Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. I'm sorry but we will not actively assist users in pirating software. Please contact Microsoft to obtain a legal license for the product and they will assist you in cleaning up the operating system. https://www.microsoft.com/en-us/p/windows-10-home/d76qx4bznwk4/1NT3 Thank you
  3. Thank you for this problem my issue has been solved,.....
  4. To add to my last post. I signed up with my real name just now but I can't remember if I used my real name when I purchased MB Pro. Back in those days I would sometimes use a phony surname for online digital purchases, with pre-paid gift credit cards. It was such a long time ago.
  5. I signed up as suggested. Entered my license key and i.d and received a message saying that the license is already registered. Yeh, it's registered to me! So frustrated with MB rite now! As a long term MB user, Update 3.7.1 is the worst I've come across because of this activation issue. It's Easter long weekend and I got better things to be doing. I'm guessing that the email address I used when I purchased lifetime MB Pro many years ago may have something to do with it, as it's not the same as the one I'm using now. I don't know? This is even more outrageous then the BSOD's, freezes, lock-ups and crashes I've endured over the MB journey. Are there any MB staff members that can help me with this?
  6. Hello, Please follow this topic and post the required logs. https://forums.malwarebytes.com/topic/9573-im-infected-what-do-i-do-now/
  7. opps I failed to read the FAQ, and see that in 3.0, they were in fact combined. sorry for the misinformed post thank you
  8. Hello @sir9bob and Please run the following for me and attach all logs. Copy/Paste to the forum does not always translate the logs properly. Please run the following steps and post back the logs as an attachment when ready. STEP 01 If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. If you don't have Malwarebytes 3 installed yet please download it from here and install it. Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply. If Malwarebytes won't run then please skip to the next step and let me know on your next reply. STEP 02 Please download AdwCleaner by Malwarebytes and save the file to your Desktop. Right-click on the program and select Run as Administrator to start the tool. Accept the Terms of use. Wait until the database is updated. Click Scan Now. When finished, please click Clean & Repair. Your PC should reboot now if any items were found. After reboot, a log file will be opened. Copy its content into your next reply. RESTART THE COMPUTER Before running Step 3 STEP 03 Please download the Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens, click Yes to disclaimer. Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here. Please attach the Additions.txt log to your reply as well. Thanks Ron
  9. Today
  10. ***This is an automated reply*** Hi, Thanks for posting in the Malwarebytes 3 Help forum. If you are having technical issues with our Windows product, please do the following: If you are having licensing issues, please do the following: Thanks in advance for your patience. -The Malwarebytes Forum Team
  11. Hi recently bought a new pc. Installed Premium, working well. from my last invoice for renewal, I see separation of pricing, and just wanted to confirm, Once Premium is installed, there is no additional install for the anti exploit feature. Do I understand this correctly? thank you
  12. Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks
  13. Great, thank you for the follow-up reply @Nazim Glad to hear all is working well. I'll go ahead and close your topic. Have a great weekend. Ron
  14. Hello, I will be sending you a PM.
  15. Hi. Please review the block for rebrand.ly. Thanks.
  16. https://www.navyfederal.org/resources/articles/security/steer-clear-of-online-scams.php?cmpid=em|nl|resources|articles|security|steer/ clear of online scams|04/19/2019|31689|A2|cb1.3 https://www.navyfederal.org/resources/articles/student-loans/debunking-student-loan-myths.php?cmpid=em|nl||resources|articles|debunking/ student loan myths|04/19/2019|31689|A2|cb2.3 https://www.navyfederal.org/resources/articles/home-loans/what_to_look_for_in_a_real_estate_agent.php?cmpid=em|nl||resources|articles|what/ to look for in a real estate agent|04/19/2019|31689|A2|cb4.3
  17. There are certain situations where a user might need to temporarily disable a protection layer because it's causing issues with their system, such as putting too much strain on system resources in the case of Ransomware Protection (especially on older computers like mine). However, having to turn that protection layer back on afterwards, sometimes a user can forget to do that, or they might be away from their computer for longer than they expect, leaving their system vulnerable in that time. As such, it would be appreciated if users could pause a real-time protection layer, and have it unpause automatically after a certain amount of time, when certain conditions are met, or both. Additionally, a user could configure rules to prohibit pausing a protection layer under certain conditions, or automatically pause it under other conditions. I'd appreciate some feedback on this idea.
  18. The one type of exclusion that Malwarebytes doesn't seem to allow users to configure is Registry exclusions, be it individual settings or entire keys. In particular, ForceActiveDesktopOn keeps getting quarantined by Malwarebytes, but I need Active Desktop in order for certain software I use to work, for example DOSBox (don't ask me why DOSBox requires Active Desktop, but there's an unofficial patch being made which removes that dependency). Could the option to add Registry exclusions to Malwarebytes be added in the future?
  19. ***This is an automated reply*** Hi, Thanks for posting in the Malwarebytes 3 Help forum. If you are having technical issues with our Windows product, please do the following: If you are having licensing issues, please do the following: Thanks in advance for your patience. -The Malwarebytes Forum Team
  20. Windows 10 update Kb4493509, I was running a scan malwarebytes. And my system froze, Is there any Issues with the resent Windows 10 update Kb4493509. Please don't come back and say there Is no Issues, because this has happened on a few occasions now. Is there a fix?
  21. Here are the log files Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18.04.2019 Ran by Owner (19-04-2019 08:11:53) Running from C:\Users\Owner\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads Windows 10 Home Version 1803 17134.706 (X64) (2019-03-30 08:36:26) Boot Mode: Safe Mode (with Networking) ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1153435190-900947857-1343882119-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1153435190-900947857-1343882119-503 - Limited - Disabled) defaultuser0 (S-1-5-21-1153435190-900947857-1343882119-1000 - Limited - Enabled) => C:\Users\defaultuser0 Guest (S-1-5-21-1153435190-900947857-1343882119-501 - Limited - Disabled) Owner (S-1-5-21-1153435190-900947857-1343882119-1001 - Administrator - Enabled) => C:\Users\Owner WDAGUtilityAccount (S-1-5-21-1153435190-900947857-1343882119-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Audition CC 2019 (HKLM-x32\...\AUDT_12_0_1) (Version: 12.0.1 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.8.1.435 - Adobe Systems Incorporated) BEHRINGER USB AUDIO DRIVER (HKLM\...\USB_AUDIO_DEusb-audio.deBehringer2902) (Version: - ) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender) ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.) Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes) Microsoft OneDrive (HKU\S-1-5-21-1153435190-900947857-1343882119-1001\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8142 - Realtek Semiconductor Corp.) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1153435190-900947857-1343882119-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-813CB5835A7A} -> [Creative Cloud Files] => C:\Users\Owner\Creative Cloud Files [2019-04-02 08:40] CustomCLSID: HKU\S-1-5-21-1153435190-900947857-1343882119-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [1999-12-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> ) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {123D0655-6FEF-4B5C-986B-AF2840ACD725} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {19D2EDF3-E8A8-4CBF-944F-10DD20358A1B} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe (Bitdefender SRL -> Bitdefender) Task: {320548AF-ADC5-426B-A595-FEF7F40ED4B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {36E65074-D9E3-4A32-9AD9-8653EC350045} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-jeremysherwood885@outlook.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) Task: {6CC2B409-B103-415E-B1FA-D0ABCEDE3249} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {E99C28E1-8063-45F7-8DB9-00312670DA05} - System32\Tasks\S-1-5-21-1153435190-900947857-1343882119-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation) Task: {F5DCC4C5-CB6B-44E0-8315-C9818C152543} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures Task: {FDDCE6B8-F8DD-4BBD-844D-1E116B9EAA08} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-03-30 02:06 - 2019-03-30 02:04 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1153435190-900947857-1343882119-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.20.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 02-04-2019 01:46:17 Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 19-04-2019 03:18:15 Windows Update ==================== Faulty Device Manager Devices ============= Name: Intel(R) Display Audio Description: Intel(R) Display Audio Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Intel(R) Corporation Service: IntcDAud Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: Realtek High Definition Audio Description: Realtek High Definition Audio Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Service: IntcAzAudAddService Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Event log errors: ========================= Application errors: ================== Error: (04/19/2019 03:35:58 AM) (Source: MsiInstaller) (EventID: 11935) (User: NT AUTHORITY) Description: Product: Microsoft Visual C++ 2005 Redistributable (x64) -- Error 1935.An error occurred during the installation of assembly 'Microsoft.VC80.CRT,type="win32",version="8.0.50727.6195",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="amd64"'. Please refer to Help and Support for more information. HRESULT: 0x80073715. assembly interface: IAssemblyCacheItem, function: Commit, component: {844EFBA7-1C24-93B2-A01F-C8B3B9A1E18E} Error: (04/13/2019 09:41:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.17134.1, time stamp: 0x5ace103a Faulting module name: msvcrt.dll, version: 7.0.17134.1, time stamp: 0x5cbba6fd Exception code: 0x40000015 Fault offset: 0x000000000000add2 Faulting process id: 0x1634 Faulting application start time: 0x01d4f27c24c8bff1 Faulting application path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Faulting module path: C:\WINDOWS\System32\msvcrt.dll Report Id: 426a6cc8-4107-4063-8a11-257fc61cb22e Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.17134.112_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: App Error: (04/13/2019 08:35:18 PM) (Source: COM) (EventID: 10031) (User: ) Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected Error: (04/13/2019 08:35:18 PM) (Source: COM) (EventID: 10031) (User: ) Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {95CABCC9-BC57-4C12-B8DF-BA193232AA01} was rejected Error: (04/13/2019 08:25:48 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program explorer.exe version 10.0.17134.677 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: a8c Start Time: 01d4e93bbefca08f Termination Time: 0 Application Path: C:\Windows\explorer.exe Report Id: 1d195e97-2a63-4567-aeff-8f8ab5bf9f82 Faulting package full name: Faulting package-relative application ID: Error: (04/12/2019 10:59:12 PM) (Source: COM) (EventID: 10031) (User: ) Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected Error: (04/12/2019 10:59:12 PM) (Source: COM) (EventID: 10031) (User: ) Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected Error: (04/02/2019 11:55:34 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Adobe Audition CC.exe version 12.0.1.34 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 2d28 Start Time: 01d4e9e7d71126a6 Termination Time: 4294967295 Application Path: C:\Program Files\Adobe\Adobe Audition CC 2019\Adobe Audition CC.exe Report Id: b51ab852-6a1b-4264-8a74-1fc0542699e9 Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (04/19/2019 08:12:56 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1084" attempting to start the service EventSystem with arguments "Unavailable" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (04/19/2019 08:10:20 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-JVDR68A) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (04/19/2019 08:07:59 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-JVDR68A) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (04/19/2019 08:07:54 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-JVDR68A) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (04/19/2019 08:07:49 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-JVDR68A) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (04/19/2019 08:07:44 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-JVDR68A) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (04/19/2019 08:07:39 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-JVDR68A) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (04/19/2019 08:07:34 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-JVDR68A) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} Windows Defender: =================================== Date: 2019-04-13 22:05:53.963 Description: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe has been blocked from modifying %userprofile%\Documents by Controlled Folder Access. Detection time: 2019-04-14T05:05:53.962Z Path: %userprofile%\Documents Process Name: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe Signature Version: 1.291.972.0 Engine Version: 1.1.15800.1 Product Version: 4.18.1902.2 Date: 2019-04-13 21:52:39.301 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {96189AAA-B92F-4D2A-9339-80CC1C60D2F5} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-04-13 20:35:42.817 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {674EC754-6EB6-4C2F-832A-A9F732586090} Scan Type: Antimalware Scan Parameters: Full Scan Date: 2019-04-02 10:14:08.542 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {DADEDC94-E0DC-44A8-9E59-C95232E47BF4} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-04-02 09:23:47.302 Description: C:\Program Files\Adobe\Adobe Audition CC 2019\Adobe Audition CC.exe has been blocked from modifying %userprofile%\Documents by Controlled Folder Access. Detection time: 2019-04-02T16:23:47.302Z Path: %userprofile%\Documents Process Name: C:\Program Files\Adobe\Adobe Audition CC 2019\Adobe Audition CC.exe Signature Version: 1.291.972.0 Engine Version: 1.1.15800.1 Product Version: 4.18.1902.2 Date: 2019-04-19 07:51:47.925 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.291.2275.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15800.1 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode Date: 2019-04-19 07:41:35.343 Description: Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. Date: 2019-04-19 01:52:46.902 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.291.2168.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15800.1 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode Date: 2019-04-19 01:42:29.621 Description: Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x8007043c Error description: This service cannot be started in Safe Mode Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. Date: 2019-04-17 23:01:15.950 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.291.2168.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15800.1 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz Percentage of memory in use: 62% Total physical RAM: 6024.27 MB Available physical RAM: 2244.7 MB Total Virtual: 6984.27 MB Available Virtual: 3380.57 MB ==================== Drives ================================ Drive 😄 (Acer) (Fixed) (Total:914.69 GB) (Free:841.13 GB) NTFS Drive f: () (Removable) (Total:14.96 GB) (Free:13.33 GB) FAT32 \\?\Volume{37d72136-1102-4fa9-882a-6aaf474e7c4f}\ (Recovery) (Fixed) (Total:0.39 GB) (Free:0.14 GB) NTFS \\?\Volume{5d1c42d9-1ba5-48a0-8652-ba2fd211f19d}\ (Push Button Reset) (Fixed) (Total:16.01 GB) (Free:1.04 GB) NTFS \\?\Volume{6ba71b48-7f86-41ac-9158-b7b91f0b2411}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: EB47F973) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 15 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=15 GB) - (Type=0C) ==================== End of Addition.txt ============================ Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18.04.2019 Ran by Owner (administrator) on DESKTOP-JVDR68A (19-04-2019 08:07:24) Running from C:\Users\Owner\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads Loaded Profiles: Owner (Available Profiles: defaultuser0 & Owner) Platform: Windows 10 Home Version 1803 17134.706 (X64) Language: English (United States) Default browser: Edge Boot Mode: Safe Mode (with Networking) Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) Failed to access process -> csrss.exe Failed to access process -> csrss.exe Failed to access process -> fontdrvhost.exe Failed to access process -> fontdrvhost.exe Failed to access process -> dwm.exe (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1903.4-0\MsMpEng.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe Failed to access process -> WmiPrvSE.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe () [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PickerHost.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-12] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18371072 2017-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410960 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.) HKU\S-1-5-21-1153435190-900947857-1343882119-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410960 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.20.1 Tcpip\..\Interfaces\{6cb70d36-2959-4617-9874-f53088493957}: [DhcpNameServer] 192.168.20.1 Internet Explorer: ================== FireFox: ======== FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems) ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.) S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) S2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-12] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) S2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [356336 1999-12-31] (Intel(R) pGFX -> Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) S2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1293936 2018-11-15] (Bitdefender SRL -> Bitdefender) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\NisSrv.exe [3856504 2019-04-17] (Microsoft Corporation -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MsMpEng.exe [113992 2019-04-17] (Microsoft Corporation -> Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4318648 2016-08-28] (Qualcomm Atheros -> Qualcomm Atheros Communications, Inc.) S3 b57xdbd; C:\WINDOWS\System32\drivers\b57xdbd.sys [72912 2013-07-10] (Broadcom Corporation -> Broadcom Corporation) S3 b57xdmp; C:\WINDOWS\System32\drivers\b57xdmp.sys [25296 2013-07-10] (Broadcom Corporation -> Broadcom Corporation) S3 BEHRINGER_2902; C:\WINDOWS\System32\Drivers\BUSB2902.sys [460864 2009-10-30] (Ploytec GmbH -> BEHRINGER) S3 bScsiMSa; C:\WINDOWS\System32\drivers\bScsiMSa.sys [59088 2013-07-23] (Broadcom Corporation -> Broadcom Corporation) R3 bScsiSDa; C:\WINDOWS\System32\drivers\bScsiSDa.sys [99560 2015-09-27] (Broadcom Corporation -> Broadcom Corporation) S3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros) S3 BUSB_AUDIO_WDM; C:\WINDOWS\system32\drivers\busbwdm.sys [49728 2009-10-30] (Ploytec GmbH -> BEHRINGER) S3 dc3d; C:\WINDOWS\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation) S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [131712 2017-01-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 FlashUSB; C:\WINDOWS\System32\drivers\FlashUSB.sys [19968 2014-12-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Mobile Communications) S3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated -> Acer Incorporated) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-04-19] (Malwarebytes Corporation -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-04-19] (Malwarebytes Corporation -> Malwarebytes) R3 MEIx64; C:\WINDOWS\System32\drivers\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) S3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated -> Acer Incorporated) S3 shspusb; C:\WINDOWS\System32\drivers\HSPUSB.sys [24064 2014-12-02] (Microsoft Windows Hardware Compatibility Publisher -> MobileTop) S3 sscdserd; C:\WINDOWS\System32\drivers\sscdserd.sys [158024 2014-12-02] (MCCI Corporation -> MCCI Corporation) S3 ssceserd; C:\WINDOWS\System32\drivers\ssceserd.sys [158024 2014-12-02] (MCCI Corporation -> MCCI Corporation) S3 ssdudfu; C:\WINDOWS\System32\drivers\ssdudfu.sys [101960 2014-12-02] (MCCI Corporation -> MCCI) S3 ssm_bus; C:\WINDOWS\System32\drivers\ssm_bus.sys [136192 2014-12-02] (MCCI Corporation -> MCCI Corporation) S3 ssm_mdm; C:\WINDOWS\System32\drivers\ssm_mdm.sys [172032 2014-12-02] (MCCI Corporation -> MCCI Corporation) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2017-01-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2017-01-15] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated) S3 ss_bserd; C:\WINDOWS\System32\drivers\ss_bserd.sys [128000 2014-12-02] (MCCI Corporation -> MCCI Corporation) S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [43648 2017-01-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-04-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [343520 2019-04-17] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [68576 2019-04-17] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-04-19 07:41 - 2019-04-19 07:41 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2019-04-19 03:41 - 2019-04-02 01:21 - 007520136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-04-19 03:41 - 2019-04-02 01:01 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-04-19 03:41 - 2019-04-01 22:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-04-19 03:40 - 2019-04-02 05:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2019-04-19 03:40 - 2019-04-02 05:33 - 001634912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-04-19 03:40 - 2019-04-02 05:33 - 000719984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2019-04-19 03:40 - 2019-04-02 05:19 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-04-19 03:40 - 2019-04-02 05:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2019-04-19 03:40 - 2019-04-02 05:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll 2019-04-19 03:40 - 2019-04-02 05:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll 2019-04-19 03:40 - 2019-04-02 05:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll 2019-04-19 03:40 - 2019-04-02 05:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2019-04-19 03:40 - 2019-04-02 05:12 - 003643904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-04-19 03:40 - 2019-04-02 05:12 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2019-04-19 03:40 - 2019-04-02 05:11 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2019-04-19 03:40 - 2019-04-02 05:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2019-04-19 03:40 - 2019-04-02 05:11 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-04-19 03:40 - 2019-04-02 05:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys 2019-04-19 03:40 - 2019-04-02 05:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll 2019-04-19 03:40 - 2019-04-02 02:25 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-04-19 03:40 - 2019-04-02 02:25 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2019-04-19 03:40 - 2019-04-02 02:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-04-19 03:40 - 2019-04-02 02:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll 2019-04-19 03:40 - 2019-04-02 02:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll 2019-04-19 03:40 - 2019-04-02 02:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-04-19 03:40 - 2019-04-02 02:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2019-04-19 03:40 - 2019-04-02 02:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2019-04-19 03:40 - 2019-04-02 02:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2019-04-19 03:40 - 2019-04-02 01:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-04-19 03:40 - 2019-04-02 01:24 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2019-04-19 03:40 - 2019-04-02 01:23 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-04-19 03:40 - 2019-04-02 01:22 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-04-19 03:40 - 2019-04-02 01:22 - 000567592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-04-19 03:40 - 2019-04-02 01:22 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2019-04-19 03:40 - 2019-04-02 01:21 - 002822160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2019-04-19 03:40 - 2019-04-02 01:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-04-19 03:40 - 2019-04-02 01:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2019-04-19 03:40 - 2019-04-02 01:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2019-04-19 03:40 - 2019-04-02 01:20 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2019-04-19 03:40 - 2019-04-02 01:19 - 009083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-04-19 03:40 - 2019-04-02 01:19 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2019-04-19 03:40 - 2019-04-02 01:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2019-04-19 03:40 - 2019-04-02 01:19 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2019-04-19 03:40 - 2019-04-02 00:53 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-04-19 03:40 - 2019-04-02 00:53 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-04-19 03:40 - 2019-04-02 00:51 - 003399680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-04-19 03:40 - 2019-04-02 00:50 - 007591936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-04-19 03:40 - 2019-04-02 00:50 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-04-19 03:40 - 2019-04-02 00:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2019-04-19 03:40 - 2019-04-02 00:49 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2019-04-19 03:40 - 2019-04-02 00:48 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-04-19 03:40 - 2019-04-02 00:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2019-04-19 03:40 - 2019-04-02 00:48 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-04-19 03:40 - 2019-04-02 00:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2019-04-19 03:40 - 2019-04-02 00:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-04-19 03:40 - 2019-04-02 00:46 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-04-19 03:40 - 2019-04-02 00:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2019-04-19 03:40 - 2019-04-02 00:44 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-04-19 03:40 - 2019-04-02 00:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll 2019-04-19 03:40 - 2019-04-02 00:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll 2019-04-19 03:40 - 2019-04-02 00:43 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-04-19 03:40 - 2019-04-01 23:22 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim 2019-04-19 03:40 - 2019-04-01 22:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-04-19 03:40 - 2019-04-01 22:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2019-04-19 03:40 - 2019-04-01 22:04 - 000581832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll 2019-04-19 03:40 - 2019-04-01 22:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2019-04-19 03:40 - 2019-04-01 21:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-04-19 03:40 - 2019-04-01 21:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-04-19 03:40 - 2019-04-01 21:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-04-19 03:40 - 2019-04-01 21:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-04-19 03:40 - 2019-04-01 21:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-04-19 03:40 - 2019-04-01 21:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2019-04-19 03:40 - 2019-04-01 21:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll 2019-04-19 03:40 - 2019-04-01 21:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll 2019-04-19 03:40 - 2019-04-01 21:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2019-04-19 03:40 - 2019-04-01 21:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2019-04-19 03:40 - 2019-04-01 21:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-04-19 03:40 - 2019-03-16 05:54 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll 2019-04-19 03:40 - 2019-03-16 02:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll 2019-04-19 03:40 - 2019-03-13 18:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2019-04-19 03:40 - 2019-03-13 18:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll 2019-04-19 03:40 - 2019-03-13 18:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll 2019-04-19 03:40 - 2019-03-13 18:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-04-19 03:40 - 2019-03-13 18:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2019-04-19 01:37 - 2019-04-19 01:37 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC 2019-04-19 01:37 - 2019-04-19 01:37 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2019-04-17 22:47 - 2019-04-19 07:41 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2019-04-17 22:47 - 2019-04-17 22:47 - 000000000 ____D C:\Users\Owner\AppData\Local\mbamtray 2019-04-17 22:47 - 2019-04-17 22:47 - 000000000 ____D C:\Users\Owner\AppData\Local\mbam 2019-04-17 22:46 - 2019-04-17 22:46 - 000001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-04-17 22:46 - 2019-04-17 22:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-04-17 22:46 - 2019-04-17 22:46 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-04-17 22:46 - 2019-04-17 22:46 - 000000000 ____D C:\Program Files\Malwarebytes 2019-04-17 22:46 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2019-04-17 22:46 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2019-04-17 22:43 - 2019-04-17 22:43 - 004326427 _____ C:\Users\Owner\Downloads\Malwarebytes User Guide.pdf 2019-04-13 23:02 - 2019-04-19 07:40 - 078118912 _____ C:\WINDOWS\system32\config\SOFTWARE 2019-04-13 22:05 - 2019-04-13 22:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-1153435190-900947857-1343882119-1001 2019-04-13 21:39 - 2019-04-19 05:08 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK 2019-04-13 21:37 - 2019-04-13 23:02 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2019-04-13 17:18 - 2019-04-13 20:04 - 000000000 ____D C:\Users\Owner\Desktop\audit,poss 2019-04-03 05:57 - 2019-04-03 05:57 - 039762840 _____ C:\Users\Owner\Documents\bassln.wav 2019-04-03 05:57 - 2019-04-03 05:57 - 000621260 _____ C:\Users\Owner\Documents\bassln.pkf 2019-04-03 05:49 - 2019-04-03 05:49 - 104422800 _____ C:\Users\Owner\Documents\newsong.wav 2019-04-03 05:49 - 2019-04-03 05:49 - 001631540 _____ C:\Users\Owner\Documents\newsong.pkf 2019-04-03 05:30 - 2019-04-03 05:30 - 084737424 _____ C:\Users\Owner\Documents\gut2sw.wav 2019-04-03 05:30 - 2019-04-03 05:30 - 001323956 _____ C:\Users\Owner\Documents\gut2sw.pkf 2019-04-02 23:19 - 2019-04-02 23:19 - 000000000 ____D C:\Users\Owner\AppData\Local\D3DSCache 2019-04-02 10:36 - 2019-04-02 18:55 - 082712974 _____ C:\Users\Owner\Documents\switchright.wav 2019-04-02 10:36 - 2019-04-02 18:55 - 001292348 _____ C:\Users\Owner\Documents\switchright.pkf 2019-04-02 10:06 - 2019-04-02 10:06 - 001284172 _____ C:\Users\Owner\Documents\switcharmonic.pkf 2019-04-02 09:05 - 2019-04-02 09:05 - 000001119 _____ C:\ulog_HeadlightsCC_AppCrash__e5c93a36-dccf-4e06-bbe6-316d7b11a634_0.xml 2019-04-02 08:40 - 2019-04-13 22:05 - 000000000 ___RD C:\Users\Owner\Creative Cloud Files 2019-04-02 02:30 - 2019-04-02 10:06 - 082190190 _____ C:\Users\Owner\Documents\switcharmonic.wav 2019-04-02 02:17 - 2019-04-02 02:17 - 000003730 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-jeremysherwood885@outlook.com 2019-04-02 02:11 - 2019-04-02 02:11 - 000000000 ____D C:\Users\Owner\AppData\Local\CEF 2019-04-02 02:10 - 2019-04-02 02:10 - 000001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2019.lnk 2019-04-02 02:10 - 2019-04-02 02:10 - 000000000 ____D C:\Program Files\Common Files\Adobe 2019-04-02 02:05 - 2019-04-02 02:10 - 000000000 ____D C:\Program Files\Adobe 2019-04-02 01:56 - 2019-04-02 08:40 - 000000000 ____D C:\ProgramData\Adobe 2019-04-02 01:56 - 2019-04-02 01:56 - 000001410 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2019-04-02 01:56 - 2019-04-02 01:56 - 000001398 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2019-04-02 01:44 - 2019-04-02 01:47 - 000000000 ____D C:\ProgramData\Package Cache 2019-04-02 01:40 - 2019-04-02 02:03 - 000000000 ____D C:\Program Files (x86)\Adobe 2019-04-02 01:40 - 2019-04-02 01:40 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1153435190-900947857-1343882119-1001 2019-04-02 01:35 - 2019-04-13 22:05 - 000000000 ____D C:\Users\Owner\AppData\Local\Adobe 2019-04-02 00:28 - 2019-04-02 00:28 - 000249327 _____ C:\Users\Owner\Downloads\AdExplorer.zip 2019-04-02 00:21 - 2019-04-02 00:21 - 001640992 _____ C:\Users\Owner\Downloads\Autoruns.zip 2019-04-02 00:20 - 2019-04-02 00:23 - 025511363 _____ C:\Users\Owner\Downloads\SysinternalsSuite.zip 2019-04-01 01:20 - 2019-04-19 08:07 - 000000000 ____D C:\FRST 2019-04-01 01:20 - 2019-04-01 01:20 - 000003802 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 2019-03-31 17:36 - 2019-03-31 18:51 - 000000000 ____D C:\Program Files\Bitdefender Agent 2019-03-31 17:36 - 2019-03-31 17:36 - 000103940 _____ C:\ProgramData\agent.1554078996.bdinstall.v2.bin 2019-03-31 17:36 - 2019-03-31 17:36 - 000000000 ____D C:\ProgramData\Bitdefender Agent 2019-03-30 10:53 - 2019-03-30 10:58 - 872415232 _____ C:\Users\Owner\Downloads\bitdefender-rescue-cd.iso 2019-03-30 10:53 - 2019-03-30 10:53 - 003990528 _____ C:\Users\Owner\Downloads\stickifier.exe 2019-03-30 10:51 - 2019-03-30 10:51 - 000066216 _____ C:\Users\Owner\Downloads\stickifier-src.zip 2019-03-30 09:36 - 2019-04-19 08:04 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2019-03-30 09:36 - 2019-04-19 07:46 - 001489348 _____ C:\WINDOWS\ntbtlog.txt 2019-03-30 09:01 - 2019-04-19 03:40 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-03-30 09:01 - 2019-04-19 03:37 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-03-30 08:59 - 2019-04-19 03:20 - 000000000 ____D C:\Program Files\rempl 2019-03-30 08:59 - 2019-03-30 08:59 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2019-03-30 08:59 - 2019-03-30 08:59 - 000000000 ____D C:\Users\Owner\AppData\Local\DBG 2019-03-30 08:59 - 2019-03-30 08:55 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2019-03-30 08:56 - 2019-03-30 08:56 - 000000000 ____D C:\Users\Owner\AppData\Local\PlaceholderTileLogoFolder 2019-03-30 02:28 - 2019-04-02 01:45 - 000000000 ____D C:\WINDOWS\usb-audio.deBehringer2902 2019-03-30 02:28 - 2009-10-30 13:39 - 000460864 _____ (BEHRINGER) C:\WINDOWS\system32\Drivers\BUSB2902.sys 2019-03-30 02:28 - 2009-10-30 13:39 - 000049728 _____ (BEHRINGER) C:\WINDOWS\system32\Drivers\busbwdm.sys 2019-03-30 02:26 - 2019-03-30 02:26 - 000000000 ____D C:\Users\Owner\Downloads\BEHRINGER_2902_X64_2.8.40 2019-03-30 02:20 - 2019-03-30 02:20 - 000000000 ____D C:\WINDOWS\InfusedApps 2019-03-30 02:19 - 2019-04-03 05:39 - 000000000 ____D C:\Windows.old 2019-03-30 02:19 - 2019-03-30 02:19 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2019-03-30 02:17 - 2019-03-30 02:17 - 000000000 ____D C:\Program Files\Elantech 2019-03-30 02:16 - 2019-03-30 02:16 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2019-03-30 02:15 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\Setup 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\zu-ZA 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\yo-NG 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\xh-ZA 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\wo-SN 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\tn-ZA 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\ti-ET 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\rw-RW 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\nso-ZA 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\ig-NG 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA 2019-03-30 02:12 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\vi-VN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\ur-PK 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\ug-CN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\tt-RU 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\tk-TM 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\te-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\sw-KE 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\sq-AL 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\quz-PE 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\prs-AF 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\pa-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\or-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\nn-NO 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\ne-NP 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\mt-MT 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\mr-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\mn-MN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\ml-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\mk-MK 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\mi-NZ 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\lo-LA 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\lb-LU 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\ky-KG 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\kok-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\kn-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\km-KH 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\kk-KZ 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\ka-GE 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\is-IS 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\id-ID 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\hy-AM 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\gu-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\gd-GB 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\ga-IE 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\fil-PH 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\fa-IR 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\cy-GB 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\bn-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\bn-BD 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\be-BY 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\as-IN 2019-03-30 02:12 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\af-ZA 2019-03-30 02:12 - 2019-03-30 02:12 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync 2019-03-30 02:12 - 2019-03-30 02:12 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN 2019-03-30 02:12 - 2019-03-30 02:12 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES 2019-03-30 02:12 - 2019-03-30 02:12 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES 2019-03-30 02:12 - 2019-03-30 02:12 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES 2019-03-30 02:12 - 2019-03-30 02:12 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2019-03-30 02:12 - 2019-03-30 02:12 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync 2019-03-30 02:12 - 2019-03-30 02:12 - 000000000 ____D C:\WINDOWS\system32\hi-IN 2019-03-30 02:12 - 2019-03-30 02:12 - 000000000 ____D C:\WINDOWS\system32\gl-ES 2019-03-30 02:12 - 2019-03-30 02:12 - 000000000 ____D C:\WINDOWS\system32\eu-ES 2019-03-30 02:12 - 2019-03-30 02:12 - 000000000 ____D C:\WINDOWS\system32\ca-ES 2019-03-30 02:12 - 2019-03-30 02:12 - 000000000 ____D C:\WINDOWS\OCR 2019-03-30 02:12 - 2019-03-30 02:12 - 000000000 ____D C:\Program Files\Reference Assemblies 2019-03-30 02:12 - 2019-03-30 02:12 - 000000000 ____D C:\Program Files\MSBuild 2019-03-30 02:12 - 2019-03-30 02:12 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2019-03-30 02:12 - 2019-03-30 02:12 - 000000000 ____D C:\Program Files (x86)\MSBuild 2019-03-30 02:11 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm 2019-03-30 02:11 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2019-03-30 02:11 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep 2019-03-30 02:11 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr 2019-03-30 02:11 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2019-03-30 02:11 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\SysWOW64\0409 2019-03-30 02:11 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\system32\winrm 2019-03-30 02:11 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\system32\WCN 2019-03-30 02:11 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\system32\slmgr 2019-03-30 02:11 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2019-03-30 02:11 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\system32\0409 2019-03-30 02:11 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\DigitalLocker 2019-03-30 02:09 - 2019-04-01 10:51 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2019-03-30 02:09 - 2019-04-01 10:51 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2019-03-30 02:08 - 2019-03-30 02:08 - 000000000 ____D C:\Users\Owner\AppData\Local\Comms 2019-03-30 02:06 - 2019-04-19 05:29 - 000000000 ___HD C:\Program Files\WindowsApps 2019-03-30 02:06 - 2019-04-19 05:29 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-03-30 02:06 - 2019-04-19 05:28 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-03-30 02:06 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\TextInput 2019-03-30 02:06 - 2019-04-19 05:07 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-03-30 02:06 - 2019-04-19 01:59 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2019-03-30 02:06 - 2019-04-17 22:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-03-30 02:06 - 2019-04-02 02:50 - 000000000 ____D C:\WINDOWS\system32\NDF 2019-03-30 02:06 - 2019-04-02 01:51 - 000000000 ____D C:\ProgramData\Packages 2019-03-30 02:06 - 2019-04-02 01:42 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2019-03-30 02:06 - 2019-04-02 01:40 - 000000000 ___RD C:\Program Files (x86) 2019-03-30 02:06 - 2019-04-02 01:32 - 000000000 ____D C:\WINDOWS\appcompat 2019-03-30 02:06 - 2019-03-30 09:09 - 000000000 ____D C:\Program Files\Windows Defender 2019-03-30 02:06 - 2019-03-30 02:19 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2019-03-30 02:06 - 2019-03-30 02:19 - 000000000 __RHD C:\Users\Public\Libraries 2019-03-30 02:06 - 2019-03-30 02:19 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ___SD C:\WINDOWS\system32\UNP 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ___SD C:\WINDOWS\system32\F12 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\ta-in 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\si-lk 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\setup 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\oobe 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\Dism 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\appraiser 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\system32\am-et 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\ShellComponents 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ____D C:\WINDOWS\Provisioning 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2019-03-30 02:06 - 2019-03-30 02:15 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2019-03-30 02:06 - 2019-03-30 02:12 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2019-03-30 02:06 - 2019-03-30 02:11 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2019-03-30 02:06 - 2019-03-30 02:11 - 000000000 ___SD C:\WINDOWS\system32\dsc 2019-03-30 02:06 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2019-03-30 02:06 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\SysWOW64\com 2019-03-30 02:06 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2019-03-30 02:06 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\system32\MUI 2019-03-30 02:06 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\system32\migwiz 2019-03-30 02:06 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\system32\com 2019-03-30 02:06 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\IME 2019-03-30 02:06 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\Help 2019-03-30 02:06 - 2019-03-30 02:11 - 000000000 ____D C:\Program Files\Common Files\system 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 __SHD C:\Program Files\Windows Sidebar 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 __RSD C:\WINDOWS\media 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ___SD C:\WINDOWS\system32\Nui 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ___SD C:\WINDOWS\system32\Configuration 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ___RD C:\WINDOWS\Offline Web Pages 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\Web 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\WaaS 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\Vss 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\tracing 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\TAPI 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\ras 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\IME 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SystemResources 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SystemApps 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\winevt 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\ta-lk 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\ras 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\ProximityToast 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\PointOfService 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\my-mm 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\Macromed 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\Ipmi 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\InputMethod 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\IME 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\icsxml 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\ias 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\hydrogen 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\DriverState 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\downlevel 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\DDFs 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\config\TxR 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\config\RegBack 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\config\Journal 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\Bthprops 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\AppLocker 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\System 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SKB 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\ServiceState 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\security 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\schemas 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\SchCache 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\Resources 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\rescache 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\Registration 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\PLA 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\Performance 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\ModemLogs 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\L2Schemas 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\InputMethod 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\IdentityCRL 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\Globalization 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\Cursors 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\Branding 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\addins 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\Program Files\Windows Security 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\Program Files\Windows Portable Devices 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\Program Files\windows nt 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\Program Files\Windows Multimedia Platform 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\Program Files\Common Files\Services 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\Program Files (x86)\windows nt 2019-03-30 02:06 - 2019-03-30 02:06 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2019-03-30 02:06 - 2019-03-30 02:04 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2019-03-30 02:06 - 2019-03-30 02:04 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat 2019-03-30 02:06 - 2019-03-30 02:04 - 000215943 _____ C:\WINDOWS\system32\dssec.dat 2019-03-30 02:06 - 2019-03-30 02:04 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2019-03-30 02:06 - 2019-03-30 02:04 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services 2019-03-30 02:06 - 2019-03-30 02:04 - 000017346 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2019-03-30 02:06 - 2019-03-30 02:04 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam 2019-03-30 02:06 - 2019-03-30 02:04 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol 2019-03-30 02:06 - 2019-03-30 02:04 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json 2019-03-30 02:06 - 2019-03-30 02:04 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT 2019-03-30 02:06 - 2019-03-30 02:04 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT 2019-03-30 02:06 - 2019-03-30 02:04 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks 2019-03-30 02:06 - 2019-03-30 02:04 - 000000219 _____ C:\WINDOWS\system.ini 2019-03-30 02:06 - 2019-03-30 02:04 - 000000092 _____ C:\WINDOWS\win.ini 2019-03-30 02:06 - 2019-03-30 01:35 - 000000000 ____D C:\WINDOWS\system32\spool 2019-03-30 02:06 - 2019-03-30 01:35 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2019-03-30 02:06 - 2019-03-30 01:27 - 000000000 ___RD C:\WINDOWS\PrintDialog 2019-03-30 02:06 - 2019-03-30 01:27 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2019-03-30 02:06 - 2019-03-30 01:24 - 000000000 ____D C:\ProgramData\USOPrivate 2019-03-30 02:04 - 2019-04-19 07:47 - 000000000 ____D C:\WINDOWS\INF 2019-03-30 01:58 - 2019-04-19 03:48 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-03-30 01:52 - 2019-03-30 01:52 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2019-03-30 01:51 - 2019-04-19 07:40 - 015728640 _____ C:\WINDOWS\system32\config\SYSTEM 2019-03-30 01:51 - 2019-04-19 07:40 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT 2019-03-30 01:51 - 2019-04-19 07:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-03-30 01:51 - 2019-04-19 07:40 - 000049152 _____ C:\WINDOWS\system32\config\SECURITY 2019-03-30 01:51 - 2019-04-19 07:40 - 000032768 _____ C:\WINDOWS\system32\config\SAM 2019-03-30 01:51 - 2019-03-30 08:54 - 000000000 ____D C:\Users\Owner\AppData\Local\MicrosoftEdge 2019-03-30 01:51 - 2019-03-30 02:11 - 000000000 ____D C:\WINDOWS\servicing 2019-03-30 01:51 - 2019-03-30 02:06 - 000000000 ____D C:\WINDOWS\system32\SMI 2019-03-30 01:51 - 2019-03-30 01:36 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2019-03-30 01:51 - 2019-03-30 01:36 - 000000000 ____D C:\WINDOWS\Panther 2019-03-30 01:50 - 2019-03-30 01:50 - 000000000 ____D C:\Users\Owner\AppData\Local\Publishers 2019-03-30 01:49 - 2019-04-02 19:21 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Adobe 2019-03-30 01:49 - 2019-04-02 01:50 - 000000000 ____D C:\Users\Owner\AppData\Local\ConnectedDevicesPlatform 2019-03-30 01:49 - 2019-04-02 01:37 - 000000000 ____D C:\Users\Owner\AppData\Local\Packages 2019-03-30 01:49 - 2019-03-30 01:49 - 000000020 ___SH C:\Users\Owner\ntuser.ini 2019-03-30 01:49 - 2019-03-30 01:49 - 000000000 ____D C:\Users\Owner\AppData\Local\VirtualStore 2019-03-30 01:37 - 2019-04-19 07:47 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-03-30 01:36 - 2019-03-30 01:36 - 000000000 _SHDL C:\Users\Default User 2019-03-30 01:36 - 2019-03-30 01:36 - 000000000 _SHDL C:\Users\All Users 2019-03-30 01:35 - 2019-04-19 05:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-03-30 01:35 - 2019-04-17 22:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2019-03-30 01:34 - 2019-03-30 01:34 - 000017884 _____ C:\Users\Owner\Desktop\Removed Apps.html 2019-03-30 01:34 - 2019-03-30 01:34 - 000016778 _____ C:\Users\defaultuser0\Desktop\Removed Apps.html 2019-03-30 01:30 - 2019-04-02 08:40 - 000000000 ____D C:\Users\Owner 2019-03-30 01:30 - 2019-04-02 01:40 - 000002367 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-03-30 01:30 - 2019-03-30 01:34 - 000000000 ____D C:\Users\defaultuser0 2019-03-30 01:30 - 2018-04-11 16:34 - 000001105 _____ C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-03-30 01:25 - 2019-04-19 05:28 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2019-03-30 01:25 - 2019-03-30 01:25 - 002033046 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip 2019-03-30 01:25 - 2019-03-30 01:25 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2019-03-30 01:25 - 2019-03-30 01:25 - 000000000 ____H C:\ProgramData\DP45977C.lfl 2019-03-30 01:25 - 2019-03-30 01:25 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2019-03-30 01:25 - 2019-03-30 01:25 - 000000000 ____D C:\WINDOWS\system32\DAX2 2019-03-30 01:25 - 2019-03-30 01:25 - 000000000 ____D C:\Program Files\Realtek 2019-03-30 01:25 - 2019-03-30 01:25 - 000000000 ____D C:\Program Files\Common Files\Atheros 2019-03-30 01:25 - 1999-12-31 17:00 - 000103960 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2019-03-30 01:25 - 1999-12-31 17:00 - 000099864 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2019-03-30 01:24 - 2019-03-30 01:24 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2019-03-30 01:24 - 2019-03-30 01:24 - 000000000 ____D C:\ProgramData\USOShared 2019-03-30 01:24 - 2019-03-30 01:24 - 000000000 ____D C:\Program Files\Intel 2019-03-30 01:24 - 2019-03-30 01:24 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin 2019-03-30 01:24 - 2018-04-11 16:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2019-03-30 01:21 - 2019-04-19 07:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-03-30 01:21 - 2019-04-19 05:09 - 000234720 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-03-30 00:42 - 2019-03-30 02:20 - 000000000 ___HD C:\$SysReset 2019-03-29 23:47 - 2019-03-30 02:26 - 000001109 _____ C:\Users\Owner\Desktop\BEHRINGER_2902_X64_2.8.40.zip - Shortcut.lnk 2019-03-29 23:46 - 2019-03-29 23:46 - 000841555 _____ C:\Users\Owner\Downloads\BEHRINGER_2902_X64_2.8.40 (1).zip 2019-03-29 21:56 - 2019-03-29 21:56 - 000293147 _____ C:\Users\Owner\Downloads\sfcinst.html 2019-03-29 21:56 - 2019-03-29 21:56 - 000000000 ____D C:\Users\Owner\Downloads\sfcinst_files 2019-03-29 19:15 - 2019-03-29 19:16 - 000000000 ____D C:\9d3970e300d67de88fd5412504aa 2019-03-29 01:48 - 2019-03-14 07:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2019-03-29 01:48 - 2019-03-14 07:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2019-03-29 01:48 - 2019-03-14 07:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll 2019-03-29 01:48 - 2019-03-14 07:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2019-03-29 01:48 - 2019-03-14 07:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys 2019-03-29 01:48 - 2019-03-14 07:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys 2019-03-29 01:48 - 2019-03-14 07:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe 2019-03-29 01:48 - 2019-03-14 07:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll 2019-03-29 01:48 - 2019-03-14 07:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll 2019-03-29 01:48 - 2019-03-14 07:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2019-03-29 01:48 - 2019-03-14 07:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll 2019-03-29 01:48 - 2019-03-14 07:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll 2019-03-29 01:48 - 2019-03-14 07:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2019-03-29 01:48 - 2019-03-14 06:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll 2019-03-29 01:48 - 2019-03-14 06:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe 2019-03-29 01:48 - 2019-03-14 06:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll 2019-03-29 01:48 - 2019-03-14 06:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll 2019-03-29 01:48 - 2019-03-14 06:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll 2019-03-29 01:48 - 2019-03-14 06:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll 2019-03-29 01:48 - 2019-03-14 01:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2019-03-29 01:48 - 2019-03-14 01:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2019-03-29 01:48 - 2019-03-14 01:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2019-03-29 01:48 - 2019-03-14 01:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll 2019-03-29 01:48 - 2019-03-14 01:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-03-29 01:48 - 2019-03-14 01:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-03-29 01:48 - 2019-03-14 01:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2019-03-29 01:48 - 2019-03-14 01:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2019-03-29 01:48 - 2019-03-14 01:27 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-03-29 01:48 - 2019-03-14 01:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll 2019-03-29 01:48 - 2019-03-14 01:26 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-03-29 01:48 - 2019-03-14 01:26 - 002768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-03-29 01:48 - 2019-03-14 01:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2019-03-29 01:48 - 2019-03-14 01:26 - 001457576 ____N (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-03-29 01:48 - 2019-03-14 01:26 - 001258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-03-29 01:48 - 2019-03-14 01:26 - 001140984 ____N (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-03-29 01:48 - 2019-03-14 01:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2019-03-29 01:48 - 2019-03-14 01:26 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-03-29 01:48 - 2019-03-14 01:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll 2019-03-29 01:48 - 2019-03-14 01:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys 2019-03-29 01:48 - 2019-03-14 01:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2019-03-29 01:48 - 2019-03-14 01:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2019-03-29 01:48 - 2019-03-14 01:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2019-03-29 01:48 - 2019-03-14 01:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2019-03-29 01:48 - 2019-03-14 01:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2019-03-29 01:48 - 2019-03-14 01:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2019-03-29 01:48 - 2019-03-14 01:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll 2019-03-29 01:48 - 2019-03-14 01:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2019-03-29 01:48 - 2019-03-14 01:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2019-03-29 01:48 - 2019-03-14 01:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2019-03-29 01:48 - 2019-03-14 01:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2019-03-29 01:48 - 2019-03-14 01:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2019-03-29 01:48 - 2019-03-14 01:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll 2019-03-29 01:48 - 2019-03-14 01:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll 2019-03-29 01:48 - 2019-03-14 01:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2019-03-29 01:48 - 2019-03-14 01:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2019-03-29 01:48 - 2019-03-14 01:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2019-03-29 01:48 - 2019-03-14 01:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
  1. Load more activity
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.