:37 - 2018-07-13 23:18 - 000930712 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2018-07-24 19:37 - 2018-07-13 23:18 - 000613176 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2018-07-24 19:37 - 2018-07-13 23:18 - 000443216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2018-07-24 19:37 - 2018-07-13 23:18 - 000376216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2018-07-24 19:37 - 2018-07-13 23:17 - 006527056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2018-07-24 19:37 - 2018-07-13 23:17 - 002420632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-07-24 19:37 - 2018-07-13 23:17 - 001140568 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-07-24 19:37 - 2018-07-13 23:17 - 000983008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-07-24 19:37 - 2018-07-13 23:17 - 000885848 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2018-07-24 19:37 - 2018-07-13 23:17 - 000743320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2018-07-24 19:37 - 2018-07-13 23:16 - 002331576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2018-07-24 19:37 - 2018-07-13 23:16 - 001143096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2018-07-24 19:37 - 2018-07-13 23:16 - 000506728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll
2018-07-24 19:37 - 2018-07-13 23:15 - 006044112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2018-07-24 19:37 - 2018-07-13 23:15 - 001559368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2018-07-24 19:37 - 2018-07-13 23:15 - 001174552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-07-24 19:37 - 2018-07-13 23:15 - 001129640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2018-07-24 19:37 - 2018-07-13 23:15 - 000829856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2018-07-24 19:37 - 2018-07-13 23:15 - 000581696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2018-07-24 19:37 - 2018-07-13 23:15 - 000567144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2018-07-24 19:37 - 2018-07-13 23:08 - 022006784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2018-07-24 19:37 - 2018-07-13 23:03 - 019404288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-07-24 19:37 - 2018-07-13 23:03 - 006661120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2018-07-24 19:37 - 2018-07-13 23:01 - 025846784 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2018-07-24 19:37 - 2018-07-13 23:01 - 006647296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2018-07-24 19:37 - 2018-07-13 23:00 - 022714368 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-07-24 19:37 - 2018-07-13 22:59 - 009084928 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2018-07-24 19:37 - 2018-07-13 22:59 - 005883392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2018-07-24 19:37 - 2018-07-13 22:59 - 003553280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2018-07-24 19:37 - 2018-07-13 22:58 - 008188416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2018-07-24 19:37 - 2018-07-13 22:58 - 004371456 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2018-07-24 19:37 - 2018-07-13 22:58 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll
2018-07-24 19:37 - 2018-07-13 22:58 - 000094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2018-07-24 19:37 - 2018-07-13 22:58 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-07-24 19:37 - 2018-07-13 22:57 - 007057920 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2018-07-24 19:37 - 2018-07-13 22:57 - 005779456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2018-07-24 19:37 - 2018-07-13 22:57 - 004331008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2018-07-24 19:37 - 2018-07-13 22:57 - 001361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2018-07-24 19:37 - 2018-07-13 22:57 - 001295360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2018-07-24 19:37 - 2018-07-13 22:57 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2018-07-24 19:37 - 2018-07-13 22:57 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2018-07-24 19:37 - 2018-07-13 22:57 - 000391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2018-07-24 19:37 - 2018-07-13 22:56 - 004559872 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2018-07-24 19:37 - 2018-07-13 22:56 - 002900992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2018-07-24 19:37 - 2018-07-13 22:56 - 002697216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Controls.dll
2018-07-24 19:37 - 2018-07-13 22:56 - 002449408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2018-07-24 19:37 - 2018-07-13 22:56 - 001986560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2018-07-24 19:37 - 2018-07-13 22:56 - 001703936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Controls.dll
2018-07-24 19:37 - 2018-07-13 22:56 - 001558016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2018-07-24 19:37 - 2018-07-13 22:56 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2018-07-24 19:37 - 2018-07-13 22:56 - 000365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2018-07-24 19:37 - 2018-07-13 22:56 - 000257536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WiFiDisplay.dll
2018-07-24 19:37 - 2018-07-13 22:56 - 000118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll
2018-07-24 19:37 - 2018-07-13 22:56 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgr.dll
2018-07-24 19:37 - 2018-07-13 22:55 - 003392512 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2018-07-24 19:37 - 2018-07-13 22:55 - 001627136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-07-24 19:37 - 2018-07-13 22:55 - 001124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdprt.dll
2018-07-24 19:37 - 2018-07-13 22:55 - 000993792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2018-07-24 19:37 - 2018-07-13 22:55 - 000619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2018-07-24 19:37 - 2018-07-13 22:55 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2018-07-24 19:37 - 2018-07-13 22:55 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2018-07-24 19:37 - 2018-07-13 22:55 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2018-07-24 19:37 - 2018-07-13 22:55 - 000344576 _____ (Microsoft Corporation) C:\Windows\system32\RasMediaManager.dll
2018-07-24 19:37 - 2018-07-13 22:55 - 000317440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2018-07-24 19:37 - 2018-07-13 22:55 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2018-07-24 19:37 - 2018-07-13 22:55 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2018-07-24 19:37 - 2018-07-13 22:55 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2018-07-24 19:37 - 2018-07-13 22:55 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2018-07-24 19:37 - 2018-07-13 22:55 - 000205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreCommonProxyStub.dll
2018-07-24 19:37 - 2018-07-13 22:55 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2018-07-24 19:37 - 2018-07-13 22:55 - 000185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2018-07-24 19:37 - 2018-07-13 22:55 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\datamarketsvc.dll
2018-07-24 19:37 - 2018-07-13 22:55 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2018-07-24 19:37 - 2018-07-13 22:55 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\EASPolicyManagerBrokerHost.exe
2018-07-24 19:37 - 2018-07-13 22:55 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 007579648 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 003319808 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 002825728 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 001627136 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 001537024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 001307648 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 000999936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 000898560 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 000808448 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 000729088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 000678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 000603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 000444416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 000358400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2018-07-24 19:37 - 2018-07-13 22:54 - 000352768 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\PushToInstall.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2018-07-24 19:37 - 2018-07-13 22:54 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\EasPolicyManagerBrokerPS.dll
2018-07-24 19:37 - 2018-07-13 22:53 - 004770816 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2018-07-24 19:37 - 2018-07-13 22:53 - 003381248 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2018-07-24 19:37 - 2018-07-13 22:53 - 002368512 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2018-07-24 19:37 - 2018-07-13 22:53 - 001931776 _____ (Microsoft Corporation) C:\Windows\system32\edgeangle.dll
2018-07-24 19:37 - 2018-07-13 22:53 - 001825792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2018-07-24 19:37 - 2018-07-13 22:53 - 001668096 _____ (Microsoft Corporation) C:\Windows\system32\cdprt.dll
2018-07-24 19:37 - 2018-07-13 22:53 - 000898560 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2018-07-24 19:37 - 2018-07-13 22:53 - 000894464 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2018-07-24 19:37 - 2018-07-13 22:53 - 000713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll
2018-07-24 19:37 - 2018-07-13 22:53 - 000705024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2018-07-24 19:37 - 2018-07-13 22:53 - 000681984 _____ (Microsoft Corporation) C:\Windows\system32\WFDSConMgrSvc.dll
2018-07-24 19:37 - 2018-07-13 22:53 - 000566272 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2018-07-24 19:37 - 2018-07-13 22:53 - 000450560 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreCommonProxyStub.dll
2018-07-24 19:37 - 2018-07-13 22:53 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2018-07-24 19:37 - 2018-07-13 22:53 - 000220160 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2018-07-24 19:37 - 2018-07-13 22:52 - 002172928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2018-07-24 19:37 - 2018-07-13 22:52 - 001708544 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2018-07-24 19:37 - 2018-07-13 22:52 - 001550848 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2018-07-24 19:37 - 2018-07-13 22:52 - 000972800 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-07-24 19:37 - 2018-07-13 22:52 - 000916480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2018-07-24 19:37 - 2018-07-13 22:52 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2018-07-24 19:37 - 2018-07-13 22:52 - 000755712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2018-07-24 19:37 - 2018-07-13 22:52 - 000506880 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2018-07-24 19:37 - 2018-07-13 22:52 - 000311296 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2018-07-24 19:37 - 2018-07-13 22:51 - 003376640 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2018-07-24 19:37 - 2018-07-13 22:51 - 002904576 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-07-24 19:37 - 2018-07-13 22:51 - 001804288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-07-24 19:37 - 2018-07-13 22:51 - 001747968 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2018-07-24 19:37 - 2018-07-13 22:51 - 001395712 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2018-07-24 19:37 - 2018-07-13 22:51 - 001304064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2018-07-24 19:37 - 2018-07-13 22:51 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2018-07-24 19:37 - 2018-07-13 22:51 - 000466432 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2018-07-24 19:37 - 2018-07-13 22:50 - 002236928 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2018-07-24 19:37 - 2018-07-13 22:50 - 001773056 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2018-07-24 19:37 - 2018-07-13 22:50 - 001457664 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2018-07-24 19:37 - 2018-07-13 22:50 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\lpasvc.dll
2018-07-24 19:37 - 2018-07-13 22:50 - 001225216 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2018-07-24 19:37 - 2018-07-13 22:50 - 000949760 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2018-07-24 19:37 - 2018-07-13 22:50 - 000943616 _____ (Microsoft Corporation) C:\Windows\system32\BingOnlineServices.dll
2018-07-24 19:37 - 2018-07-13 22:50 - 000932352 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2018-07-24 19:37 - 2018-07-13 22:50 - 000884224 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2018-07-24 19:37 - 2018-07-13 22:50 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2018-07-24 19:37 - 2018-07-13 22:50 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2018-07-24 19:37 - 2018-07-13 22:49 - 001069568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2018-07-24 19:37 - 2018-07-13 22:49 - 000884736 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2018-07-24 19:37 - 2018-07-13 21:35 - 000001310 _____ C:\Windows\system32\tcbres.wim
2018-07-24 19:10 - 2018-07-24 19:10 - 000000000 ____D C:\Program Files\TAP-Windows
2018-07-24 19:09 - 2018-07-24 19:09 - 000256240 _____ C:\Users\shawn\Downloads\tap-windows-9.21.2.exe
2018-07-24 18:55 - 2018-07-29 15:04 - 000000000 ____D C:\Program Files\IPVanish VPN
2018-07-24 18:55 - 2018-07-24 18:55 - 012333208 _____ (IPVanish) C:\Users\shawn\Downloads\ipvanish-setup.exe
2018-07-24 18:55 - 2018-07-24 18:55 - 000001104 _____ C:\Users\Public\Desktop\IPVanish.lnk
2018-07-24 18:55 - 2018-07-24 18:55 - 000000000 ____D C:\Users\shawn\AppData\Roaming\IPVanish
2018-07-24 18:55 - 2018-07-24 18:55 - 000000000 ____D C:\Users\shawn\AppData\Local\IsolatedStorage
2018-07-24 18:55 - 2018-07-24 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPVanish
2018-07-24 18:55 - 2018-07-24 18:55 - 000000000 ____D C:\ProgramData\Caphyon
2018-07-24 18:54 - 2018-07-24 18:54 - 000403243 _____ C:\Users\shawn\Documents\configs.zip
2018-07-24 18:00 - 2018-07-24 18:06 - 000000000 ____D C:\Users\shawn\AppData\Local\AVAST Software
2018-07-24 18:00 - 2018-07-24 18:00 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-07-24 17:59 - 2018-07-24 17:59 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-07-24 17:58 - 2018-07-24 18:06 - 000000000 ____D C:\ProgramData\AVAST Software
2018-07-24 17:57 - 2018-07-27 20:43 - 000000000 ____D C:\Program Files\PDFCreator
2018-07-24 17:55 - 2018-07-25 10:34 - 000291345 _____ C:\Users\shawn\Documents\2018-19health_form.pdf
2018-07-24 17:39 - 2018-07-24 17:39 - 000000000 ____D C:\Users\shawn\AppData\Roaming\Google
2018-07-24 12:05 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2018-07-24 12:05 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2018-07-24 12:05 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2018-07-24 12:05 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2018-07-24 12:05 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2018-07-24 12:05 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2018-07-24 12:05 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2018-07-24 12:05 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2018-07-24 12:05 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2018-07-24 12:05 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2018-07-24 12:05 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2018-07-24 12:05 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2018-07-24 12:05 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2018-07-24 12:05 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2018-07-24 12:05 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2018-07-24 12:05 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2018-07-24 12:05 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2018-07-24 12:05 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2018-07-24 12:05 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2018-07-24 12:05 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2018-07-24 12:05 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2018-07-24 12:05 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2018-07-24 12:05 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2018-07-24 12:05 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2018-07-24 12:05 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2018-07-24 12:05 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2018-07-24 12:05 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2018-07-24 12:05 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2018-07-24 12:05 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2018-07-24 12:05 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2018-07-24 12:05 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2018-07-24 12:05 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2018-07-24 12:05 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2018-07-24 12:05 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2018-07-24 12:05 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2018-07-24 12:05 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2018-07-24 12:05 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2018-07-24 12:05 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2018-07-24 12:05 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2018-07-24 12:05 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2018-07-24 12:05 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2018-07-24 12:05 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2018-07-24 12:05 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2018-07-24 12:05 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2018-07-24 12:05 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2018-07-24 12:05 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2018-07-24 12:05 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2018-07-24 12:05 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2018-07-24 12:05 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2018-07-24 12:05 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2018-07-24 12:05 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2018-07-24 12:05 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2018-07-24 12:05 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2018-07-24 12:05 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2018-07-24 12:05 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2018-07-24 12:05 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2018-07-24 12:05 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2018-07-24 12:05 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2018-07-24 12:05 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2018-07-24 12:05 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2018-07-24 12:05 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2018-07-24 12:05 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2018-07-24 12:05 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2018-07-24 12:05 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2018-07-24 12:05 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2018-07-24 12:05 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2018-07-24 12:05 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2018-07-24 12:05 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2018-07-24 12:05 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2018-07-24 12:05 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2018-07-24 12:05 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2018-07-24 12:05 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2018-07-24 12:05 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2018-07-24 12:05 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2018-07-24 12:05 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2018-07-24 12:05 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2018-07-24 12:05 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2018-07-24 12:05 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2018-07-24 12:05 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2018-07-24 12:05 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2018-07-24 12:05 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2018-07-24 12:05 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2018-07-24 12:05 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2018-07-24 12:05 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2018-07-24 12:05 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2018-07-24 12:05 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2018-07-24 12:05 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2018-07-24 12:05 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2018-07-24 12:05 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2018-07-24 12:05 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2018-07-24 12:05 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2018-07-24 12:05 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2018-07-24 12:05 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2018-07-24 12:05 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2018-07-24 12:05 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2018-07-24 12:05 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2018-07-24 12:05 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2018-07-24 12:05 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2018-07-24 12:05 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2018-07-24 12:05 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2018-07-24 12:05 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2018-07-24 12:05 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2018-07-24 12:05 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2018-07-24 12:05 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2018-07-24 12:05 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2018-07-24 12:05 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2018-07-24 12:05 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2018-07-24 12:04 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2018-07-24 12:04 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2018-07-24 12:04 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2018-07-24 12:04 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2018-07-24 12:04 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2018-07-24 12:04 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2018-07-24 12:04 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2018-07-24 12:04 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2018-07-24 12:04 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2018-07-24 12:04 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2018-07-24 12:04 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2018-07-24 12:04 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2018-07-24 12:04 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2018-07-24 12:04 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2018-07-24 12:04 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2018-07-24 12:04 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2018-07-24 12:04 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2018-07-24 12:04 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2018-07-24 12:04 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2018-07-24 12:04 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2018-07-24 12:04 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2018-07-24 12:04 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2018-07-24 12:04 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2018-07-24 12:04 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2018-07-24 12:04 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2018-07-24 12:04 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2018-07-24 12:04 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2018-07-24 12:04 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2018-07-24 12:04 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2018-07-24 12:04 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2018-07-24 12:04 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2018-07-24 12:04 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2018-07-24 12:04 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2018-07-24 12:04 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2018-07-24 12:04 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2018-07-24 12:04 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2018-07-24 12:04 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2018-07-24 12:04 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2018-07-24 12:04 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2018-07-24 12:04 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2018-07-24 12:04 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2018-07-24 12:04 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2018-07-24 12:04 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2018-07-24 12:04 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2018-07-24 12:04 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2018-07-24 12:04 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2018-07-24 12:04 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2018-07-24 12:04 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2018-07-24 12:04 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2018-07-24 12:04 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2018-07-24 12:04 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2018-07-24 12:04 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2018-07-24 12:04 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2018-07-24 12:04 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2018-07-24 12:04 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2018-07-24 12:04 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2018-07-24 12:04 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2018-07-24 12:04 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2018-07-24 12:04 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2018-07-24 12:04 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2018-07-24 12:04 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2018-07-24 12:04 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2018-07-24 12:04 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2018-07-24 12:04 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2018-07-24 12:04 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2018-07-24 12:04 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2018-07-24 12:04 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2018-07-24 12:04 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2018-07-24 12:04 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2018-07-24 12:04 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2018-07-24 12:04 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2018-07-24 12:04 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2018-07-24 12:04 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2018-07-24 12:04 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2018-07-24 12:04 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2018-07-23 22:41 - 2018-07-23 22:41 - 000110701 _____ C:\Users\shawn\Documents\DESKTOP-NRSBEVV.txt
2018-07-23 22:32 - 2018-07-23 22:34 - 000000839 _____ C:\Users\Public\Desktop\Speccy.lnk
2018-07-23 22:32 - 2018-07-23 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-07-23 22:32 - 2018-07-23 22:32 - 000000000 ____D C:\Program Files\Speccy
2018-07-23 21:54 - 2018-07-23 21:54 - 000000222 _____ C:\Users\shawn\Desktop\BeamNG.drive.url
2018-07-23 21:43 - 2018-07-23 21:54 - 000000000 ____D C:\Users\shawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-07-23 21:43 - 2018-07-23 21:43 - 000000222 _____ C:\Users\shawn\Desktop\Farming Simulator 17.url
2018-07-23 11:31 - 2018-03-25 11:02 - 018617536 ____R (Microsoft Corporation) C:\Users\shawn\Downloads\MediaCreationTool (2018_06_28 06_42_31 UTC).exe
2018-07-23 11:31 - 2018-02-05 21:33 - 084046192 ____R (NVIDIA Corporation) C:\Users\shawn\Downloads\NVIDIA_GeForce_Experience_v3.12.0.84 (2018_06_28 06_42_31 UTC).exe
2018-07-23 11:31 - 2018-02-05 21:26 - 017183648 ____R C:\Users\shawn\Downloads\Glary_Utilities_v5.92.0.114 (2018_06_28 06_42_31 UTC).exe
2018-07-23 11:31 - 2017-12-14 20:08 - 000425304 ____R (Secure By Design Inc.) C:\Users\shawn\Downloads\Ninite  (2018_06_28 06_42_31 UTC).exe
2018-07-23 11:31 - 2017-12-12 01:12 - 290604424 ____R (Duodian Technology Co. Ltd.) C:\Users\shawn\Downloads\nox_setup_v5.0.0.1_full (2018_06_28 06_42_31 UTC).exe
2018-07-23 11:31 - 2017-12-07 22:21 - 001085256 ____R (Slimware Utilities Holdings, Inc.) C:\Users\shawn\Downloads\SlimCleaner-setup (2018_06_28 06_42_31 UTC).exe
2018-07-23 11:31 - 2017-12-07 21:50 - 000251156 ____R C:\Users\shawn\Downloads\UWT4 (2018_06_28 06_42_31 UTC).zip
2018-07-23 11:31 - 2017-12-07 21:38 - 000143448 ____R C:\Users\shawn\Downloads\ipnetinfo_setup (2018_06_28 06_42_31 UTC).exe
2018-07-23 11:31 - 2017-12-07 21:27 - 000368688 ____R C:\Users\shawn\Downloads\wnetwatcher_setup (2018_06_28 06_42_31 UTC).exe
2018-07-23 11:31 - 2017-12-07 20:08 - 003086696 ____R C:\Users\shawn\Downloads\instspeedfan452 (2018_06_28 06_42_31 UTC).exe
2018-07-23 11:12 - 2018-07-25 11:49 - 000000000 ____D C:\Users\shawn\AppData\Local\Apps\2.0
2018-07-23 11:07 - 2018-07-23 11:07 - 000000000 ____D C:\Users\shawn\Downloads\CoreTemp64 (2018_07_12 16_37_11 UTC)
2018-07-23 11:04 - 2018-07-27 09:37 - 000000000 ____D C:\AdwCleaner
2018-07-23 11:03 - 2018-07-23 11:03 - 000000000 ____D C:\Users\shawn\AppData\Roaming\Wondershare
2018-07-23 11:03 - 2018-07-23 11:03 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2018-07-23 11:02 - 2018-07-23 11:03 - 000000000 ____D C:\Users\shawn\AppData\Local\Wondershare
2018-07-23 11:02 - 2018-07-23 11:03 - 000000000 ____D C:\ProgramData\Wondershare
2018-07-23 11:02 - 2018-07-23 11:03 - 000000000 ____D C:\ProgramData\GraphicsType
2018-07-23 11:01 - 2018-07-23 11:02 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2018-07-23 10:29 - 2018-07-23 10:29 - 000000000 ____D C:\Users\shawn\AppData\Local\Steam
2018-07-23 10:29 - 2018-07-23 10:29 - 000000000 ____D C:\Users\shawn\AppData\Local\CEF
2018-07-23 10:26 - 2018-07-24 22:50 - 000000000 ____D C:\Program Files (x86)\Steam
2018-07-23 10:26 - 2018-07-23 10:26 - 000001034 _____ C:\Users\Public\Desktop\Steam.lnk
2018-07-23 10:26 - 2018-07-23 10:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2018-07-23 10:02 - 2018-07-23 10:02 - 014389014 _____ C:\Users\shawn\Downloads\1009111L.pdf
2018-07-23 10:00 - 2018-07-23 10:00 - 006313227 _____ C:\Users\shawn\Downloads\L0606200.pdf
2018-07-23 09:59 - 2018-07-23 09:59 - 000000000 ____D C:\Users\shawn\AppData\Local\DBG
2018-07-23 09:58 - 2018-07-27 09:35 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-07-23 09:58 - 2018-07-27 09:35 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-07-23 09:58 - 2018-07-23 10:06 - 000000000 ____D C:\Users\shawn\AppData\Local\Google
2018-07-23 09:58 - 2018-07-23 09:58 - 000003418 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-07-23 09:58 - 2018-07-23 09:58 - 000003294 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-07-23 09:58 - 2018-07-23 09:58 - 000000000 ____D C:\Program Files (x86)\Google
2018-07-21 22:59 - 2018-07-23 11:02 - 000000000 ____D C:\Users\shawn\Documents\Wondershare MediaServer
2018-07-21 22:59 - 2018-07-21 22:59 - 000000000 ____D C:\Users\shawn\Documents\Startup programs
2018-07-21 22:59 - 2018-07-21 22:59 - 000000000 ____D C:\Users\shawn\Documents\Outlook Files
2018-07-21 22:59 - 2018-07-21 22:59 - 000000000 ____D C:\Users\shawn\Documents\BeamNG.drive
2018-07-21 22:59 - 2018-07-21 22:59 - 000000000 ____D C:\Users\shawn\Documents\American Truck Simulator
2018-07-21 22:59 - 2018-07-07 00:11 - 000058932 ____R C:\Users\shawn\Documents\DESKTOP-T2UM94P (2018_07_12 16_37_11 UTC).txt
2018-07-21 22:59 - 2017-12-22 21:36 - 000002528 ____R C:\Users\shawn\Documents\Menu Settings (2018_07_12 16_37_11 UTC).xml
2018-07-21 22:59 - 2017-12-22 21:36 - 000002528 ____R C:\Users\shawn\Documents\Menu Settings (2018_06_28 06_42_31 UTC).xml
2018-07-21 22:59 - 2017-12-22 21:36 - 000002528 ____R C:\Users\shawn\Documents\Menu Settings (2018_04_18 05_44_29 UTC).xml
2018-07-21 22:59 - 2017-12-17 07:53 - 008170064 ____R C:\Users\shawn\Documents\SHAWNDELL (2018_07_12 16_37_11 UTC).arn
2018-07-21 22:59 - 2017-12-17 07:53 - 008170064 ____R C:\Users\shawn\Documents\SHAWNDELL (2018_06_28 06_42_31 UTC).arn
2018-07-21 22:59 - 2017-12-17 07:53 - 008170064 ____R C:\Users\shawn\Documents\SHAWNDELL (2018_04_18 05_44_29 UTC).arn
2018-07-21 22:59 - 2017-12-16 00:11 - 318948515 ____R C:\Users\shawn\Documents\Boobies (2018_07_12 16_37_11 UTC).exe
2018-07-21 22:59 - 2017-12-15 22:47 - 196681433 ____R C:\Users\shawn\Documents\SlideShow Boobs (2018_07_12 16_37_11 UTC).exe
2018-07-21 22:59 - 2017-11-29 21:47 - 000192752 ____R C:\Users\shawn\Documents\SHAWNDELL (2018_07_12 16_37_11 UTC).xml
2018-07-21 22:59 - 2017-11-29 21:47 - 000192752 ____R C:\Users\shawn\Documents\SHAWNDELL (2018_06_28 06_42_31 UTC).xml
2018-07-21 22:59 - 2017-11-29 21:47 - 000192752 ____R C:\Users\shawn\Documents\SHAWNDELL (2018_04_18 05_44_29 UTC).xml
2018-07-21 22:59 - 2017-11-29 21:46 - 000020074 ____R C:\Users\shawn\Documents\SHAWNDELL (2018_07_12 16_37_11 UTC).speccy
2018-07-21 22:59 - 2017-11-29 21:46 - 000020074 ____R C:\Users\shawn\Documents\SHAWNDELL (2018_06_28 06_42_31 UTC).speccy
2018-07-21 22:59 - 2017-11-29 21:46 - 000020074 ____R C:\Users\shawn\Documents\SHAWNDELL (2018_04_18 05_44_29 UTC).speccy
2018-07-21 22:58 - 2018-07-21 22:58 - 000000000 ____D C:\Users\shawn\Documents\My Games
2018-07-21 22:58 - 2018-07-21 22:58 - 000000000 ____D C:\Users\shawn\Documents\LinksysRouter
2018-07-21 22:58 - 2018-07-21 22:58 - 000000000 ____D C:\Users\shawn\Documents\JOHN DEERE STICK
2018-07-21 22:58 - 2018-07-21 22:58 - 000000000 ____D C:\Users\shawn\Documents\Healthcare
2018-07-21 22:58 - 2018-07-21 22:58 - 000000000 ____D C:\Users\shawn\Documents\Flight Simulator X Files
2018-07-21 22:53 - 2018-07-13 23:47 - 000990304 ____R C:\Users\shawn\Downloads\video-converter-ultimate_setup_full495 (2018_07_14 04_57_06 UTC).exe
2018-07-21 22:53 - 2018-07-07 00:07 - 001798176 ____R (CPUID, Inc. ) C:\Users\shawn\Downloads\cpu-z_1.85-en (2018_07_12 16_37_11 UTC).exe
2018-07-21 22:53 - 2018-07-06 11:53 - 001250832 ____R (CPUID, Inc. ) C:\Users\shawn\Downloads\hwmonitor_1.35 (2018_07_09 02_59_58 UTC).exe
2018-07-21 22:53 - 2018-01-10 23:58 - 005099176 ____R (techPowerUp (www.techpowerup.com)) C:\Users\shawn\Downloads\GPU-Z.2.5.0 (2018_06_28 06_42_31 UTC).exe
2018-07-21 22:53 - 2017-12-31 15:06 - 022707312 ____R (IPVanish) C:\Users\shawn\Downloads\ipvanish-setup (2018_06_28 06_42_31 UTC).exe
2018-07-21 22:53 - 2017-12-20 23:27 - 030658416 ____R (LastPass) C:\Users\shawn\Downloads\lastpass_x64 (2018_06_28 06_42_31 UTC).exe
2018-07-21 22:53 - 2017-11-26 00:06 - 001446792 ____R C:\Users\shawn\Downloads\SteamSetup (2018_06_28 06_42_31 UTC).exe
2018-07-21 22:40 - 2018-07-21 22:40 - 000000000 ____D C:\Windows\System32\Tasks\S-1-5-21-2601882220-278460563-2001962017-1001
2018-07-21 22:36 - 2018-07-21 22:36 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_mticache_01011.Wdf
2018-07-21 22:36 - 2015-07-13 17:00 - 000061512 _____ (Micron Technology, Inc.) C:\Windows\system32\Drivers\mticache.sys
2018-07-21 22:36 - 2015-07-13 17:00 - 000018504 _____ (Micron Technology, Inc.) C:\Windows\system32\Drivers\mtihint.sys
2018-07-21 22:23 - 2018-07-25 18:30 - 000000000 ____D C:\Users\shawn\AppData\Local\JxBrowser
2018-07-21 22:23 - 2018-07-21 22:23 - 000002166 _____ C:\Users\shawn\Desktop\Crucial Storage Executive.lnk
2018-07-21 22:23 - 2018-07-21 22:23 - 000000000 ____D C:\Users\shawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crucial Storage Executive
2018-07-21 22:23 - 2018-07-21 22:23 - 000000000 ____D C:\ProgramData\Oracle
2018-07-21 22:22 - 2018-07-21 22:22 - 000000000 ____D C:\Program Files\Crucial
2018-07-21 22:21 - 2018-07-21 22:21 - 000000000 ____D C:\Users\shawn\Downloads\storage-executive-win-64
2018-07-21 22:20 - 2018-07-21 22:20 - 011547985 _____ C:\Users\shawn\Downloads\MX500_M3CR022_Update.zip
2018-07-21 21:14 - 2018-07-12 23:34 - 000709816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-07-21 21:14 - 2018-07-12 23:32 - 000170904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-07-21 21:14 - 2018-07-12 23:30 - 002718624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-07-21 21:14 - 2018-07-12 22:59 - 001535488 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-07-21 21:14 - 2018-07-11 05:23 - 001008640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MixedRealityCapture.dll
2018-07-21 21:14 - 2018-07-11 04:24 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-07-21 21:14 - 2018-07-06 09:20 - 002868640 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-07-21 21:14 - 2018-07-06 09:20 - 001610648 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-07-21 21:14 - 2018-07-06 09:20 - 000792472 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-07-21 21:14 - 2018-07-06 09:20 - 000689560 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-07-21 21:14 - 2018-07-06 09:20 - 000612248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-07-21 21:14 - 2018-07-06 09:20 - 000451992 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-07-21 21:14 - 2018-07-06 09:20 - 000309664 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-07-21 21:14 - 2018-07-06 09:20 - 000144792 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-07-21 21:14 - 2018-07-06 09:20 - 000070040 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2018-07-21 21:14 - 2018-07-06 09:17 - 003932672 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2018-07-21 21:14 - 2018-07-06 09:14 - 000541592 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-07-21 21:14 - 2018-07-06 08:53 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2018-07-21 21:14 - 2018-07-06 08:53 - 000386048 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-07-21 21:14 - 2018-07-06 08:53 - 000340992 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2018-07-21 21:14 - 2018-07-06 08:52 - 000677376 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-07-21 21:14 - 2018-07-06 07:06 - 003611368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2018-07-21 21:14 - 2018-07-06 06:53 - 000347136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-07-21 21:14 - 2018-07-06 06:51 - 002401280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2018-07-21 21:14 - 2018-07-06 02:32 - 000480672 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2018-07-21 21:14 - 2018-07-06 02:31 - 000462752 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-07-21 21:14 - 2018-07-06 02:31 - 000035232 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2018-07-21 21:14 - 2018-07-06 02:27 - 000057440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.ShellCommon.Broker.dll
2018-07-21 21:14 - 2018-07-06 02:26 - 001148800 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2018-07-21 21:14 - 2018-07-06 02:26 - 000766608 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-07-21 21:14 - 2018-07-06 02:25 - 002753040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-07-21 21:14 - 2018-07-06 02:25 - 002571728 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-07-21 21:14 - 2018-07-06 02:25 - 001945784 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-07-21 21:14 - 2018-07-06 02:25 - 001026464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-07-21 21:14 - 2018-07-06 02:25 - 000335776 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2018-07-21 21:14 - 2018-07-06 02:25 - 000267680 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2018-07-21 21:14 - 2018-07-06 02:25 - 000139672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-07-21 21:14 - 2018-07-06 02:24 - 000380824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2018-07-21 21:14 - 2018-07-06 02:14 - 002242208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-07-21 21:14 - 2018-07-06 02:14 - 001981896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-07-21 21:14 - 2018-07-06 02:14 - 000988640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2018-07-21 21:14 - 2018-07-06 02:14 - 000573904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-07-21 21:14 - 2018-07-06 02:13 - 001620872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-07-21 21:14 - 2018-07-06 02:01 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2018-07-21 21:14 - 2018-07-06 02:01 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvcProxy.dll
2018-07-21 21:14 - 2018-07-06 02:00 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2018-07-21 21:14 - 2018-07-06 02:00 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2018-07-21 21:14 - 2018-07-06 02:00 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2018-07-21 21:14 - 2018-07-06 02:00 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\mapstoasttask.dll
2018-07-21 21:14 - 2018-07-06 02:00 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\MapsTelemetry.dll
2018-07-21 21:14 - 2018-07-06 02:00 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\nativemap.dll
2018-07-21 21:14 - 2018-07-06 01:59 - 001153536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2018-07-21 21:14 - 2018-07-06 01:59 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\NmaDirect.dll
2018-07-21 21:14 - 2018-07-06 01:59 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Geolocation.dll
2018-07-21 21:14 - 2018-07-06 01:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2018-07-21 21:14 - 2018-07-06 01:59 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\tokenbinding.dll
2018-07-21 21:14 - 2018-07-06 01:59 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2018-07-21 21:14 - 2018-07-06 01:58 - 004867584 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-07-21 21:14 - 2018-07-06 01:58 - 000670720 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2018-07-21 21:14 - 2018-07-06 01:58 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Core.dll
2018-07-21 21:14 - 2018-07-06 01:58 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Cortana.dll
2018-07-21 21:14 - 2018-07-06 01:58 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\CredProv2faHelper.dll
2018-07-21 21:14 - 2018-07-06 01:58 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2018-07-21 21:14 - 2018-07-06 01:58 - 000075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-07-21 21:14 - 2018-07-06 01:58 - 000035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tokenbinding.dll
2018-07-21 21:14 - 2018-07-06 01:57 - 003712512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-07-21 21:14 - 2018-07-06 01:57 - 000839680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2018-07-21 21:14 - 2018-07-06 01:57 - 000676864 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Devices.dll
2018-07-21 21:14 - 2018-07-06 01:57 - 000473088 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-07-21 21:14 - 2018-07-06 01:57 - 000262656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NmaDirect.dll
2018-07-21 21:14 - 2018-07-06 01:56 - 001817600 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2018-07-21 21:14 - 2018-07-06 01:56 - 001567744 _____ (Microsoft Corporation) C:\Windows\system32\SpeechPal.dll
2018-07-21 21:14 - 2018-07-06 01:56 - 000814592 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2018-07-21 21:14 - 2018-07-06 01:56 - 000784896 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2018-07-21 21:14 - 2018-07-06 01:56 - 000533504 _____ (Microsoft Corporation) C:\Windows\system32\QuietHours.dll
2018-07-21 21:14 - 2018-07-06 01:56 - 000508416 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2018-07-21 21:14 - 2018-07-06 01:56 - 000365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2018-07-21 21:14 - 2018-07-06 01:56 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2018-07-21 21:14 - 2018-07-06 01:56 - 000330752 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2018-07-21 21:14 - 2018-07-06 01:56 - 000327680 _____ (Microsoft Corporation) C:\Windows\system32\BioCredProv.dll
2018-07-21 21:14 - 2018-07-06 01:56 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Core.dll
2018-07-21 21:14 - 2018-07-06 01:56 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProv2faHelper.dll
2018-07-21 21:14 - 2018-07-06 01:55 - 003440128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-07-21 21:14 - 2018-07-06 01:55 - 001264640 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2018-07-21 21:14 - 2018-07-06 01:55 - 000415232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-07-21 21:14 - 2018-07-06 01:55 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2018-07-21 21:14 - 2018-07-06 01:54 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-07-21 21:14 - 2018-07-06 01:54 - 001214976 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2018-07-21 21:14 - 2018-07-06 01:54 - 000978944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2018-07-21 21:14 - 2018-07-06 01:54 - 000899072 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-07-21 21:14 - 2018-07-06 01:54 - 000542208 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-07-21 21:14 - 2018-07-06 01:54 - 000505344 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2018-07-21 21:14 - 2018-07-06 01:54 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2018-07-21 21:14 - 2018-07-06 01:54 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BioCredProv.dll
2018-07-21 21:14 - 2018-07-06 01:53 - 000778240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-07-21 21:14 - 2018-07-06 01:52 - 000533504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-07-21 21:14 - 2018-06-15 12:55 - 000542888 _____ C:\Windows\system32\FaceProcessorCore.dll
2018-07-21 21:14 - 2018-06-15 12:53 - 000348256 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2018-07-21 21:14 - 2018-06-15 12:50 - 001376576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-07-21 21:14 - 2018-06-15 12:49 - 021388856 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-07-21 21:14 - 2018-06-15 12:48 - 002395056 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2018-07-21 21:14 - 2018-06-15 12:48 - 000338352 _____ (Microsoft Corporation) C:\Windows\system32\AudioSrvPolicyManager.dll
2018-07-21 21:14 - 2018-06-15 12:34 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\DsmUserTask.exe
2018-07-21 21:14 - 2018-06-15 12:34 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\perfnet.dll
2018-07-21 21:14 - 2018-06-15 12:33 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2018-07-21 21:14 - 2018-06-15 12:33 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManagerAPI.dll
2018-07-21 21:14 - 2018-06-15 12:33 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2018-07-21 21:14 - 2018-06-15 12:32 - 000301568 _____ (Microsoft Corporation) C:\Windows\system32\AcLayers.dll
2018-07-21 21:14 - 2018-06-15 12:32 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2018-07-21 21:14 - 2018-06-15 12:31 - 000907776 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2018-07-21 21:14 - 2018-06-15 12:31 - 000220672 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-07-21 21:14 - 2018-06-15 12:30 - 001308672 _____ C:\Windows\system32\FaceProcessor.dll
2018-07-21 21:14 - 2018-06-15 12:30 - 001254400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2018-07-21 21:14 - 2018-06-15 12:30 - 001054720 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2018-07-21 21:14 - 2018-06-15 12:30 - 000878592 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2018-07-21 21:14 - 2018-06-15 12:29 - 002084352 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-07-21 21:14 - 2018-06-15 12:29 - 000932352 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2018-07-21 21:14 - 2018-06-15 12:29 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-07-21 21:14 - 2018-06-15 12:29 - 000740864 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2018-07-21 21:14 - 2018-06-15 12:29 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2018-07-21 21:14 - 2018-06-15 12:29 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSoftwareInstallationClient.dll
2018-07-21 21:14 - 2018-06-15 12:28 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2018-07-21 21:14 - 2018-06-15 12:28 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2018-07-21 21:14 - 2018-06-15 10:25 - 020383720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-07-21 21:14 - 2018-06-15 10:22 - 001026896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-07-21 21:14 - 2018-06-15 10:16 - 002206528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2018-07-21 21:14 - 2018-06-15 10:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfnet.dll
2018-07-21 21:14 - 2018-06-15 10:04 - 000851968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2018-07-21 21:14 - 2018-06-15 10:04 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcLayers.dll
2018-07-21 21:14 - 2018-06-15 10:03 - 000831488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2018-07-21 21:14 - 2018-06-15 10:03 - 000667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-07-21 21:14 - 2018-06-15 10:02 - 000704000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2018-07-21 21:14 - 2018-06-15 10:01 - 002015744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-07-21 21:14 - 2018-06-15 10:01 - 000228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2018-07-21 21:14 - 2018-06-15 08:23 - 000788992 _____ (Microsoft Corporation) C:\Windows\system32\DHolographicDisplay.dll
2018-07-21 21:14 - 2018-06-15 02:11 - 000611232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2018-07-21 21:14 - 2018-06-15 02:10 - 000048544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2018-07-21 21:14 - 2018-06-15 02:03 - 000083360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-07-21 21:14 - 2018-06-15 00:21 - 001213368 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2018-07-21 21:14 - 2018-06-15 00:19 - 000116632 _____ (Microsoft Corporation) C:\Windows\system32\DTUHandler.exe
2018-07-21 21:14 - 2018-06-15 00:19 - 000093600 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
2018-07-21 21:14 - 2018-06-15 00:18 - 000228768 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2018-07-21 21:14 - 2018-06-15 00:16 - 000562080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2018-07-21 21:14 - 2018-06-15 00:16 - 000433560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2018-07-21 21:14 - 2018-06-15 00:15 - 000753152 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2018-07-21 21:14 - 2018-06-15 00:13 - 000324000 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-07-21 21:14 - 2018-06-15 00:12 - 007519992 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-07-21 21:14 - 2018-06-15 00:12 - 000661152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2018-07-21 21:14 - 2018-06-15 00:12 - 000491304 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-07-21 21:14 - 2018-06-15 00:12 - 000260896 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-07-21 21:14 - 2018-06-15 00:12 - 000118872 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2018-07-21 21:14 - 2018-06-15 00:10 - 001934400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2018-07-21 21:14 - 2018-06-15 00:10 - 000717208 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll
2018-07-21 21:14 - 2018-06-15 00:10 - 000326024 _____ (Microsoft Corporation) C:\Windows\system32\ExecModelClient.dll
2018-07-21 21:14 - 2018-06-15 00:09 - 002830240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-07-21 21:14 - 2018-06-15 00:09 - 002546592 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2018-07-21 21:14 - 2018-06-15 00:09 - 001798552 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2018-07-21 21:14 - 2018-06-15 00:09 - 001742272 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2018-07-21 21:14 - 2018-06-15 00:09 - 001659296 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2018-07-21 21:14 - 2018-06-15 00:09 - 001209800 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2018-07-21 21:14 - 2018-06-15 00:09 - 001112600 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2018-07-21 21:14 - 2018-06-15 00:09 - 000594128 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2018-07-21 21:14 - 2018-06-15 00:09 - 000247984 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2018-07-21 21:14 - 2018-06-15 00:08 - 004403304 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2018-07-21 21:14 - 2018-06-15 00:08 - 002062488 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2018-07-21 21:14 - 2018-06-15 00:08 - 001921944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2018-07-21 21:14 - 2018-06-15 00:08 - 001784584 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2018-07-21 21:14 - 2018-06-15 00:08 - 001288840 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2018-07-21 21:14 - 2018-06-15 00:08 - 001150408 _____ (Microsoft Corporation) C:\Windows\system32\MSVP9DEC.dll
2018-07-21 21:14 - 2018-06-15 00:08 - 000945568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2018-07-21 21:14 - 2018-06-15 00:08 - 000898760 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-07-21 21:14 - 2018-06-15 00:08 - 000642088 _____ (Microsoft Corporation) C:\Windows\system32\msvcp_win.dll
2018-07-21 21:14 - 2018-06-15 00:08 - 000604576 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2018-07-21 21:14 - 2018-06-15 00:08 - 000500552 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2018-07-21 21:14 - 2018-06-15 00:08 - 000413816 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2018-07-21 21:14 - 2018-06-15 00:08 - 000072768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WindowsTrustedRT.sys
2018-07-21 21:14 - 2018-06-15 00:07 - 001611584 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2018-07-21 21:14 - 2018-06-15 00:05 - 000550608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-07-21 21:14 - 2018-06-15 00:04 - 001462824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2018-07-21 21:14 - 2018-06-15 00:04 - 001397192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVP9DEC.dll
2018-07-21 21:14 - 2018-06-15 00:04 - 001251736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-07-21 21:14 - 2018-06-15 00:04 - 000719552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-07-21 21:14 - 2018-06-15 00:04 - 000281080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExecModelClient.dll
2018-07-21 21:14 - 2018-06-15 00:04 - 000105376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2018-07-21 21:14 - 2018-06-15 00:03 - 006572000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-07-21 21:14 - 2018-06-15 00:03 - 004788504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2018-07-21 21:14 - 2018-06-15 00:03 - 002163184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2018-07-21 21:14 - 2018-06-15 00:03 - 001805752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2018-07-21 21:14 - 2018-06-15 00:03 - 001710240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2018-07-21 21:14 - 2018-06-15 00:03 - 001380192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2018-07-21 21:14 - 2018-06-15 00:03 - 001020160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2018-07-21 21:14 - 2018-06-15 00:03 - 001011968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2018-07-21 21:14 - 2018-06-15 00:03 - 000770152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2018-07-21 21:14 - 2018-06-15 00:03 - 000472136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2018-07-21 21:14 - 2018-06-15 00:03 - 000356960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2018-07-21 21:14 - 2018-06-15 00:03 - 000232488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2018-07-21 21:14 - 2018-06-15 00:03 - 000129192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-07-21 21:14 - 2018-06-14 23:49 - 002962944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2018-07-21 21:14 - 2018-06-14 23:48 - 000311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Diagnostics.dll
2018-07-21 21:14 - 2018-06-14 23:47 - 000622080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2018-07-21 21:14 - 2018-06-14 23:47 - 000515072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2018-07-21 21:14 - 2018-06-14 23:47 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
2018-07-21 21:14 - 2018-06-14 23:46 - 004706816 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2018-07-21 21:14 - 2018-06-14 23:46 - 001356800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2018-07-21 21:14 - 2018-06-14 23:46 - 000593408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2018-07-21 21:14 - 2018-06-14 23:46 - 000584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Gaming.Input.dll
2018-07-21 21:14 - 2018-06-14 23:46 - 000224768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2018-07-21 21:14 - 2018-06-14 23:46 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-21 21:14 - 2018-06-14 23:45 - 002548736 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2018-07-21 21:14 - 2018-06-14 23:45 - 000871424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2018-07-21 21:14 - 2018-06-14 23:45 - 000835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-07-21 21:14 - 2018-06-14 23:45 - 000740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2018-07-21 21:14 - 2018-06-14 23:45 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-07-21 21:14 - 2018-06-14 23:45 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
2018-07-21 21:14 - 2018-06-14 23:45 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\DTUHandlerPS.dll
2018-07-21 21:14 - 2018-06-14 23:44 - 001342976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2018-07-21 21:14 - 2018-06-14 23:44 - 000873472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2018-07-21 21:14 - 2018-06-14 23:44 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xboxgip.sys
2018-07-21 21:14 - 2018-06-14 23:44 - 000185344 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2018-07-21 21:14 - 2018-06-14 23:44 - 000135680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
2018-07-21 21:14 - 2018-06-14 23:44 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\updatecsp.dll
2018-07-21 21:14 - 2018-06-14 23:44 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll
2018-07-21 21:14 - 2018-06-14 23:44 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cellulardatacapabilityhandler.dll
2018-07-21 21:14 - 2018-06-14 23:43 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.PointOfService.dll
2018-07-21 21:14 - 2018-06-14 23:43 - 001110528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2018-07-21 21:14 - 2018-06-14 23:43 - 000675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2018-07-21 21:14 - 2018-06-14 23:43 - 000426496 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2018-07-21 21:14 - 2018-06-14 23:43 - 000312832 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
2018-07-21 21:14 - 2018-06-14 23:43 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\RdpRelayTransport.dll
2018-07-21 21:14 - 2018-06-14 23:43 - 000191488 _____ (Microsoft Corporation) C:\Windows\system32\VideoHandlers.dll
2018-07-21 21:14 - 2018-06-14 23:43 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2018-07-21 21:14 - 2018-06-14 23:43 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2018-07-21 21:14 - 2018-06-14 23:42 - 000978432 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2018-07-21 21:14 - 2018-06-14 23:42 - 000558592 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2018-07-21 21:14 - 2018-06-14 23:42 - 000431104 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2018-07-21 21:14 - 2018-06-14 23:42 - 000386048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Diagnostics.dll
2018-07-21 21:14 - 2018-06-14 23:42 - 000319488 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2018-07-21 21:14 - 2018-06-14 23:42 - 000287232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-07-21 21:14 - 2018-06-14 23:42 - 000273920 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2018-07-21 21:14 - 2018-06-14 23:42 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-07-21 21:14 - 2018-06-14 23:42 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2018-07-21 21:14 - 2018-06-14 23:42 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-07-21 21:14 - 2018-06-14 23:42 - 000102400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-21 21:14 - 2018-06-14 23:41 - 001768448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2018-07-21 21:14 - 2018-06-14 23:41 - 001724928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2018-07-21 21:14 - 2018-06-14 23:41 - 000953856 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2018-07-21 21:14 - 2018-06-14 23:41 - 000811520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Gaming.Input.dll
2018-07-21 21:14 - 2018-06-14 23:41 - 000625152 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2018-07-21 21:14 - 2018-06-14 23:41 - 000270336 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2018-07-21 21:14 - 2018-06-14 23:41 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManager.dll
2018-07-21 21:14 - 2018-06-14 23:41 - 000265728 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2018-07-21 21:14 - 2018-06-14 23:41 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2018-07-21 21:14 - 2018-06-14 23:40 - 001487360 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2018-07-21 21:14 - 2018-06-14 23:40 - 000827392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2018-07-21 21:14 - 2018-06-14 23:40 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll
2018-07-21 21:14 - 2018-06-14 23:40 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
2018-07-21 21:14 - 2018-06-14 23:39 - 002583552 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2018-07-21 21:14 - 2018-06-14 23:39 - 000916992 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-07-21 21:14 - 2018-06-14 23:39 - 000847360 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2018-07-21 21:14 - 2018-06-14 23:39 - 000684544 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2018-07-21 21:14 - 2018-06-14 23:38 - 001854976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2018-07-21 21:14 - 2018-06-14 23:38 - 001581568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.PointOfService.dll
2018-07-21 21:14 - 2018-06-14 23:38 - 001305088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2018-07-21 21:14 - 2018-06-14 23:38 - 001070080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2018-07-21 21:14 - 2018-06-14 23:38 - 001036288 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2018-07-21 21:14 - 2018-06-14 23:38 - 000910848 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2018-07-21 21:14 - 2018-06-14 23:38 - 000596480 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2018-07-21 21:14 - 2018-06-14 23:37 - 001374208 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2018-07-21 21:14 - 2018-06-14 23:37 - 000883712 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-07-21 21:14 - 2018-06-14 23:36 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2018-07-21 21:14 - 2018-06-01 00:18 - 000058524 _____ C:\Windows\system32\srms.dat
2018-07-21 21:14 - 2018-05-20 06:53 - 000792984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2018-07-21 21:14 - 2018-05-20 06:52 - 000413080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-07-21 21:13 - 2018-07-21 21:13 - 000000000 ____D C:\Windows\Firmware
2018-07-21 21:12 - 2018-07-21 21:12 - 000000000 ____D C:\Users\shawn\AppData\Local\Comms
2018-07-21 21:12 - 2018-07-21 21:07 - 000563832 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-07-21 21:11 - 2018-07-21 21:12 - 000000000 ____D C:\Windows\system32\MRT
2018-07-21 21:11 - 2018-07-21 21:11 - 134675576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-07-21 21:11 - 2018-03-16 02:36 - 008099202 _____ C:\Windows\system32\nvcoproc.bin
2018-07-21 21:11 - 2018-03-16 02:36 - 005952992 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-07-21 21:11 - 2018-03-16 02:36 - 002595776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-07-21 21:11 - 2018-03-16 02:36 - 001768008 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-07-21 21:11 - 2018-03-16 02:36 - 000633792 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-07-21 21:11 - 2018-03-16 02:36 - 000451144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-07-21 21:11 - 2018-03-16 02:36 - 000124032 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-07-21 21:11 - 2018-03-16 02:36 - 000083424 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-07-21 21:10 - 2018-07-28 01:01 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-21 21:10 - 2018-07-25 18:43 - 000000000 ____D C:\ProgramData\Packages
2018-07-21 21:10 - 2018-07-21 21:11 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-07-21 21:10 - 2018-07-21 21:10 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2018-07-21 21:10 - 2018-07-21 21:10 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-07-21 21:10 - 2018-07-21 21:10 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-07-21 21:10 - 2018-03-16 03:44 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-07-21 21:05 - 2018-07-29 15:26 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-07-21 21:05 - 2018-07-29 15:04 - 000000000 __SHD C:\Users\shawn\IntelGraphicsProfiles
2018-07-21 21:05 - 2018-07-25 18:48 - 000000000 ____D C:\Program Files\Intel
2018-07-21 21:05 - 2018-07-25 18:45 - 000000000 ____D C:\Program Files (x86)\Intel
2018-07-21 21:05 - 2018-07-21 21:05 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2018-07-21 21:05 - 2017-11-07 17:29 - 000140280 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2018-07-21 21:05 - 2017-11-07 17:29 - 000116728 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2018-07-21 21:04 - 2018-07-21 21:04 - 000003376 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2601882220-278460563-2001962017-1001
2018-07-21 21:03 - 2018-07-25 11:12 - 000000000 ____D C:\Users\shawn\AppData\Local\PlaceholderTileLogoFolder
2018-07-21 21:03 - 2018-07-23 11:02 - 000000000 ____D C:\Users\shawn\AppData\Local\D3DSCache
2018-07-21 21:03 - 2018-07-21 21:04 - 000000000 ___RD C:\Users\shawn\OneDrive
2018-07-21 21:03 - 2018-07-21 21:03 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2018-07-21 21:03 - 2018-07-21 21:03 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_esif_lf_01011.Wdf
2018-07-21 21:03 - 2018-07-21 21:03 - 000000000 ____D C:\Windows\system32\Intel
2018-07-21 21:02 - 2018-07-21 21:02 - 000001417 _____ C:\Users\shawn\Desktop\Microsoft Edge.lnk
2018-07-21 21:02 - 2018-07-21 21:02 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-07-21 21:01 - 2018-07-25 18:58 - 000000000 ____D C:\Users\shawn\AppData\Local\VirtualStore
2018-07-21 21:01 - 2018-07-25 18:43 - 000000000 ____D C:\Users\shawn\AppData\Local\Packages
2018-07-21 21:01 - 2018-07-21 21:23 - 000000000 ____D C:\Users\shawn\AppData\Local\Publishers
2018-07-21 21:01 - 2018-07-21 21:18 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-07-21 21:01 - 2018-07-21 21:18 - 000000000 ___RD C:\Users\shawn\3D Objects
2018-07-21 21:01 - 2018-07-21 21:02 - 000000000 ____D C:\Users\shawn\AppData\Local\ConnectedDevicesPlatform
2018-07-21 21:01 - 2018-07-21 21:01 - 000000000 ___HD C:\Users\shawn\MicrosoftEdgeBackups
2018-07-21 21:01 - 2018-07-21 21:01 - 000000000 ____D C:\Users\shawn\AppData\Roaming\Adobe
2018-07-21 21:01 - 2018-07-21 21:01 - 000000000 ____D C:\Users\shawn\AppData\Local\MicrosoftEdge
2018-07-21 21:00 - 2018-07-28 00:16 - 000840376 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-21 21:00 - 2018-07-21 21:00 - 000003218 _____ C:\Windows\System32\Tasks\RtHDVBg_PushButton
2018-07-21 21:00 - 2018-07-21 21:00 - 000001115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
2018-07-21 21:00 - 2018-07-21 21:00 - 000000000 ____D C:\Windows\system32\RTCOM
2018-07-21 21:00 - 2018-07-21 21:00 - 000000000 ____D C:\Program Files\Waves
2018-07-21 21:00 - 2018-07-21 21:00 - 000000000 ____D C:\Program Files (x86)\Realtek
2018-07-21 20:59 - 2018-07-21 21:05 - 000000000 ____D C:\Users\shawn
2018-07-21 20:59 - 2018-07-21 21:04 - 000002365 _____ C:\Users\shawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-21 20:59 - 2018-07-21 21:00 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-07-21 20:59 - 2018-07-21 20:59 - 000103040 _____ C:\Windows\system32\Drivers\rtkhdasetting.zip
2018-07-21 20:59 - 2018-07-21 20:59 - 000000020 ___SH C:\Users\shawn\ntuser.ini
2018-07-21 20:58 - 2018-07-21 20:59 - 000000000 ____D C:\Program Files\Realtek
2018-07-21 20:57 - 2018-07-21 20:57 - 000000000 ____D C:\ProgramData\USOShared
2018-07-21 20:57 - 2018-04-11 18:33 - 002752000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2018-07-21 19:43 - 2018-07-27 20:43 - 000000000 ____D C:\Windows\Panther
2018-07-21 19:39 - 2018-07-24 19:55 - 000000000 ____D C:\Windows.old.000
2018-07-21 19:09 - 2018-07-24 17:53 - 000000000 ____D C:\Windows.old
2018-07-21 18:47 - 2018-07-28 00:11 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-21 18:47 - 2018-07-27 20:16 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-07-21 18:47 - 2018-07-21 21:17 - 000000000 ____D C:\Windows\system32\Drivers\wd
2018-07-21 18:47 - 2018-07-21 18:47 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2018-07-21 18:47 - 2018-07-21 18:47 - 000000000 ____D C:\Windows\ServiceProfiles
2018-07-21 15:55 - 2018-07-21 19:09 - 000000000 ___HD C:\$SysReset
2018-07-21 11:28 - 2018-07-21 12:04 - 000000000 ____D C:\ESD
2018-07-14 00:23 - 2018-07-14 00:23 - 000000000 ___HD C:\MediaServer_Temp
2018-07-05 19:27 - 2018-07-29 16:45 - 000000000 ____D C:\FRST
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-07-29 16:32 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-28 00:19 - 2018-04-11 18:36 - 000000000 ____D C:\Windows\INF
2018-07-28 00:11 - 2018-04-11 16:04 - 000524288 _____ C:\Windows\system32\config\BBI
2018-07-27 21:37 - 2018-04-11 18:30 - 000000000 ____D C:\Windows\CbsTemp
2018-07-27 09:10 - 2018-04-11 18:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-27 09:10 - 2018-04-11 18:38 - 000000000 ____D C:\Windows\AppReadiness
2018-07-24 19:39 - 2018-04-11 18:38 - 000000000 ___SD C:\Windows\SysWOW64\F12
2018-07-24 19:39 - 2018-04-11 18:38 - 000000000 ___SD C:\Windows\system32\UNP
2018-07-24 19:39 - 2018-04-11 18:38 - 000000000 ___SD C:\Windows\system32\F12
2018-07-24 19:39 - 2018-04-11 18:38 - 000000000 ___RD C:\Windows\PrintDialog
2018-07-24 19:39 - 2018-04-11 18:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-07-24 19:39 - 2018-04-11 18:38 - 000000000 ____D C:\Windows\TextInput
2018-07-24 19:39 - 2018-04-11 18:38 - 000000000 ____D C:\Windows\system32\ShellExperiences
2018-07-24 19:39 - 2018-04-11 18:38 - 000000000 ____D C:\Windows\ShellExperiences
2018-07-24 19:39 - 2018-04-11 18:38 - 000000000 ____D C:\Windows\bcastdvr
2018-07-24 19:39 - 2018-04-11 18:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-07-24 18:05 - 2018-04-11 16:04 - 000032768 _____ C:\Windows\system32\config\ELAM
2018-07-24 17:59 - 2018-04-11 18:38 - 000000000 ___HD C:\Windows\ELAMBKUP
2018-07-23 22:55 - 2018-04-11 18:38 - 000000000 ____D C:\Windows\LiveKernelReports
2018-07-22 14:24 - 2018-04-11 18:38 - 000000000 ____D C:\Windows\appcompat
2018-07-21 22:56 - 2018-04-11 18:38 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\zu-ZA
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\yo-NG
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\xh-ZA
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\wo-SN
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\uz-Latn-UZ
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\tn-ZA
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\ti-ET
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\tg-Cyrl-TJ
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\sr-Cyrl-RS
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\sr-Cyrl-BA
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\sd-Arab-PK
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\rw-RW
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\quc-Latn-GT
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\pa-Arab-PK
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\nso-ZA
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\ku-Arab-IQ
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\ig-NG
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\ha-Latn-NG
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\chr-CHER-US
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\ca-ES-valencia
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\bs-Latn-BA
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\SysWOW64\az-Latn-AZ
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\zu-ZA
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\yo-NG
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\xh-ZA
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\wo-SN
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\uz-Latn-UZ
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\tn-ZA
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\ti-ET
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\tg-Cyrl-TJ
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\sr-Cyrl-RS
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\sr-Cyrl-BA
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\sd-Arab-PK
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\rw-RW
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\quc-Latn-GT
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\pa-Arab-PK
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\nso-ZA
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\ku-Arab-IQ
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\ig-NG
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\ha-Latn-NG
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\chr-CHER-US
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\ca-ES-valencia
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\bs-Latn-BA
2018-07-21 21:17 - 2018-04-12 04:19 - 000000000 ____D C:\Windows\system32\az-Latn-AZ
2018-07-21 21:17 - 2018-04-11 18:38 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2018-07-21 21:17 - 2018-04-11 18:38 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2018-07-21 21:17 - 2018-04-11 18:38 - 000000000 ____D C:\Windows\system32\appraiser
2018-07-21 21:14 - 2018-06-27 22:34 - 000000000 ____D C:\Intel
2018-07-21 21:10 - 2018-04-11 18:38 - 000000000 ____D C:\Windows\Help
2018-07-21 21:07 - 2018-06-27 21:27 - 000000000 ___HD C:\OneDriveTemp
2018-07-21 20:57 - 2018-04-11 18:38 - 000000000 ____D C:\Windows\system32\spool
2018-07-21 20:57 - 2018-04-11 18:38 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-07-21 20:57 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\USOPrivate
2018-07-21 19:43 - 2018-04-11 18:38 - 000028672 _____ C:\Windows\system32\config\BCD-Template
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-07-21 18:47
 
==================== End of FRST.txt ============================
 
 
 


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,476 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:33 PM

Posted 30 July 2018 - 08:34 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Hi,

Your logs are clean.

Please post the report from Superantispyware.
I would like to see what we are dealing with.

#3 spoonman21

spoonman21
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Minnesota
  • Local time:10:33 PM

Posted 30 July 2018 - 03:32 PM

Hello nasdaq,

 

Thanks for your help.  Here is the log.

 

SUPERAntiSpyware System Investigator
July 30, 2018 at 3:30:34 PM
 
Legend:
[?] = Unknown/unverified items
[T] = Trusted items
[X] = Known bad/unwanted items
[-] = Removed items
 
======================
 User Downvoted Items 
======================
 
=== Temporary Folders ===
 
[X] Objlist.exe
     [Shawn Reese] %Temp%\RarSFX0\SECURITYCHECK
 
[X] cmdinfo.exe
     [Shawn Reese] %Temp%\RarSFX0\SECURITYCHECK\Other
 
[X] nircmdc.exe
     [Shawn Reese] %Temp%\RarSFX0\SECURITYCHECK\Other
 
[X] sed.exe
     [Shawn Reese] %Temp%\RarSFX0\SECURITYCHECK\Other
 
[X] swreg.exe
     [Shawn Reese] %Temp%\RarSFX0\SECURITYCHECK\Other
 
[X] RUNPROCESSES.EXE
     [Shawn Reese] %Temp%\RarSFX0\SECURITYCHECK
 
===============
 Unknown Items 
===============
 
=== Windows User Startup ===
 
[?] IASTORICONLAUNCH.EXE
     %ProgramFiles%\Intel\INTEL® RAPID STORAGE TECHNOLOGY
 
=== Internet Browser Plugins ===
 
[?] Docs
     Google Chrome Browser Extension
 
[?] Google Drive
     Google Chrome Browser Extension
 
[?] YouTube
     Google Chrome Browser Extension
 
[?] AdBlock
     Google Chrome Browser Extension
 
[?] HTML5 Storage Manager All in One
     Google Chrome Browser Extension
 
[?] LASTPASS: FREE PASSWORD MANAGER
     Google Chrome Browser Extension
 
[?] DISABLE WEBGL
     Google Chrome Browser Extension
 
[?] Chrome Web Store Payments
     Google Chrome Browser Extension
 
[?] WebRTC Network Limiter
     Google Chrome Browser Extension
 
[?] Gmail
     Google Chrome Browser Extension
 
[?] CHROME MEDIA ROUTER
     Google Chrome Browser Extension
     This file was first seen today.
 
[?] Google Update
     Mozilla Firefox Browser Extension
 
=== Installed Applications ===
 
[?] Crucial Storage Executive
     Crucial
 
[?] Microsoft OneDrive
     Microsoft Corporation
 
[?] UCheck version 2.3.5.0
     Adlice Software
 
[?] Speccy
     Piriform
 
[?] BeamNG.drive
     BeamNG
 
[?] Farming Simulator 17
     Giants Software
 
[?] TAP-Windows 9.21.2
     TAP-Windows 9.21.2
 
[?] Vulkan Run Time Libraries 1.0.54.1
     Intel Corporation Inc.
 
[?] Vulkan Run Time Libraries 1.0.65.1
     LunarG, Inc.
 
[?] Maxx Audio Installer (x64)
     Waves Audio Ltd.
 
[?] Intel® Rapid Storage Technology
     Intel Corporation
 
[?] Dell SupportAssist
     Dell Inc.
 
[?] Intel® Chipset Device Software
     Intel Corporation
 
[?] Intel® Rapid Storage Technology
     Intel Corporation
 
[?] Intel® Serial IO
     Intel Corporation
 
[?] Revo Uninstaller 2.0.5
     VS Revo Group, Ltd.
 
[?] NVIDIA Graphics Driver 391.25
     NVIDIA Corporation
 
[?] SUPERAntiSpyware
     SUPERAntiSpyware.com
 
[?] IPVanish
     IPVanish
 
[?] Intel® Serial IO
     Intel Corporation
 
[?] Google Chrome
     Google Inc.
 
[?] IPVanish
     IPVanish
 
[?] Steam
     Valve Corporation
 
[?] Tweaking.com - Simple System Tweaker
     Tweaking.com
 
[?] Tweaking.com - Windows Repair
     Tweaking.com
 
[?] Google Update Helper
     Google Inc.
 
[?] Intel® Dynamic Platform and Thermal Framework
     Intel Corporation
 
[?] Intel® Chipset Device Software
     Intel® Corporation
 
[?] Realtek PC Camera Driver
     Realtek Semiconductor Corp.
 
[?] Intel® Processor Graphics
     Intel Corporation
 
[?] Realtek High Definition Audio Driver
     Realtek Semiconductor Corp.
 
=== Services & Drivers ===
 
[?] INTELCPHECISVC.EXE
     %System%\DRIVERSTORE\FILEREPOSITORY\KI125183.INF_AMD64_CB49708B33BAD074
 
[?] INTELCPHDCPSVC.EXE
     %System%\DRIVERSTORE\FILEREPOSITORY\KI125183.INF_AMD64_CB49708B33BAD074
 
[?] iaStorA.sys
     %System%\drivers
 
[?] IASTORDATAMGRSVC.EXE
     %ProgramFiles%\Intel\INTEL® RAPID STORAGE TECHNOLOGY
 
[?] IGFXCUISERVICE.EXE
     %System%\DRIVERSTORE\FILEREPOSITORY\KI125183.INF_AMD64_CB49708B33BAD074
 
[?] MICRONCACHEMONITOR.EXE
     %ProgramFiles%\Crucial\CRUCIAL STORAGE EXECUTIVE\cache
 
=== Classes (CLSIDs) ===
 
[?] IGFXCUISERVICE.EXE
     %System%\DRIVERSTORE\FILEREPOSITORY\KI125183.INF_AMD64_CB49708B33BAD074
 
[?] igfxSDK.exe
     %System%\DRIVERSTORE\FILEREPOSITORY\KI125183.INF_AMD64_CB49708B33BAD074
 
[?] igfxext.exe
     %System%\DRIVERSTORE\FILEREPOSITORY\KI125183.INF_AMD64_CB49708B33BAD074
 
[?] msdbg2.dll
     %System%\F12
 
=== Desktop, Start & Taskbar ===
 
[?] FRST64.exe
     [Shawn Reese] %Desktop%
     This file was first seen today.
 
[?] REPAIR_WINDOWS.EXE
     [32-bit] %ProgramFiles%\Tweaking.com\WINDOWS REPAIR (ALL IN ONE)
 
[?] IPVANISH.VPNCLIENT.EXE
     %ProgramFiles%\IPVANISH VPN
 
[?] SIMPLE_SYSTEM_TWEAKER.EXE
     [32-bit] %ProgramFiles%\Tweaking.com\SIMPLE SYSTEM TWEAKER
 
[?] CORE TEMP.EXE
     [Shawn Reese] %Profile%\DOWNLOADS\CORETEMP64 (2018_07_12 16_37_11 UTC)
 
[?] UNINSTALLSTORAGEEXECUTIVE.EXE
     %ProgramFiles%\Crucial\CRUCIAL STORAGE EXECUTIVE
 
=== Application Data Folders ===
 
[?] IPVANISH-3.1.3.0.EXE
     %ProgramData%\Caphyon\ADVANCED INSTALLER\{F37899FA-64B1-4F74-885C-CF177117777B}
 
[?] SETUPCHIPSET.EXE
     %ProgramData%\dell\drivers\4D8639FE-C3B4-4F0D-AFFE-D379ECF43762
 
[?] Setup.exe
     %ProgramData%\Intel\PACKAGE CACHE\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}
 
[?] SETUPCHIPSET.EXE
     %ProgramData%\PACKAGE CACHE\{BB0592A7-5772-4736-9D55-2402740085DB}
 
=== Windows Task Scheduler ===
 
[?] IPVANISH.VPNCLIENT.EXE
     %ProgramFiles%\IPVANISH VPN
 
=== Running Processes ===
 
[?] IGFXCUISERVICE.EXE
     %System%\DRIVERSTORE\FILEREPOSITORY\KI125183.INF_AMD64_CB49708B33BAD074
 
[?] INTELWIFIIHV04.DLL
     %System%
 
[?] INTELCPHDCPSVC.EXE
     %System%\DRIVERSTORE\FILEREPOSITORY\KI125183.INF_AMD64_CB49708B33BAD074
 
[?] INTELCPHECISVC.EXE
     %System%\DRIVERSTORE\FILEREPOSITORY\KI125183.INF_AMD64_CB49708B33BAD074
 
[?] MSCORLIB.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V2.0.50727_64\mscorlib\077CF2BD55145D691314F0889D7A1997
 
[?] SYSTEM.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V2.0.50727_64\System\1201F26CB986C93F55044BB4FA22B294
 
[?] SYSTEM.SERVICEPROCESS.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V2.0.50727_64\SYSTEM.SERVICEPROCE#\5E91B88AC0255894C4E0248B14FC4649
 
[?] WINDOWSBASE.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V2.0.50727_64\WINDOWSBASE\AF34FA807530F3F8FCA73730B8603206
 
[?] PRESENTATIONCORE.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V2.0.50727_64\PRESENTATIONCORE\60405837528F8B4ADFD4FE40E85D52D2
 
[?] SYSTEM.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\System\965E909FD683F35ACAB1D1C986AC3E54
 
[?] SYSTEM.SERVICEPROCESS.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.SERV759BFB78#\5FE47A3EC5ABF26EC2D7A05BC858EFD5
 
[?] SYSTEM.CORE.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.CORE\5A948A42691C283A23CB2B20B67C834C
 
[?] SYSTEM.CONFIGURATION.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.CONFIGURATION\31F11B9C19DCE6F798F268E5796A32F5
 
[?] SYSTEM.XML.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\System.Xml\BEFCE73B472A6FD70400E12B13E05B6E
 
[?] SYSTEM.SERVICEMODEL.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.SERVICEMODEL\9AE92613BC301F78EC5B23BE658E327B
 
[?] SYSTEM.DATA.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.DATA\66FAF80676413FEF8D9BB1548EEADE94
 
[?] SYSTEM.RUNTIME.SERIALIZATION.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.RUNTEB92AA12#\107FF8EEBCF1C5C0A7BD744A98533B07
 
[?] SYSTEM.MANAGEMENT.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.MANAGEMENT\7AEB88BAFB3D69E410D0F08BD156CDE1
 
[?] SYSTEM.XML.LINQ.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.XML.LINQ\5B126E221198DDCF13342910E53D8EF8
 
[?] SYSTEM.NET.HTTP.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.NET.HTTP\2431175B07871CBE609C434A101D9657
 
[?] SYSTEM.MANAGEMENT.AUTOMATION.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.MANAA57FC8CC#\8A859D7E0AFF6174F0AFAF63AD7C12AC
 
[?] MICROSOFT.POWERSHELL.COMMANDS.DIAGNOSTICS.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\MICROSOFT.P1706CAFE#\7F0372C9E248C87B7AF8C30DA5B98D2C
 
[?] SYSTEM.CONFIGURATION.INSTALL.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.CONFE64A9051#\BDB84C0C88D68DB589FD7CCEF2E9E856
 
[?] MICROSOFT.POWERSHELL.CONSOLEHOST.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\MICROSOFT.PB378EC07#\B4227D0AD54679664E3430B093563ECD
 
[?] MICROSOFT.POWERSHELL.COMMANDS.UTILITY.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\MICROSOFT.P521220EA#\1C750956DB20AA7BBB377B02CBC81AA8
 
[?] MICROSOFT.POWERSHELL.COMMANDS.MANAGEMENT.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\MICROSOFT.PAE3498D9#\33E72093263E6D38867E2E0AA494F284
 
[?] MICROSOFT.MANAGEMENT.INFRASTRUCTURE.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\MICROSOFT.MF49F6405#\4230A5AAE47B471FA443CE895CB4F28B
 
[?] MICROSOFT.POWERSHELL.SECURITY.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\MICROSOFT.P6F792626#\1EEE33FB5C8E3AA6892093E563D6B5F5
 
[?] MICROSOFT.WSMAN.MANAGEMENT.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\MICROSOFT.WE0722664#\5B1B495A8043DEB912290897903E97E1
 
[?] SYSTEM.DIRECTORYSERVICES.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.DIRED13B18A9#\7B98C38B34E8BF5706205A9804CBECDD
 
[?] SYSTEM.NUMERICS.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.NUMERICS\CD464F222AE9286F95FCB74BA5DA1974
 
[?] SYSTEM.TRANSACTIONS.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.TRANSACTIONS\AC1B240D82478525933B3C823DA0F0B8
 
[?] MICROSOFT.WINDOWS.APPX.PACKAGEMANAGER.COMMANDS.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\MICROSOFT.WE5B77BCA#\2F98B34189DA2CCA108832682FFDF6EE
 
[?] WINDOWS.MANAGEMENT.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\WINDOWS.MANAGEMENT\2464BFFE3420CECE973FDAC85C3C596F
 
[?] WINDOWS.FOUNDATION.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\WINDOWS.FOUNDATION\3D86FFB7938D8D94BDDC40C9C8F3FC0E
 
[?] WINDOWS.APPLICATIONMODEL.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\WINDOWS.APP640A3541#\254F24393C293EBF4D3C10E107EE1160
 
[?] IASTORDATAMGRSVC.EXE
     %ProgramFiles%\Intel\INTEL® RAPID STORAGE TECHNOLOGY
 
[?] SYSTEM.DRAWING.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.DRAWING\344C05B9279AFD9D22569D39487CD6E4
 
[?] SYSTEM.WINDOWS.FORMS.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.WINDOWS.FORMS\BCE386DE89875F02342F8A1B92A93416
 
[?] SYSTEM.DEPLOYMENT.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.DEPLOYMENT\AC32F541BD1F64DDE1E12ED624CAD3C9
 
[?] SYSTEM.ENTERPRISESERVICES.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.ENTE96D83B35#\AD17B532295E2DA71692276160FDCAF6
 
[?] SYSTEM.ENTERPRISESERVICES.WRAPPER.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.ENTE96D83B35#\AD17B532295E2DA71692276160FDCAF6
 
[?] SMDIAGNOSTICS.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SMDIAGNOSTICS\FD4B314346A6698325D1D0E2FC5AEF2C
 
[?] SYSTEM.SERVICEMODEL.WEB.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.SERVF73E6522#\96BE41C42F0F9FF82E61BE8BFD17F731
 
[?] SYSTEM.SERVICEMODEL.INTERNALS.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.SERVD1DEC626#\E835ABE78A85D61FBA2CC144BEE26E6B
 
[?] SYSTEM.RUNTIME.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.RUNTIME\908BAF9A54F83F0001DFA04FCD78EF6B
 
[?] SYSTEM.COMPONENTMODEL.DATAANNOTATIONS.NI.DLL
     %Windows%\assembly\NATIVEIMAGES_V4.0.30319_64\SYSTEM.COMP46F2B404#\0888BCCD51A84CF1F67ABE3A787577D1
     This file was first seen today.
 
[?] igfxEM.exe
     %System%\DRIVERSTORE\FILEREPOSITORY\KI125183.INF_AMD64_CB49708B33BAD074
 
[?] VIDEO.UI.EXE
     %ProgramFiles%\WINDOWSAPPS\MICROSOFT.ZUNEVIDEO_10.18061.13911.0_X64__8WEKYB3D8BBWE
 
[?] SharedUI.dll
     %ProgramFiles%\WINDOWSAPPS\MICROSOFT.ZUNEVIDEO_10.18061.13911.0_X64__8WEKYB3D8BBWE
 
[?] VCCORLIB140_APP.DLL
     %ProgramFiles%\WINDOWSAPPS\MICROSOFT.VCLIBS.140.00_14.0.25426.0_X64__8WEKYB3D8BBWE
 
[?] VCRUNTIME140_APP.DLL
     %ProgramFiles%\WINDOWSAPPS\MICROSOFT.VCLIBS.140.00_14.0.25426.0_X64__8WEKYB3D8BBWE
 
[?] CONCRT140_APP.DLL
     %ProgramFiles%\WINDOWSAPPS\MICROSOFT.VCLIBS.140.00_14.0.25426.0_X64__8WEKYB3D8BBWE
 
[?] MSVCP140_APP.DLL
     %ProgramFiles%\WINDOWSAPPS\MICROSOFT.VCLIBS.140.00_14.0.25426.0_X64__8WEKYB3D8BBWE
 
[?] ENTCOMMON.DLL
     %ProgramFiles%\WINDOWSAPPS\MICROSOFT.ZUNEVIDEO_10.18061.13911.0_X64__8WEKYB3D8BBWE
 
[?] EntPlat.dll
     %ProgramFiles%\WINDOWSAPPS\MICROSOFT.ZUNEVIDEO_10.18061.13911.0_X64__8WEKYB3D8BBWE
 
[?] SKYPEHOST.EXE
     %ProgramFiles%\WINDOWSAPPS\MICROSOFT.SKYPEAPP_12.1815.210.0_X64__KZF8QXF38ZG5C
 
[?] SKYPEBACKGROUNDTASKS.DLL
     %ProgramFiles%\WINDOWSAPPS\MICROSOFT.SKYPEAPP_12.1815.210.0_X64__KZF8QXF38ZG5C
 
[?] SkyWrap.dll
     %ProgramFiles%\WINDOWSAPPS\MICROSOFT.SKYPEAPP_12.1815.210.0_X64__KZF8QXF38ZG5C
 
[?] skypert.dll
     %ProgramFiles%\WINDOWSAPPS\MICROSOFT.SKYPEAPP_12.1815.210.0_X64__KZF8QXF38ZG5C
 
[?] RTMMVRUAP.DLL
     %ProgramFiles%\WINDOWSAPPS\MICROSOFT.SKYPEAPP_12.1815.210.0_X64__KZF8QXF38ZG5C
 
[?] rtmpal.dll
     %ProgramFiles%\WINDOWSAPPS\MICROSOFT.SKYPEAPP_12.1815.210.0_X64__KZF8QXF38ZG5C
 
[?] RTMCODECS.DLL
     %ProgramFiles%\WINDOWSAPPS\MICROSOFT.SKYPEAPP_12.1815.210.0_X64__KZF8QXF38ZG5C
 
[?] rtmpltfm.dll
     %ProgramFiles%\WINDOWSAPPS\MICROSOFT.SKYPEAPP_12.1815.210.0_X64__KZF8QXF38ZG5C
 
[?] RTMMEDIAMANAGER.DLL
     %ProgramFiles%\WINDOWSAPPS\MICROSOFT.SKYPEAPP_12.1815.210.0_X64__KZF8QXF38ZG5C
 
[?] SSSCREENVVS2.DLL
     %ProgramFiles%\WINDOWSAPPS\MICROSOFT.SKYPEAPP_12.1815.210.0_X64__KZF8QXF38ZG5C
 
[?] IPVANISH.VPNCLIENT.EXE
     %ProgramFiles%\IPVANISH VPN
 
[?] IPVANISH.OPENVPN.EXE
     %ProgramFiles%\IPVANISH VPN\OpenVPN
 
[?] IASTORICON.EXE
     %ProgramFiles%\Intel\INTEL® RAPID STORAGE TECHNOLOGY
 
=== Document Folders ===
 
[?] LIBVNCSERVER (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345
 
[?] LIBVNCSERVER (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345
 
[?] NETCONFIG (2018_04_18 04_11_22 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345
 
[?] NETCONFIG (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345
 
[?] OBJSTORESIZE (2018_04_18 04_11_22 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345
 
[?] OBJSTORESIZE (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345
 
[?] DDSI2 (2018_04_18 04_11_22 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\bin
 
[?] DDSI2 (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\bin
 
[?] DDSI2E (2018_04_18 04_11_22 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\bin
 
[?] DDSI2E (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\bin
 
[?] DURABILITY (2018_04_18 04_11_22 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\bin
 
[?] DURABILITY (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\bin
 
[?] NETWORKING (2018_04_18 04_11_22 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\bin
 
[?] NETWORKING (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\bin
 
[?] OSPL (2018_04_18 04_11_22 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\bin
 
[?] OSPL (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\bin
 
[?] OSPLCTRL (2018_04_18 04_11_22 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\bin
 
[?] OSPLCTRL (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\bin
 
[?] SNETWORKING (2018_04_18 04_11_22 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\bin
 
[?] SNETWORKING (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\bin
 
[?] SPLICED (2018_04_18 04_11_22 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\bin
 
[?] SPLICED (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\bin
 
[?] CMSOAP (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] CMSOAP (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] CMXML (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] CMXML (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] COMMONSERV (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] COMMONSERV (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DCPSGAPI (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DCPSGAPI (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DCPSSAC (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DCPSSAC (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DCPSSACPP (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DCPSSACPP (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSCONF (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSCONF (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSCONFPARSER (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSCONFPARSER (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSDATABASE (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSDATABASE (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSI2 (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSI2 (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSI2E (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSI2E (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSKERNEL (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSKERNEL (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSLOCCOLLECTIONS (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSLOCCOLLECTIONS (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSLOCKERNEL (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSLOCKERNEL (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSLOCMETAMODEL (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSLOCMETAMODEL (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSLOCUTIL (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSLOCUTIL (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSOS (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSOS (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSOSNET (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSOSNET (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSRRSTORAGE (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSRRSTORAGE (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSSERIALIZATION (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSSERIALIZATION (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSUSER (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSUSER (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSUTIL (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DDSUTIL (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DURABILITY (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] DURABILITY (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] LIBEAY32 (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] LIBEAY32 (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] NETWORKING (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] NETWORKING (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] RNR (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] RNR (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] SNETWORKING (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] SNETWORKING (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] SPLICED (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] SPLICED (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345\ospl\lib
 
[?] STARTAPP (2018_04_18 04_11_22 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345
 
[?] STARTAPP (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345
 
[?] VNCBEARER-D (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345
 
[?] VNCBEARER-D (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345
 
[?] VNCCONFIG (2018_04_18 04_11_22 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345
 
[?] VNCCONFIG (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345
 
[?] VNCSERVICE_ENC (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345
 
[?] VNCSERVICE_ENC (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345
 
[?] WEBSOCKETDLL (2018_04_18 04_11_22 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345
 
[?] WEBSOCKETDLL (2018_06_28 06_42_31 UTC).DLL
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345
 
[?] WIN32DIALOG (2018_04_18 04_11_22 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345
 
[?] WIN32DIALOG (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Documents%\JOHN DEERE STICK\V_3.34.1345
 
=== Download Folders ===
 
[?] CORE TEMP.EXE
     [Shawn Reese] %Profile%\DOWNLOADS\CORETEMP64 (2018_07_12 16_37_11 UTC)
 
[?] DNSFIXSETUP.EXE
     [Shawn Reese] %Profile%\DOWNLOADS
 
[?] GLARY_UTILITIES_V5.92.0.114 (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Profile%\DOWNLOADS
 
[?] GPU-Z.2.5.0 (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Profile%\DOWNLOADS
 
[?] IPVANISH-SETUP (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Profile%\DOWNLOADS
 
[?] IPVANISH-SETUP.EXE
     [Shawn Reese] %Profile%\DOWNLOADS
 
[?] NINITE  (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Profile%\DOWNLOADS
 
[?] DCOMBOB (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Profile%\DOWNLOADS\Security
 
[?] GAMECHANGER (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Profile%\DOWNLOADS\Security
 
[?] GIVEMEPOWER V2.1.0.0.EXE
     [Shawn Reese] %Profile%\DOWNLOADS\Security
 
[?] GIVEMEPOWER.EXE
     [Shawn Reese] %Profile%\DOWNLOADS\Security
 
[?] MINITOOLBOX (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Profile%\DOWNLOADS\Security
 
[?] MOUSETRAP (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Profile%\DOWNLOADS\Security
 
[?] SECURABLE (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Profile%\DOWNLOADS\Security
 
[?] SHOOTTHEMESSENGER (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Profile%\DOWNLOADS\Security
 
[?] TWEAKING.COM_SIMPLE_SYSTEM_TWEAKER_SETUP.EXE
     [Shawn Reese] %Profile%\DOWNLOADS\Security
 
[?] TWEAKING.COM_WINDOWS_REPAIR_AIO_SETUP.EXE
     [Shawn Reese] %Profile%\DOWNLOADS\Security
 
[?] WINDIRSTAT1_1_2_SETUP (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Profile%\DOWNLOADS\Security
 
[?] WPSETUP (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Profile%\DOWNLOADS\Security
 
[?] SLIMCLEANER-SETUP (2018_06_28 06_42_31 UTC).EXE
     [Shawn Reese] %Profile%\DOWNLOADS
 
[?] VIDEO-CONVERTER-ULTIMATE_SETUP_FULL495 (2018_07_14 04_57_06 UTC).EXE
     [Shawn Reese] %Profile%\DOWNLOADS
 
===============
 Removed Items 
===============
 
=== Windows User Startup ===
 
[-] WSHELPER.EXE
     %CommonProgramFiles%\WONDERSHARE\WONDERSHARE HELPER COMPACT
     This item was not found as of today.
 
=== Internet Browser Plugins ===
 
[-] Slides
     Google Chrome Browser Extension
     This item was not found as of today.
 
[-] Sheets
     Google Chrome Browser Extension
     This item was not found as of today.
 
[-] Google Docs Offline
     Google Chrome Browser Extension
     This item was not found as of today.
 
[-] CHROME MEDIA ROUTER
     Google Chrome Browser Extension
     This item was not found as of today.
 
[-] POST TO TUMBLR
     Google Chrome Browser Extension
     This item was not found as of 2 days ago.
 
[-] DARK HORIZON
     Google Chrome Browser Extension
     This item was not found as of 2 days ago.
 
=== Installed Applications ===
 
[-] Vulkan Run Time Libraries 1.0.33.0
     LunarG, Inc.
     This item was not found as of today.
 
[-] SmartByte Drivers and Services
     Rivet Networks
     This item was not found as of today.
 
[-] NirSoft IPNetInfo
     NIRSOFT IPNETINFO
     This item was not found as of today.
 
[-] NirSoft Wireless Network Watcher
     NIRSOFT WIRELESS NETWORK WATCHER
     This item was not found as of today.
 
[-] Wondershare Video Converter Ultimate(Build 10.2.6.168)
     Wondershare Software
     This item was not found as of today.
 
[-] Wondershare Helper Compact 2.5.3
     Wondershare
     This item was not found as of today.
 
[-] Duplicate Photo Finder
     Ashisoft
     This item was not found as of today.
 
=== Services & Drivers ===
 
[-] ALSYSIO64.SYS
     %Temp%
     This item was not found as of today.
 
[-] MPKSL581FE857.SYS
     %ProgramData%\MICROSOFT\WINDOWS DEFENDER\DEFINITION UPDATES\{17637EC9-4FD7-4FE5-9ECD-C4CB45EDA72C}
     This item was not found as of today.
 
[-] RNDBWMSERVICE.EXE
     %ProgramFiles%\RIVET NETWORKS\SMARTBYTE
     This item was not found as of today.
 
[-] SMARTBYTENETWORKSERVICE.EXE
     %ProgramFiles%\RIVET NETWORKS\SMARTBYTE
     This item was not found as of today.
 
[-] DRIVERINSTALL.EXE
     %ProgramFiles%\WONDERSHARE\WONDERSHARE VIDEO CONVERTER ULTIMATE\TRANSFER
     This item was not found as of today.
 
=== Classes (CLSIDs) ===
 
[-] KILLERNETWORKSERVICEPS.DLL
     %ProgramFiles%\RIVET NETWORKS\SMARTBYTE
     This item was not found as of today.
 
[-] SMARTBYTENETWORKSERVICE.EXE
     %ProgramFiles%\RIVET NETWORKS\SMARTBYTE
     This item was not found as of today.
 
[-] AC3FILTER.AX
     %ProgramFiles%\WONDERSHARE\WONDERSHARE VIDEO CONVERTER ULTIMATE
     This item was not found as of today.
 
[-] SCREENCAPTUREFILTER.AX
     %ProgramFiles%\WONDERSHARE\WONDERSHARE VIDEO CONVERTER ULTIMATE
     This item was not found as of today.
 
[-] LAVSPLITTER.AX
     %ProgramFiles%\WONDERSHARE\WONDERSHARE VIDEO CONVERTER ULTIMATE
     This item was not found as of today.
 
[-] CFDECODE2.AX
     %ProgramFiles%\WONDERSHARE\WONDERSHARE VIDEO CONVERTER ULTIMATE
     This item was not found as of today.
 
[-] WSHELPER.EXE
     %CommonProgramFiles%\WONDERSHARE\WONDERSHARE HELPER COMPACT
     This item was not found as of today.
 
[-] URLREQSERVICE.EXE
     %ProgramFiles%\WONDERSHARE\WONDERSHARE VIDEO CONVERTER ULTIMATE\DOWNLOADRES
     This item was not found as of today.
 
[-] VIDEOTOIMAGES.EXE
     %ProgramFiles%\WONDERSHARE\WONDERSHARE VIDEO CONVERTER ULTIMATE
     This item was not found as of today.
 
=== Desktop, Start & Taskbar ===
 
[-] SUPERANTISPYWARE.EXE
     %Desktop%
     This item was not found as of today.
 
[-] SECURITYCHECK.EXE
     %Desktop%
     This item was not found as of today.
 
[-] VIDEOCONVERTERULTIMATE.EXE
     %ProgramFiles%\WONDERSHARE\WONDERSHARE VIDEO CONVERTER ULTIMATE
     This item was not found as of today.
 
[-] IPNETINFO.EXE
     %ProgramFiles%\NIRSOFT\IPNETINFO
     This item was not found as of today.
 
[-] UNINST.EXE
     %ProgramFiles%\NIRSOFT\IPNETINFO
     This item was not found as of today.
 
[-] UNINST.EXE
     %ProgramFiles%\NIRSOFT\WIRELESS NETWORK WATCHER
     This item was not found as of today.
 
[-] WNETWATCHER.EXE
     %ProgramFiles%\NIRSOFT\WIRELESS NETWORK WATCHER
     This item was not found as of today.
 
=== Application Data Folders ===
 
[-] MPENGINE.DLL
     %ProgramData%\MICROSOFT\WINDOWS DEFENDER\DEFINITION UPDATES\{C275D258-30C5-48AF-820D-B28AA44479FF}
     This item was not found as of today.
 
[-] MPENGINE.DLL
     %ProgramData%\MICROSOFT\WINDOWS DEFENDER\DEFINITION UPDATES\{17637EC9-4FD7-4FE5-9ECD-C4CB45EDA72C}
     This item was not found as of today.
 
[-] LOCALHASHDBUPDATER.EXE
     %ProgramData%\SUPPORTASSIST\Client\SRE\LocalDB
     This item was not found as of today.
 
[-] DVDTEMPLATEINSTALL.EXE
     %ProgramData%\WONDERSHARE\VIDEO CONVERTER ULTIMATE
     This item was not found as of today.
 
=== Temporary Folders ===
 
[-] AU_.EXE
     %Temp%\~NSUA.TMP
     This item was not found as of today.
 
[-] NIRCMDC.EXE
     %Temp%\jrt\nfo
     This item was not found as of today.
 
[-] OBJLIST.EXE
     %Temp%\RarSFX1\SECURITYCHECK
     This item was not found as of today.
 
[-] CMDINFO.EXE
     %Temp%\RarSFX1\SECURITYCHECK\Other
     This item was not found as of today.
 
[-] NIRCMDC.EXE
     %Temp%\RarSFX1\SECURITYCHECK\Other
     This item was not found as of today.
 
[-] SED.EXE
     %Temp%\RarSFX1\SECURITYCHECK\Other
     This item was not found as of today.
 
[-] SWREG.EXE
     %Temp%\RarSFX1\SECURITYCHECK\Other
     This item was not found as of today.
 
[-] RUNPROCESSES.EXE
     %Temp%\RarSFX1\SECURITYCHECK
     This item was not found as of today.
 
[-] AU_.EXE
     %Temp%\~NSU.TMP
     This item was not found as of today.
 
=== Windows Task Scheduler ===
 
[-] SMARTBYTETELEMETRY.EXE
     %ProgramFiles%\RIVET NETWORKS\SMARTBYTE
     This item was not found as of today.
 
=== Download Folders ===
 
[-] FRST64 (2018_07_09 02_59_58 UTC).EXE
     %Profile%\DOWNLOADS\FRST-OLDERVERSION
     This item was not found as of today.
 
[-] PAEXEC.EXE
     %Profile%\DOWNLOADS\SECURITY\DATA
     This item was not found as of today.
 
[-] DDS.COM
     %Profile%\DOWNLOADS\Security
     This item was not found as of today.
 
[-] FRST64 (2018_07_09 02_59_58 UTC).EXE
     %Profile%\DOWNLOADS\Security
     This item was not found as of today.
 
[-] SECURITYCHECK (2018_06_28 06_42_31 UTC).EXE
     %Profile%\DOWNLOADS\Security
     This item was not found as of today.
 
[-] SECURITYPROCESSEXPLORERSETUP (2018_06_28 06_42_31 UTC) (2018_07_23 15_07_26 UTC).EXE
     %Profile%\DOWNLOADS\Security
     This item was not found as of today.
 
[-] UCHECK_SETUP.EXE
     %Profile%\DOWNLOADS\Security
     This item was not found as of today.
 
===============
 End of Report 
===============


#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,476 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:33 PM

Posted 31 July 2018 - 07:26 AM

Hi,

There is nothing to worry about.

All the items unknown items are safe.
You can check the folders were they are located
ie.

DOWLOADS
JOHN DEERE STICK

ETC...


The items in the \Temp folders were deleted.

#5 spoonman21

spoonman21
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Minnesota
  • Local time:10:33 PM

Posted 31 July 2018 - 09:07 AM

No kidding,

 

I am very sorry for wasting your time.  I sincerely do apologize for any inconvenience.   



#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,476 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:33 PM

Posted 31 July 2018 - 10:31 AM

Hi,

Glad we could help.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users