Jump to content

jseoung

Members
 View Profile  See their activity

  • Posts

    11

  • Joined

  • Last visited

 Content Type 

Everything posted by jseoung

  1. jseoung
    # DelFix v1.013 - Logfile created 13/04/2018 at 21:10:56 # Updated 17/04/2016 by Xplode # Username : John - JOHN-PC # Operating System : Windows 10 Pro (64 bits) ~ Activating UAC ... OK ~ Removing disinfection tools ... Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\Users\John\Desktop\Rkill.txt Deleted : C:\Users\John\Downloads\AdwCleaner.exe Deleted : C:\Users\John\Downloads\Fixlog.txt Deleted : C:\Users\John\Downloads\FRST64.exe Deleted : C:\Users\John\Downloads\RogueKiller_portable32.exe Deleted : C:\Users\John\Downloads\RogueKiller_portable64.exe ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #18 [Windows Update | 04/14/2018 00:41:52] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ##########
  2. jseoung
    Everything is good. Thanks for your help!!!
  3. jseoung
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018 Ran by John (09-04-2018 18:39:22) Running from E:\ Windows 10 Pro Version 1709 16299.309 (X64) (2018-01-26 06:08:13) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Admin (S-1-5-21-2633733505-2947214174-3764764193-1004 - Administrator - Enabled) => C:\Users\Admin Administrator (S-1-5-21-2633733505-2947214174-3764764193-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2633733505-2947214174-3764764193-503 - Limited - Disabled) Guest (S-1-5-21-2633733505-2947214174-3764764193-501 - Limited - Disabled) John (S-1-5-21-2633733505-2947214174-3764764193-1000 - Administrator - Enabled) => C:\Users\John WDAGUtilityAccount (S-1-5-21-2633733505-2947214174-3764764193-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501} FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 3.2 64-bit (HKLM\...\{A94AABAE-52F0-48C4-9F94-A4CA4B423576}) (Version: 3.2.1 - Adobe) Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden Apple Application Support (32-bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology) Backblaze (HKLM-x32\...\Backblaze) (Version: - Backblaze, Inc) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts) Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.52.9015 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) BitTorrent (HKU\S-1-5-21-2633733505-2947214174-3764764193-1000\...\BitTorrent) (Version: 7.10.0.44091 - BitTorrent Inc.) bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform) Cisco Packet Tracer 6.2 Student (HKLM-x32\...\Cisco Packet Tracer 6.2 Student_is1) (Version: - Cisco Systems, Inc.) Citrix Online Launcher (HKLM-x32\...\{48947098-A67C-46D4-90C5-9F2F6F0F96FE}) (Version: 1.0.449 - Citrix) Connect (HKLM-x32\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden Core Temp 1.11 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.11 - ALCPU) CutePDF Writer 3.2 (HKLM\...\CutePDF Writer Installation) (Version: 3.2 - Acro Software Inc.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Destiny 2 (HKLM-x32\...\Destiny 2) (Version: - Blizzard Entertainment) digiCamControl (HKLM-x32\...\{19D12628-7654-4354-A305-9AB0B32AF677}) (Version: 2.0.0.0 - Duka Istvan) Discord (HKU\S-1-5-21-2633733505-2947214174-3764764193-1000\...\Discord) (Version: 0.0.300 - Discord Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.65 - NVIDIA Corporation) Hidden Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.2.0 - IObit) EasyTune (HKLM-x32\...\{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.16.1117 - GIGABYTE) Hidden EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.16.1117 - GIGABYTE) EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.17.0327 - GIGABYTE) Hidden EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.17.0327 - GIGABYTE) Epic Games Launcher (HKLM-x32\...\{8F89B0CF-8144-43EE-AB9F-B7F8F23D85FB}) (Version: 1.1.135.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FortiClient (HKLM\...\{D31863C4-DE3E-4430-92F6-9BC6B296E9BF}) (Version: 5.6.0.1075 - Fortinet Inc) Geeks3D FurMark 1.18.2.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D) Gigabyte Speed v10.10 (HKLM\...\Gigabyte Speed) (Version: 10.10 - cFos Software GmbH, Bonn) GNS3 2.0.3 (HKLM-x32\...\GNS3) (Version: 2.0.3 - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden GoPro for Desktop (HKLM-x32\...\{88734dc7-c200-4ad3-b29f-bb5e436cb30f}) (Version: 1.4.0.2733 - GoPro, Inc.) GoPro Studio (HKLM-x32\...\{BE06FF1A-83A0-42F2-913E-6E405393145C}) (Version: 5.12.5383 - GoPro, Inc.) Hidden GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.16.1116.1 - GIGABYTE) Intel(R) Network Connections 20.7.67.0 (HKLM\...\PROSetDX) (Version: 20.7.67.0 - Intel) iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.) Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation) KakaoTalk (HKLM-x32\...\KakaoTalk) (Version: 2.6.5.1762 - Kakao Corp.) KeepVid Pro(Build 7.0.0.9) (HKLM-x32\...\KeepVid Pro_is1) (Version: 7.0.0.9 - KeepVid Studio) kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc) Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.88 - Logitech Inc.) Magic Bullet Suite 32-bit (HKLM-x32\...\{CCB723A5-68AA-48C5-9176-FD813D6AEC89}) (Version: 11.4.4 - Red Giant) Hidden Magic Bullet Suite 32-bit (HKLM-x32\...\InstallShield_{CCB723A5-68AA-48C5-9176-FD813D6AEC89}) (Version: 11.4.4 - Red Giant) Magic Bullet Suite 64-bit (HKLM\...\{E7676EF4-3896-4B7E-B030-1356EEC477CE}) (Version: 11.4.4 - Red Giant) Hidden Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{E7676EF4-3896-4B7E-B030-1356EEC477CE}) (Version: 11.4.4 - Red Giant) Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes) McAfee Multi Access - Total Protection (PC) (HKLM-x32\...\MSC) (Version: 16.0 R8 - McAfee, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.183 - McAfee, Inc.) Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation) Microsoft Azure PowerShell - September 2016 (HKLM-x32\...\{2BB9FB28-90ED-4A6F-98A6-D27D94218C10}) (Version: 3.0.0 - Microsoft Corporation) Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.8431.2236 - Microsoft Corporation) Microsoft Online Services Sign-in Assistant (HKLM\...\{D8AB93B0-6FBF-44A0-971F-C0669B5AE6DD}) (Version: 7.250.4556.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation) Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.1 - Mozilla) NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation) NVIDIA 3D Vision Driver 390.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.65 - NVIDIA Corporation) NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation) NVIDIA Graphics Driver 390.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.65 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation) NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2236 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2236 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2236 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden Oracle VM VirtualBox 5.1.10 (HKLM\...\{57682F33-488A-4065-8255-C3681A2B6F4E}) (Version: 5.1.10 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.5.15.44004 - Electronic Arts, Inc.) PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Quik (HKLM\...\{DF7EE9CB-0369-44F3-9B91-BF05A2D4891D}) (Version: 0.1.5383 - GoPro, Inc.) Hidden Quik (HKLM-x32\...\{b15a4fb5-7637-45ca-b230-33d94af786a7}) (Version: 2.3.0.5383 - GoPro, Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8264 - Realtek Semiconductor Corp.) RivaTuner Statistics Server 7.0.2 (HKLM-x32\...\RTSS) (Version: 7.0.2 - Unwinder) Skype Web Plugin (HKLM-x32\...\{AC7406B6-BB3B-4CD1-AEBA-0527B9CB16FE}) (Version: 7.27.0.105 - Skype Technologies S.A.) Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.) Speedtest by Ookla (HKLM\...\{4CB99888-11EE-4B49-BC91-447FF7FCD975}) (Version: 1.0.14.001 - Ookla) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.95388 - TeamViewer) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) TreeSize Free V3.4.5 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.4.5 - JAM Software) Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft) VFW_Codec32 (HKLM-x32\...\{ECDB3455-70F4-4EE6-B89E-3B4C5E9FF592}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden VFW_Codec64 (HKLM\...\{AE4073DE-7596-4E3B-9DE3-18BE2C3EFAA6}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden VTuner (HKLM-x32\...\{C381226E-C402-4976-9411-54282F1396D3}) (Version: 1.16.0503 - GIGABYTE) Hidden VTuner (HKLM-x32\...\InstallShield_{C381226E-C402-4976-9411-54282F1396D3}) (Version: 1.16.0503 - GIGABYTE) Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden WD Access (HKLM-x32\...\{046643f7-6206-46bb-8968-92c37fee39e0}) (Version: 1.4.5949.29996 - Western Digital Technologies, Inc.) WD Access (HKLM-x32\...\{C0624809-D60D-4AFF-8AF3-9452125AF4C1}) (Version: 1.4.5949.29996 - Western Digital Technologies, Inc) Hidden WhatsApp (HKU\S-1-5-21-2633733505-2947214174-3764764193-1000\...\WhatsApp) (Version: 0.2.8082 - WhatsApp) WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs) Windows Azure Active Directory Module for Windows PowerShell (HKLM\...\{43CC9C53-A217-4850-B5B2-8C347920E500}) (Version: 1.0.0 - Microsoft Corporation) Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.81 Build 10 Beta - Windscribe Limited) WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) Zoom (HKU\S-1-5-21-2633733505-2947214174-3764764193-1000\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2633733505-2947214174-3764764193-1000_Classes\CLSID\{58743271-597A-401B-AF4A-1450179151C0}\InprocServer32 -> C:\Users\John\AppData\Local\SkypePlugin\7.27.0.105\GatewayActiveX-x64.dll (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-2633733505-2947214174-3764764193-1000_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\John\AppData\Local\SkypePlugin\7.27.0.105\EdgeCalling.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-2633733505-2947214174-3764764193-1000_Classes\CLSID\{D0FC4B60-C60D-4908-8365-0C64C03E0291}\localserver32 -> C:\Users\John\AppData\Local\SkypePlugin\7.27.0.105\GatewayVersion-x64.exe (Skype Technologies S.A.) ContextMenuHandlers1: [FortiClient] -> {7AE5C558-994B-40B7-8730-2DAC2B96781B} => C:\Program Files (x86)\Fortinet\FortiClient\FortiCliSh64.Dll [2017-06-15] (Fortinet Inc.) ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-01-25] (McAfee, Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-03] (NVIDIA Corporation) ContextMenuHandlers6: [FortiClient] -> {1935F098-AF3C-4AFC-ADA2-12C74B452DF1} => C:\Program Files (x86)\Fortinet\FortiClient\FortiCliSh64.Dll [2017-06-15] (Fortinet Inc.) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes) ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2018-01-25] (McAfee, Inc.) ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {08609B67-81E9-4D37-ACA7-8492F0C32A7E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {14CDEFA6-F406-4B18-A054-FE3C44DDA32C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {15FF3A3B-9E10-4898-AC25-D6C916C11D1A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-23] () Task: {186403B1-48F9-4E8C-A79E-FF90B0C19527} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-03] (NVIDIA Corporation) Task: {21011EC8-5D89-4A17-9D2E-6358DC6C0177} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-03] (NVIDIA Corporation) Task: {2652A132-DD67-458E-8B32-24364D975F68} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {27B0B55E-2C17-4AD4-AC8A-2F6CC2221587} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {28C35EC8-DFD7-40F0-9EDF-A650089708AF} - System32\Tasks\vala => C:\Program Files (x86)\Receptionists\entomology.exe Task: {2EAE6F73-2F8F-41CE-ADFB-504092905E0D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {324E32EC-178E-44A7-B3E3-961DC882D669} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {33DD9365-3917-492A-91BB-883BFC4AC6F1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {365BF807-8A6B-4E3D-9509-FF12E39EDCC6} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3D2A922E-9E26-4D92-A68A-AF4A1A8DD8E9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-03] (NVIDIA Corporation) Task: {3DD6C062-7FDE-4538-B6E5-EDD36E63681E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-03] (NVIDIA Corporation) Task: {45D0EC31-B313-4D64-98BB-56C0E5DD2218} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {47C19E35-3D00-4052-812A-59854E27EE09} - System32\Tasks\elliott_fi => C:\Program Files (x86)\Engl\entomology.exe Task: {4CA0A173-562C-4236-A7A1-DA6EBA636B7C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-03] (NVIDIA Corporation) Task: {4D5925CB-E5E1-44C7-9FE6-D036EBD4FDF2} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {4FB83173-C29F-40DC-915A-C5B155C87D51} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-16] (Adobe Systems Incorporated) Task: {5347258F-D361-4334-9B52-E882D86832F3} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2633733505-2947214174-3764764193-1004 => C:\Users\John\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {562F8A6F-AA34-4F4A-83B8-C7BF52C02A95} - System32\Tasks\Driver Booster SkipUAC (John) => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe [2018-01-11] (IObit) Task: {5674B168-4DB0-4BDA-88A8-0C67CB78C412} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-03-17] (Microsoft Corporation) Task: {56E0894D-D560-4B2D-82F5-BCA6ED86DAB1} - System32\Tasks\Savalavala => C:\Program Files (x86)\Receptionists\entomology.exe Task: {5EEA1D17-AE7A-4E23-8AAB-6F938A649878} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {6A7A0358-4BF7-4D41-A00E-68A71B3B791D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-03] (NVIDIA Corporation) Task: {6C416475-F818-4ABC-ACFA-4191AC8C0502} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {6D9F01D1-A7DC-44B0-83E4-1FEB73347BAA} - System32\Tasks\Saelliott_fielliott_fi => C:\Program Files (x86)\Engl\entomology.exe Task: {6F0B9C1D-7DBF-480B-906D-18B216ECD880} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {771F787E-BAA6-4E46-98E2-8F2110A1F538} - System32\Tasks\dirks flatbush => C:\Program Files (x86)\Engl\blokes.exe Task: {7EBB0F0C-6520-469C-83A0-711CC82A3163} - System32\Tasks\Samolar-rosemountmolar-rosemount => C:\Program Files (x86)\verde\blokes.exe Task: {802568FC-B862-49E2-A135-A1538769E920} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-03-17] (Microsoft Corporation) Task: {866EC64C-C336-4F34-9062-87E84466E5E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-19] (Google Inc.) Task: {87F67A4E-AFEE-495A-91A9-6218F2BA6C14} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-19] (Google Inc.) Task: {8A06A1A4-BD19-46C2-B6B9-1CF234E34DBA} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe [2017-03-27] (GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {8ADBC2EC-8BD8-45DE-B441-6B945488DBC6} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {8D4EC33D-DE20-48FE-8AD3-D3DAC98A3AC2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {9061874B-1FBE-4211-A2D8-15530396D8F8} - \{080C7847-787D-0B0E-7911-0C090F7E110C} -> No File <==== ATTENTION Task: {93ADA230-5815-4152-BE47-DDBC42EB83A1} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe Task: {94D2ADE3-9469-48C3-B909-53C5B80EB9EE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-03-17] (Microsoft Corporation) Task: {97703B0B-2424-4641-AB3F-D9FC3C236B20} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-03] (Microsoft Corporation) Task: {9868CA04-CCDC-4DD7-888C-6D39B4080E1B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9AF09B2A-41F0-413A-9507-9B10D00B3D29} - System32\Tasks\molar-rosemount => C:\Program Files (x86)\verde\blokes.exe Task: {9E07E46D-41A6-4625-9E09-DCEB48010772} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-03] (NVIDIA Corporation) Task: {A18D1D75-4CB1-41BE-BE11-2D5EC9850611} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A3B0910C-C792-464B-B4E4-47B9A296B3C7} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\John\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {B20177D1-EE8A-4035-80DB-3B8555E8E5E7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-03] (NVIDIA Corporation) Task: {B38EADAA-FBBE-4A90-BAE4-3F6BCC5C5BC7} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser Task: {BA1402F3-F69B-4FFD-9EEE-DE5DA371F0F6} - System32\Tasks\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.5.243\mcdatrep.exe [2018-03-17] (McAfee, LLC.) Task: {BDAB0432-190B-4949-9516-92C0DB5AD09A} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2633733505-2947214174-3764764193-1000 => C:\Users\John\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {BF62C646-A79E-4537-8BCE-9F1D73743099} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd) Task: {C1B0BF88-D716-488B-9226-E2F55AA58EF1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated) Task: {D2FF959D-70F4-4E61-93A8-C6862096B19C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-03] (Microsoft Corporation) Task: {D38F6D37-7DAD-4140-A602-7D1E63B05D62} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D7119DF8-AD43-44E6-AA63-660BD22F5E01} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe Task: {DA8C18C2-E76F-4889-AC5C-EE560C661C04} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-23] () Task: {E4B9232B-DA2C-4E83-B926-834A5D18FE7F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {E672AC60-DAD8-432B-850A-F9C61A1D87D6} - System32\Tasks\Sadirks flatbushdirks flatbush => C:\Program Files (x86)\Engl\blokes.exe Task: {F3D3B1F1-84D0-4BDC-887F-2981EA95FCCB} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F65143C3-1847-4CA4-9D54-76158F7DD58D} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {FF60E793-78BF-4EDC-A91C-8E74B9FBFB00} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\McAfee Remediation (Prepare).job => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe Task: C:\WINDOWS\Tasks\McAfeeLogon.job => C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\ARC Welder (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=emfinbmielocnlhgmfkkmkngdoccbadn ShortcutWithArgument: C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\TeamViewer (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=oooiobdokpcfdlahlmcddobejikcmkfo ==================== Loaded Modules (Whitelisted) ============== 2018-01-26 02:52 - 2018-01-03 21:44 - 000544056 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll 2017-11-15 11:13 - 2017-05-26 08:47 - 000090096 _____ () C:\WINDOWS\System32\cpwmon64_v32.dll 2018-01-26 02:52 - 2018-01-03 21:44 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-07-28 18:09 - 2017-09-04 14:08 - 000076152 _____ () C:\Windows\system32\PnkBstrA.exe 2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-10-05 19:17 - 2016-10-05 19:17 - 001353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2018-01-26 00:21 - 2017-11-29 10:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-01-26 01:38 - 2018-01-26 03:28 - 000445672 _____ () C:\Program Files (x86)\Backblaze\bzserv.exe 2018-03-17 17:15 - 2018-01-05 17:39 - 001707032 _____ () C:\Program Files\McAfee\MfeAV\RealProtectAMScanIf.dll 2018-03-17 17:15 - 2018-01-05 17:39 - 000572776 _____ () C:\Program Files\McAfee\MfeAV\RepairModule.dll 2017-03-16 18:15 - 2017-03-16 18:15 - 000037808 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe 2017-09-29 09:41 - 2017-09-29 09:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2018-01-26 02:51 - 2018-01-03 19:50 - 000134448 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-09-28 10:36 - 2018-01-23 19:13 - 008929480 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll 2018-03-13 21:21 - 2018-02-21 20:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2018-03-13 21:21 - 2018-02-21 20:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-03-06 20:07 - 2015-03-06 20:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2017-10-19 23:29 - 2017-10-19 23:29 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-06 20:07 - 2015-03-06 20:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2017-10-19 23:29 - 2017-10-19 23:29 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2017-10-19 23:02 - 2017-10-19 23:02 - 000077824 _____ () C:\Program Files\Logitech Gaming Software\LAClient\zlib.dll 2017-10-19 23:02 - 2017-10-19 23:02 - 000144896 _____ () C:\Program Files\Logitech Gaming Software\LAClient\libssh2.dll 2018-01-26 01:38 - 2018-01-26 03:28 - 000734440 _____ () C:\Program Files (x86)\Backblaze\bzbui.exe 2018-04-06 16:44 - 2018-04-06 16:44 - 000178688 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11803.1001.6.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll 2018-03-09 17:51 - 2018-03-09 17:51 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11803.1001.6.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2018-04-06 16:44 - 2018-04-06 16:44 - 007917056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11803.1001.6.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll 2018-03-23 22:19 - 2018-03-23 22:19 - 004330496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1803.711.1000_x64__8wekyb3d8bbwe\Calculator.exe 2018-03-12 23:10 - 2018-03-12 23:11 - 000631296 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1803.711.1000_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll 2017-06-15 13:46 - 2017-06-15 13:46 - 000557376 _____ () C:\Program Files (x86)\Fortinet\FortiClient\sqlite3.dll 2015-02-17 02:47 - 2015-02-17 02:47 - 000105472 _____ () C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\ycc.dll 2018-01-26 02:52 - 2018-01-03 21:44 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2018-03-06 10:18 - 2018-03-06 10:18 - 080302992 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\libcef.dll 2018-03-17 10:32 - 2018-03-17 10:32 - 001754296 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\tmpod.dll 2016-09-28 10:33 - 2018-03-17 10:32 - 001009840 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll 2018-03-06 10:18 - 2018-03-06 10:18 - 003734416 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\libglesv2.dll 2018-03-06 10:18 - 2018-03-06 10:18 - 000088464 _____ () C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\John\AppData\Local\Temp:$DATA [16] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-2633733505-2947214174-3764764193-1000\...\sharepoint.com -> hxxps://avertnetworkservices-files.sharepoint.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2018-03-17 15:06 - 000000885 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 wildixintegration.eu ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2633733505-2947214174-3764764193-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\John\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: !SASCORE => 2 MSCONFIG\Services: NETGEARGenieDaemon => 3 MSCONFIG\Services: OpenVpnService => 3 MSCONFIG\Services: OpenVPNServiceInteractive => 2 MSCONFIG\Services: OpenVPNServiceLegacy => 3 MSCONFIG\Services: SDScannerService => 2 MSCONFIG\Services: SDUpdateService => 2 MSCONFIG\Services: SDWSCService => 2 MSCONFIG\Services: tvnserver => 2 MSCONFIG\startupfolder: C:^Users^John^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup MSCONFIG\startupreg: AceStream => C:\Users\John\AppData\Roaming\ACEStream\engine\ace_engine.exe MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe MSCONFIG\startupreg: BitTorrent => "C:\Users\John\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: Discord => C:\Users\John\AppData\Local\Discord\app-0.0.296\Discord.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: KakaoTalk => "D:\KakaoTalk\KakaoTalk.exe" -bystartup MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" MSCONFIG\startupreg: Malwarebytes TrayApp => C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe MSCONFIG\startupreg: NETGEARGenie => "D:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect MSCONFIG\startupreg: OPENVPN-GUI => d:\Program Files\OpenVPN\bin\openvpn-gui.exe MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent MSCONFIG\startupreg: RESTART_STICKY_NOTES => C:\Windows\System32\StikyNot.exe MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Spotify => "C:\Users\John\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\John\AppData\Roaming\Spotify\SpotifyWebHelper.exe" MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: tvncontrol => "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave MSCONFIG\startupreg: WDAppManager => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe MSCONFIG\startupreg: Windscribe => "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart MSCONFIG\startupreg: WIService => C:\Program Files (x86)\Wildix\WIService\WIService.exe HKLM\...\StartupApproved\Run: => "GoPro Tray App" HKLM\...\StartupApproved\Run: => "shortlistingshortlisting" HKLM\...\StartupApproved\Run: => "shortlisting" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{FDDF2466-2A62-4D20-A1B7-C3D3E26EC42B}] => (Allow) LPort=9009 FirewallRules: [{5CA58435-DECF-4E99-9230-82653BD35C8A}] => (Allow) LPort=9009 FirewallRules: [{848F2761-097C-47DB-AEAD-A44808E03256}] => (Allow) LPort=9009 FirewallRules: [{19276DF5-0E14-426C-9C0C-A968016DB5A5}] => (Allow) LPort=9009 FirewallRules: [{17C4075F-6565-4E1A-8C66-13CB7440DBDC}] => (Allow) LPort=9009 FirewallRules: [{B32525C9-5898-4B1A-BFA1-85B01B9E6A2C}] => (Allow) LPort=9009 FirewallRules: [{ACCDD930-315A-44B4-9989-1F5BE977114E}] => (Allow) LPort=9009 FirewallRules: [{B77C637F-1B98-4BF3-96EA-32E0648B5B60}] => (Allow) LPort=9009 FirewallRules: [{2C8B27BF-9301-4B3B-8A9E-63FB33E61D39}] => (Allow) LPort=9009 FirewallRules: [{3A660685-379A-40CD-82D7-5139A5ADB420}] => (Allow) LPort=9009 FirewallRules: [{CCE4DEE6-AFCB-452E-9CA5-2EDCD2C2929A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\AutoUpdate.exe FirewallRules: [{228A6991-F423-4988-8C69-F000E40AB387}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\AutoUpdate.exe FirewallRules: [{29D54496-96E0-480C-87D4-188053837EDA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DBDownloader.exe FirewallRules: [{0A8C9E46-5A67-4135-A06A-AFC9D31BA22E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DBDownloader.exe FirewallRules: [{35EF645A-059C-4800-A794-6DA22DF0758B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe FirewallRules: [{859FA650-F3A5-4F3B-8E8C-C22B016F5797}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe FirewallRules: [{4FE11EE4-8B71-4E8B-9834-636165A9720F}] => (Allow) LPort=9009 FirewallRules: [{52462422-08BB-448B-848E-519EE15B10A2}] => (Allow) LPort=9009 FirewallRules: [{727018FF-B349-4A73-9F6F-298028707E40}] => (Allow) LPort=9009 FirewallRules: [{AEA4A9B2-08EB-4098-8A6D-BB5B0EAFF06C}] => (Allow) LPort=9009 FirewallRules: [{1066BEE4-91AF-4004-A52F-496677E4C1C1}] => (Allow) LPort=9009 FirewallRules: [{410E113C-4E98-43CC-B2D9-9E1A24DBE5CA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{3481A25F-9EFC-4DF3-9E9D-8A88D9FD1EDA}] => (Allow) LPort=9009 FirewallRules: [{0C288F97-7E3C-4C55-88B7-58FDE01B3423}] => (Allow) LPort=9009 FirewallRules: [{42F183E7-4AF5-4108-B5CE-F3F1A527EB7B}] => (Allow) LPort=9009 FirewallRules: [{97F3AFC6-2759-4CE5-9D33-4C1C5A37FB43}] => (Allow) LPort=9009 FirewallRules: [{5D298F07-ABA9-48AD-9B0A-96F8002E9859}] => (Allow) LPort=9009 FirewallRules: [{65CB6EE0-766C-4B58-B0B2-D352184BAB1E}] => (Allow) LPort=9009 FirewallRules: [{87F3DC62-4527-4A48-B55F-15D2DF5F7FD9}] => (Allow) LPort=9009 FirewallRules: [{B2A4B635-D19B-4DA1-B7C1-662DFFC3BC80}] => (Allow) LPort=9009 FirewallRules: [{2DF907F0-ACC6-4FAC-9F4C-68F6A027E7C9}] => (Allow) LPort=9009 FirewallRules: [{2D85917E-93AC-47BA-8B88-346E2F797286}] => (Allow) LPort=9009 FirewallRules: [{FB0FB7C8-23FA-4A34-A880-FF9538024611}] => (Allow) LPort=9009 FirewallRules: [{DDE44428-09CF-4749-94FB-99F66E525136}] => (Allow) LPort=9009 FirewallRules: [{6E6DE7FE-86F5-4957-9B39-19FBD1195EC2}] => (Allow) LPort=9009 FirewallRules: [{4815C79A-10AE-4C32-9C2D-5A33B34947D0}] => (Allow) LPort=9009 FirewallRules: [{91E601D0-E117-4405-A8AB-C4D2E8BAEC99}] => (Allow) LPort=9009 FirewallRules: [{6CE31966-2486-4EA6-9ABB-A1C3637C932E}] => (Allow) LPort=9009 FirewallRules: [{A568DEE7-8AFC-43D6-8ADD-9FC144CC1DD4}] => (Allow) LPort=9009 FirewallRules: [{61726FD9-4EF8-4265-98F4-433A8073E26D}] => (Allow) LPort=9009 FirewallRules: [{1C7AC402-F6ED-4047-AFB5-A51ABD15DB4F}] => (Allow) LPort=9009 FirewallRules: [{DD8718BD-A653-497A-9E6C-CC013F04F30A}] => (Allow) LPort=9009 FirewallRules: [{54AD5138-C900-4972-B9A3-CD492760C33D}] => (Allow) LPort=9009 FirewallRules: [{42D41F99-E582-4682-B612-1A6BCD9A7E00}] => (Allow) LPort=9009 FirewallRules: [{8A550B11-A737-4191-BBBE-E54F801D919C}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe FirewallRules: [{C7D31F69-62B5-43EB-B184-09756ABCEE54}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe FirewallRules: [{2BCA7412-3BDC-4683-869D-24D7BD7BAFC0}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe FirewallRules: [{492E0374-371D-4F61-93A3-397EA2DE1ADC}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe FirewallRules: [{A10A84E6-6AC8-4C45-B83F-A91C152A4E56}] => (Allow) LPort=9009 FirewallRules: [{16C87B1F-3E19-41A2-99C7-ECD999D81CC4}] => (Allow) LPort=9009 FirewallRules: [{CA96C3A9-EBE7-4988-9AD9-3324E586C705}] => (Allow) LPort=9009 FirewallRules: [{077F95D5-C690-4CD9-81B9-0AA5AB82B3A9}] => (Allow) LPort=9009 FirewallRules: [{5B62D3CF-0D8E-42E1-8699-C077D5CA1790}] => (Allow) LPort=9009 FirewallRules: [{D26EAACB-DFC4-4792-98D4-7202B6061F59}] => (Allow) LPort=9009 FirewallRules: [{279095B8-3CB8-4541-B544-B1D09657C6BB}] => (Allow) LPort=9009 FirewallRules: [{A92401C6-CFB1-4277-A623-46571FD95E65}] => (Allow) LPort=9009 FirewallRules: [{9D0B06E4-D8D0-4BB6-89EB-FCB2A10DE71E}] => (Allow) LPort=9009 FirewallRules: [{1082763E-18AD-434E-93BE-671418722A9C}] => (Allow) LPort=9009 FirewallRules: [{BB6CC69F-6C37-416C-810E-FBBCCDF3F818}] => (Allow) LPort=9009 FirewallRules: [{ED7C522D-F410-4295-8A81-A0ED42F2BC18}] => (Allow) LPort=9009 FirewallRules: [{BF8AD9BE-8E5D-4907-AE98-9A0798515244}] => (Allow) LPort=9009 FirewallRules: [{66AAF3FC-E99E-468D-ADD8-0AD6F06FFB0C}] => (Allow) LPort=9009 FirewallRules: [{C1EDD2F3-E045-4068-BCCC-1819EF25FAA6}] => (Allow) LPort=9009 FirewallRules: [{B3F4FBEC-019B-4111-A0C8-651231648086}] => (Allow) LPort=9009 FirewallRules: [{997138FD-9AC3-4BE4-98B8-4FA0CEE3BEA0}] => (Allow) LPort=9009 FirewallRules: [{7BF3807A-6924-4488-8106-0E0EA8678F0A}] => (Allow) LPort=9009 FirewallRules: [{57B26664-9F52-4CAF-858A-CFF0276D2982}] => (Allow) C:\Users\John\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{99B65881-72AC-4E01-9CED-E0AC00B85A02}] => (Allow) C:\Users\John\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{01E61628-A027-4C47-B279-513FE9248894}] => (Allow) LPort=9009 FirewallRules: [{913261C1-F87A-43ED-9F58-576686752D66}] => (Allow) LPort=9009 FirewallRules: [{4421C37D-389F-443E-9170-476AA6FEA77B}] => (Allow) D:\Program Files\Battlefield 1\bf1.exe FirewallRules: [{3D8A9588-35CD-4D58-826F-F73CD84CF699}] => (Allow) D:\Program Files\Battlefield 1\bf1.exe FirewallRules: [{6C328E8F-5663-476A-A9AE-4F593073F555}] => (Allow) D:\Program Files\Battlefield 1\bf1Trial.exe FirewallRules: [{18F0E3E8-2C12-4F8F-BCA2-08F0E1C2791D}] => (Allow) D:\Program Files\Battlefield 1\bf1Trial.exe FirewallRules: [{4B1E995A-CC9C-474F-B84A-2816D4B2D17A}] => (Allow) LPort=9009 FirewallRules: [{FCBE51DC-0983-4C1A-8846-0A8D9FCC6188}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{6379DAB2-CC6C-4388-99A7-85137090064C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{FF2C4EF5-B610-48BF-9873-F2279941BF4A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{3DF4F109-4B73-41E4-A5BC-14674639AAB0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{1A847D48-3F03-4E04-BBC4-F6CDAF7E8AB1}] => (Allow) LPort=9009 FirewallRules: [{80632598-5A4D-4815-982B-2A7688CC900F}] => (Allow) LPort=9009 FirewallRules: [{B93C8461-789A-4724-8357-CED62482FC4C}] => (Allow) LPort=9009 FirewallRules: [{A9553D3D-E9D6-4291-84ED-DE50D9F3BA67}] => (Allow) LPort=9009 FirewallRules: [{1F1ADF05-FDC6-49BB-A892-753DFCB2D89B}] => (Allow) LPort=9009 FirewallRules: [{BE0FF0DB-FBA7-4C43-97F5-EC9A0AC9F3DD}] => (Allow) LPort=9009 FirewallRules: [{DA2CDBD1-680C-4F78-A19F-2904C697012E}] => (Allow) D:\SteamLibrary\steamapps\common\Wildlands\GRW.exe FirewallRules: [{AEABE4DB-2D35-4F8D-8F61-03A3AD9896E1}] => (Allow) D:\SteamLibrary\steamapps\common\Wildlands\GRW.exe FirewallRules: [{3F3C58A0-2236-4F7A-9E72-7F55D22FB0B4}] => (Allow) LPort=9009 FirewallRules: [{4AF1C1BA-74AC-4722-910A-DFC39FB17130}] => (Allow) LPort=9009 FirewallRules: [{958A27A2-1610-406F-AEF6-F8FE5A7B27BF}] => (Allow) D:\Program Files\Battlefield 1\bf1.exe FirewallRules: [{DA22824B-AEC2-4EF2-A043-34A14593002F}] => (Allow) D:\Program Files\Battlefield 1\bf1.exe FirewallRules: [{594CBD1F-A5FC-4E9D-90FA-B8EB940F93C8}] => (Allow) D:\Program Files\Battlefield 1\bf1Trial.exe FirewallRules: [{5E8D678A-8E9B-40B7-984E-5298F29AFB87}] => (Allow) D:\Program Files\Battlefield 1\bf1Trial.exe FirewallRules: [{9E8405C9-F2B6-4907-B1BC-917998A20D33}] => (Allow) D:\SteamLibrary\steamapps\common\This War of Mine\Storyteller.exe FirewallRules: [{71E29606-F344-48DE-972D-C3DE1E824777}] => (Allow) D:\SteamLibrary\steamapps\common\This War of Mine\Storyteller.exe FirewallRules: [{D70D19D4-E80F-447D-8E34-DD64AF9EB600}] => (Allow) D:\SteamLibrary\steamapps\common\This War of Mine\This War of Mine.exe FirewallRules: [{3B5E73C9-2396-4C21-B9B0-E36A2A991235}] => (Allow) D:\SteamLibrary\steamapps\common\This War of Mine\This War of Mine.exe FirewallRules: [{B7AAD9E2-A793-43BD-A387-B5350A2D4772}] => (Allow) LPort=9009 FirewallRules: [{9618F81D-620D-43E6-860A-B82B2EB8B067}] => (Allow) LPort=9009 FirewallRules: [{C25DB818-5877-4BF1-A0DC-782A93F9723A}] => (Allow) LPort=9009 FirewallRules: [{F7F65EB3-925C-48DF-A578-5994AFE633FB}] => (Allow) LPort=9009 FirewallRules: [{BC6D1D77-0B2E-427E-BD6E-7B9A0057DDB1}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortifws.exe FirewallRules: [{4BD24DE1-5670-475B-95A2-561718EE1DA9}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortiesnac.exe FirewallRules: [{E15CE0AC-4CF1-473D-8DC7-52202A0BACCD}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\ipsec.exe FirewallRules: [{2912BF71-88AA-4D58-A531-C9F1A90FC724}] => (Allow) LPort=9009 FirewallRules: [{B7566405-5950-413A-8DDA-02284ED8506F}] => (Allow) LPort=9009 FirewallRules: [{4967752A-813E-48C9-8430-0FF50A4CD660}] => (Allow) LPort=9009 FirewallRules: [{BE234A33-8E99-4D60-9FEB-98AD875F53F2}] => (Allow) LPort=9009 FirewallRules: [{66BDBF5F-A279-4B13-A895-32EFF48FBFD0}] => (Allow) LPort=9009 FirewallRules: [{D01E32AE-888C-44E1-AC0B-37A4691CA6C0}] => (Allow) D:\SteamLibrary\steamapps\common\StreetFighterV\StreetFighterV.exe FirewallRules: [{922E1997-03B1-44D9-8966-071A6AC4AE5B}] => (Allow) D:\SteamLibrary\steamapps\common\StreetFighterV\StreetFighterV.exe FirewallRules: [{9A42D3CE-460A-4C12-930F-E8FFE5566170}] => (Allow) LPort=9009 FirewallRules: [{7C70D4DD-6E02-4C06-A861-37A81B5289EE}] => (Allow) LPort=9009 FirewallRules: [{E2EE68B6-0C20-4C83-BD5D-A1486CFE051E}] => (Allow) LPort=9009 FirewallRules: [{73AB9975-DC5E-4692-9612-21F878E6E3F5}] => (Allow) LPort=9009 FirewallRules: [{92B679C8-100E-44EA-90C4-24D425CFDEFA}] => (Allow) LPort=9009 FirewallRules: [{22E865DC-C61F-401A-B552-02F593A179AE}] => (Allow) LPort=9009 FirewallRules: [{1BFA049B-A3F0-4428-99C6-A4AC7483E4CF}] => (Allow) LPort=9009 FirewallRules: [{2453A431-F034-44A8-8157-5C1C6FD54A45}] => (Allow) LPort=9009 FirewallRules: [{7936C00B-920B-4BA4-8209-2F8A4A6593AB}] => (Allow) LPort=9009 FirewallRules: [{EEE8584E-6627-40E6-B6F6-A91DA075220F}] => (Allow) LPort=9009 FirewallRules: [{0344DFC0-8366-4EA0-AA47-C0DD22F3EC70}] => (Allow) LPort=9009 FirewallRules: [{34A42F2D-FC34-4898-AA92-7EF4F6DB9BC7}] => (Allow) LPort=9009 FirewallRules: [{1147404E-E016-4551-BEB2-5ACF0F9D66E2}] => (Allow) LPort=9009 FirewallRules: [{FFC5B758-32C3-4FF9-AFDC-5DB0890241EF}] => (Allow) LPort=9009 FirewallRules: [{9C675892-0EE6-4DDF-B503-CD8EF732EDF5}] => (Allow) LPort=9009 FirewallRules: [{FF6E384D-3A8D-4E94-85B5-9857DF8538E1}] => (Allow) LPort=9009 FirewallRules: [{F3A849D1-09EC-421D-9DD8-034B14B39E40}] => (Allow) LPort=9009 FirewallRules: [{5F2088C2-221E-4156-9DA4-280CEBF5DB4D}] => (Allow) D:\Program Files\Battlefield 4\BFLauncher_x86.exe FirewallRules: [{D363843F-CA0F-4849-877F-501EDB39A5AD}] => (Allow) D:\Program Files\Battlefield 4\BFLauncher_x86.exe FirewallRules: [{B816CD18-5158-4822-AB97-6DF2740C634F}] => (Allow) D:\Program Files\Battlefield 4\BFLauncher.exe FirewallRules: [{0BB57514-890C-4FF9-BDAC-5F21A4D42FDD}] => (Allow) D:\Program Files\Battlefield 4\BFLauncher.exe FirewallRules: [{F21B7B6F-F3DF-43A3-B95D-1BF3A3A7D3CC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{8CA31B14-B2F8-4DCC-9CFB-508003DE287C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{EF810448-1B71-4A44-ACB7-1411121C7313}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{22A91F77-ECDB-45C3-A3C0-FFFDF2A82B02}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{D8520588-9F0B-4F28-9DF8-E76271D3DF52}] => (Allow) LPort=9009 FirewallRules: [{BE17F8A5-5F88-4AA8-B04A-03ACA82EB054}] => (Allow) LPort=9009 FirewallRules: [{F48C9680-78BA-4CC8-9DF1-E247850FE19B}] => (Allow) LPort=9009 FirewallRules: [{D2BC0637-A403-4843-B2BE-B72E2D0A7667}] => (Allow) LPort=9009 FirewallRules: [{21F7281D-623D-4DD0-8913-7B92D095F5C7}] => (Allow) LPort=9009 FirewallRules: [{04C3882F-5EE6-4934-943C-CE0844EE6683}] => (Allow) LPort=9009 FirewallRules: [{A8E19FBE-DEFA-458E-8697-DD34EE8433CE}] => (Allow) LPort=9009 FirewallRules: [{EB2DB8E6-882E-4CC0-929E-4A2E3183109E}] => (Allow) LPort=9009 FirewallRules: [{2C136998-672B-428C-9841-293917A6D374}] => (Allow) LPort=9009 FirewallRules: [{1BE2478B-1AFE-4AAB-9CB9-2960CE5113B1}] => (Allow) D:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe FirewallRules: [{5C18DEF5-85D2-489A-BBD7-36CACCB56477}] => (Allow) D:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe FirewallRules: [{6F753553-7DA9-4FE4-AA6C-0BD2AB633826}] => (Allow) LPort=9009 FirewallRules: [{46B59612-B6FF-448F-8818-EE15CDB70E2E}] => (Allow) LPort=9009 FirewallRules: [{4B6EA73E-9644-43F8-A42C-CA53A08B73A1}] => (Allow) LPort=9009 FirewallRules: [{1F3BBB26-5417-4606-95A9-C45D99BE4E94}] => (Allow) LPort=9009 FirewallRules: [{4E66BC8E-13AB-4753-8394-EE6FD70B8272}] => (Allow) LPort=9009 FirewallRules: [{4922F4E8-F02F-4B60-BEF3-347D9F8CB242}] => (Allow) LPort=9009 FirewallRules: [UDP Query User{6A5E4907-5370-4EBF-A2AD-45CC56011437}D:\program files\adobe photoshop cs4 (64 bit)\photoshop.exe] => (Allow) D:\program files\adobe photoshop cs4 (64 bit)\photoshop.exe FirewallRules: [TCP Query User{C43CCB41-857E-4D1D-A645-60E8D8B8ADE8}D:\program files\adobe photoshop cs4 (64 bit)\photoshop.exe] => (Allow) D:\program files\adobe photoshop cs4 (64 bit)\photoshop.exe FirewallRules: [{616FA2BA-8BBF-4B43-985B-194626F42B46}] => (Allow) LPort=9009 FirewallRules: [{32847A66-5F9D-41E7-B630-471E82EC5FD8}] => (Allow) LPort=9009 FirewallRules: [{64EF2F78-2DBA-4332-A5BF-DC3E10247621}] => (Allow) LPort=9009 FirewallRules: [UDP Query User{0264CCE5-A973-46C6-88BF-91211B785121}D:\program files\battlefield 4\bf4.exe] => (Allow) D:\program files\battlefield 4\bf4.exe FirewallRules: [TCP Query User{2701FCE5-CD16-43B8-A9CE-7870259D7518}D:\program files\battlefield 4\bf4.exe] => (Allow) D:\program files\battlefield 4\bf4.exe FirewallRules: [{77C8D0B9-6FB6-443C-9954-E514D29A392F}] => (Allow) LPort=9009 FirewallRules: [{9766B4B7-521D-45F0-8BF6-73B972284874}] => (Allow) LPort=9009 FirewallRules: [{A2F5CFA8-069A-4A06-9059-08AA4E4B3A86}] => (Allow) C:\Program Files\GNS3\qemu-2.4.0\qemu-system-x86_64w.exe FirewallRules: [{4B6BC652-2041-4BE1-8708-95DC686873C5}] => (Allow) C:\Program Files\GNS3\qemu-2.4.0\qemu-system-x86_64w.exe FirewallRules: [{7A6A84D1-C3AA-43EB-8F34-A02AC44C7964}] => (Allow) C:\Program Files\GNS3\qemu-2.4.0\qemu-system-i386w.exe FirewallRules: [{F7B71D61-A747-45BF-90F3-2886EBC6CF83}] => (Allow) C:\Program Files\GNS3\qemu-2.4.0\qemu-system-i386w.exe FirewallRules: [{CC27C1E2-4176-4E4D-B3AC-2ABBA1EBEC64}] => (Allow) C:\Program Files\GNS3\qemu-0.11.0\qemu.exe FirewallRules: [{E33C474C-518F-40E0-A1A8-5B393A805002}] => (Allow) C:\Program Files\GNS3\qemu-0.11.0\qemu.exe FirewallRules: [{3BEDEDB7-B346-4B19-A285-6C4CCC088A58}] => (Allow) C:\Program Files\GNS3\vpcs\vpcs.exe FirewallRules: [{558F42DE-4F87-452D-B25E-1B86BE84387B}] => (Allow) C:\Program Files\GNS3\vpcs\vpcs.exe FirewallRules: [{2B7B6D99-EB9D-4C39-8176-D5B75F21F031}] => (Allow) C:\Program Files\GNS3\dynamips\dynamips.exe FirewallRules: [{338EF020-E225-44F8-88C2-A7E9C44CAE58}] => (Allow) C:\Program Files\GNS3\dynamips\dynamips.exe FirewallRules: [{3B306FF9-F371-480A-8508-E9997F0B3673}] => (Allow) C:\Program Files\GNS3\ubridge.exe FirewallRules: [{91D8DA51-E5D9-45FF-BBDA-7C11FF1CD63E}] => (Allow) C:\Program Files\GNS3\ubridge.exe FirewallRules: [{342B5CF9-98F3-494F-88FF-6CC660301FDA}] => (Allow) C:\Program Files\GNS3\gns3server.exe FirewallRules: [{83A238DE-D2E3-4697-9B19-9F4754FDAC27}] => (Allow) C:\Program Files\GNS3\gns3server.exe FirewallRules: [UDP Query User{AF061CF4-6A01-41A6-9ACD-618B2C25F0FC}C:\program files (x86)\western digital\wd app manager\wdappmanager.exe] => (Allow) C:\program files (x86)\western digital\wd app manager\wdappmanager.exe FirewallRules: [TCP Query User{C3D23165-82A9-4C19-941E-F0CD24A0FA92}C:\program files (x86)\western digital\wd app manager\wdappmanager.exe] => (Allow) C:\program files (x86)\western digital\wd app manager\wdappmanager.exe FirewallRules: [{0BE97456-7A3A-4E60-834F-4DA0398E4C4E}] => (Allow) LPort=9009 FirewallRules: [{E8D4684E-F7F4-4C87-A3B3-49609F646839}] => (Allow) LPort=9009 FirewallRules: [UDP Query User{E0648D15-9CE9-4EF0-ADB0-36872023DF35}C:\program files (x86)\cisco packet tracer 6.2sv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.2sv\bin\packettracer6.exe FirewallRules: [TCP Query User{A1DFEF8C-61FA-4E66-A316-0365D4BAB852}C:\program files (x86)\cisco packet tracer 6.2sv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.2sv\bin\packettracer6.exe FirewallRules: [{A061B913-CF59-4076-BE98-A014877F855E}] => (Allow) LPort=9009 FirewallRules: [UDP Query User{EB557669-830C-40C6-B5B7-D6DDB56F6958}D:\kakaotalk\kakaotalk.exe] => (Allow) D:\kakaotalk\kakaotalk.exe FirewallRules: [TCP Query User{597CA111-5B03-457D-9447-C63F60860E9A}D:\kakaotalk\kakaotalk.exe] => (Allow) D:\kakaotalk\kakaotalk.exe FirewallRules: [{93501BE1-3FD0-4895-9CC9-6258B2A36459}] => (Allow) LPort=9009 FirewallRules: [{09661987-3E6D-4A37-A3E8-E920ABE2928B}] => (Allow) LPort=9009 FirewallRules: [{A99B4DC1-407E-410E-A21B-355789251E13}] => (Allow) D:\SteamLibrary\steamapps\common\Day of Defeat Source\hl2.exe FirewallRules: [{AA381A56-F70D-4458-84D8-7979F84D7FAA}] => (Allow) D:\SteamLibrary\steamapps\common\Day of Defeat Source\hl2.exe FirewallRules: [{B90547A1-A63C-442B-9AD9-EE61D9F1EBB1}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{A32DEFD3-3F3A-4073-B02E-BC6018EA50A0}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{3A13F073-80EA-4930-AF2A-9B7003D2B23F}] => (Allow) LPort=9009 FirewallRules: [{D7083DF6-C40A-465A-9958-2A56D0A361D9}] => (Allow) LPort=9009 FirewallRules: [{00C3C52A-CF39-4114-8E3B-DB6E6C8C9E46}] => (Allow) LPort=9009 FirewallRules: [{EE46C30C-1C8B-423D-ADAD-EC3E66B48282}] => (Allow) LPort=9009 FirewallRules: [{1C30B4BF-E4B4-4C9C-A24F-447F70E5F9A2}] => (Allow) D:\SteamLibrary\steamapps\common\Shadow Tactics\Shadow Tactics.exe FirewallRules: [{09B7F2C9-04FD-4A94-9073-FEA26CD3B350}] => (Allow) D:\SteamLibrary\steamapps\common\Shadow Tactics\Shadow Tactics.exe FirewallRules: [{819E6B7E-0CC6-428F-B323-3EB49D91CFCB}] => (Allow) LPort=9009 FirewallRules: [{7F27F827-AFAE-482A-AB43-DBEE9372A20C}] => (Allow) LPort=9009 FirewallRules: [{7230EB5F-0440-4B2C-B7B4-F293779CBFFC}] => (Allow) LPort=9009 FirewallRules: [{7DD83496-DB63-41E2-A61F-96664672BD7E}] => (Allow) LPort=9009 FirewallRules: [{23F4EDCC-46BD-42BA-BE56-54ADD1B1B69C}] => (Allow) LPort=9009 FirewallRules: [{2FBFB5EF-DC2B-4A55-8948-03EDB90CB23B}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe FirewallRules: [{9E13102C-6B82-43AC-A307-EAB35FE049AA}] => (Allow) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe FirewallRules: [{875169B9-6737-424B-AFF5-297EA0868AB5}] => (Allow) LPort=9009 FirewallRules: [{3889A69B-E4A4-4D5C-95DE-FF90EE888F40}] => (Allow) LPort=9009 FirewallRules: [{69259A96-EBBA-4FDC-B115-DA2997B86EF3}] => (Allow) LPort=9009 FirewallRules: [{194DF826-B45B-4D89-8931-8799336B73BE}] => (Allow) LPort=9009 FirewallRules: [{F7BC2D91-9110-462D-A929-0914E8C7D1D7}] => (Allow) LPort=9009 FirewallRules: [{10BF0A7F-5EA1-4B82-8056-89A625974624}] => (Allow) LPort=9009 FirewallRules: [{9D8885FC-9116-48A1-BECF-D0EB382FD552}] => (Allow) LPort=9009 FirewallRules: [{FDEECBCE-E10C-43C8-83FD-A142900A78C8}] => (Allow) LPort=9009 FirewallRules: [{385CEBA7-107E-4BE9-A282-3E74F5E9A4B9}] => (Allow) LPort=9009 FirewallRules: [{3949BA37-4E7A-4CFA-B9D1-4600AAE031B3}] => (Allow) LPort=9009 FirewallRules: [{3DC2EB3C-0E65-446E-A9FD-F7A091C9959C}] => (Allow) LPort=9009 FirewallRules: [{39DDD30D-D16D-448C-B824-8586BEF0E22F}] => (Allow) D:\SteamLibrary\steamapps\common\RESIDENT EVIL 7 biohazard\re7.exe FirewallRules: [{B196F0B2-BC30-40E8-924E-84604215A592}] => (Allow) D:\SteamLibrary\steamapps\common\RESIDENT EVIL 7 biohazard\re7.exe FirewallRules: [{E52420E8-983C-4850-BCF7-FCE7FCF7D620}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe FirewallRules: [{AAF97DD5-6A4C-4161-86BC-FC94F30FCC6D}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe FirewallRules: [{A7CFB130-545B-46C9-A781-76ED7E254458}] => (Allow) D:\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe FirewallRules: [{99F90915-AB70-47CD-9D9B-F525A02533E5}] => (Allow) D:\SteamLibrary\steamapps\common\DayZ\DayZ_BE.exe FirewallRules: [{2B3D3275-9D17-48D7-AC18-C9C426CA553F}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{9064B204-7E60-404E-BD2F-EC7B63DB4160}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{F9E99EDC-65E9-4F4F-886E-2B0AAFF1E518}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{6C346A10-C120-4489-9B62-0246233978FA}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{4EE1718E-38DF-4D83-9CAD-85A49A832D7E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{E2D8B6F4-0E40-4B71-A167-B9A69B4DB34A}] => (Allow) LPort=9009 FirewallRules: [{88B641A3-B2A3-4DFF-B9A6-28392B4087ED}] => (Allow) LPort=9009 FirewallRules: [{29C63961-4E58-4C3E-8B2A-2A913CDE805F}] => (Allow) LPort=9009 FirewallRules: [{EFD0467B-B3F2-48F5-8032-C1172B0AE9F4}] => (Allow) LPort=9009 FirewallRules: [{065CE47A-4FB5-4A6B-BE15-51D7BD636918}] => (Allow) LPort=9009 FirewallRules: [{73E9C25D-9F0F-4D6D-819F-C940ECE56AD8}] => (Allow) LPort=9009 FirewallRules: [{DC2296E9-7046-4EA4-B35D-5CA7E0D0E78F}] => (Allow) LPort=9009 FirewallRules: [{EDADB3E2-2FB2-48EC-A4E9-7F64F0AEE200}] => (Allow) LPort=9009 FirewallRules: [{68A759C2-292B-4706-AF2C-23945DB9865B}] => (Allow) LPort=9009 FirewallRules: [{7B9CD909-B2E5-40A7-AA1F-A37D1707889C}] => (Allow) LPort=9009 FirewallRules: [{3011FE4E-F92D-4A7F-AC13-1504709C76CF}] => (Allow) LPort=9009 FirewallRules: [{6AE35228-80A8-4EE5-8625-599345DAF43C}] => (Allow) LPort=9009 FirewallRules: [{E1D20948-3688-4C06-ABC8-10BBE7F0A890}] => (Allow) LPort=9009 FirewallRules: [{ADDE30B5-08A8-49D4-9E2C-C955993D0296}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{BEA49A89-2A42-4BE3-AD22-14832E287D58}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [UDP Query User{186E4ED6-A415-489D-A5C7-BAC2B55161E7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{6534E21E-1AA4-4564-B7DA-818A91D9A49E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{DF1B5FE2-00E0-4A36-8ADA-6CFE60EBE58D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{82E0BE2F-3AEF-42E4-9D83-62DCABCD3B4E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{657E6883-2024-4A1E-BDCC-E1C5E3620F49}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{74C10439-0CE1-4A53-AF11-3A8C528A4997}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{093C91C2-9BAC-4E44-956E-2C0C29544256}] => (Allow) LPort=9009 FirewallRules: [{6069ADFB-3513-4080-ADCC-2EE89A39F827}] => (Allow) LPort=9009 FirewallRules: [{ECE6E079-7CBC-49CE-AD5B-37A53F9B71DF}] => (Allow) LPort=9009 FirewallRules: [{C8934AEA-A440-4F31-B58C-D4809224AA66}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{EF630C3A-6303-4A36-8D5C-67892228EC4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{AB806A30-5D10-414B-B4CE-EA36B4C7DE02}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{A7FEF15F-71D9-49D1-BDF6-12F0CD9CC2C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{0D86C94B-A23A-4B7D-BAEC-C8A6E3DFEB59}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E965E8C8-6C06-4481-9527-4103BCC7CC28}] => (Allow) LPort=9009 FirewallRules: [{9EC28E78-2238-46DA-9DB6-F813384BC65A}] => (Allow) LPort=9009 FirewallRules: [{929777F7-0FEA-47D6-9A3F-A8E3701493DE}] => (Allow) LPort=9009 FirewallRules: [{18E4E9EA-D0E1-437B-850F-8BAEE6E4BE26}] => (Allow) LPort=9009 FirewallRules: [{E7787ECE-8486-4EC8-AC76-278391F4C0D9}] => (Allow) LPort=9009 FirewallRules: [{D7EFE58D-4A47-4AFB-8BF7-D8063365B3BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{6FC2425D-8B09-4A56-B915-F214A0317CC0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{BB2D7D79-4FBF-4B26-85DD-CE799747EB83}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{ACAAA745-8C6B-456C-B578-AF1782252F69}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{C617D28A-4F75-4C6B-852D-1CAA99867B6D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{D05CB04A-50B4-45A3-A3A5-0E8C060FE67A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{FA2F0C66-352C-47B7-9E83-4428D3F076BF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{990E5752-391E-4A44-9224-F4CAB690CBF1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{F51D640D-546F-422B-8023-4BB1BE2283B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe FirewallRules: [{F55BDA19-6620-4822-8993-9802B935919D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe FirewallRules: [{7E3EE3FA-8D10-4057-8B04-5159597587DA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{8AD18A4E-4878-4001-848E-94E623E4DCD2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{67ECF7E5-F1A8-41CE-92A2-8E3E1741A8C4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{8DB5C581-C5B5-4740-A65E-CAA2021CFA9C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{B86FBE2A-218C-45D7-9D7F-644EEAF5B07C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{1580B383-E9BE-412C-9B14-F0CB1C6FBA32}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{44DBD0B7-15ED-4C58-94D2-2764810498D3}] => (Allow) LPort=9009 FirewallRules: [{DD92452C-A43A-411B-939C-FF0DBB176CE8}] => (Allow) LPort=9009 FirewallRules: [{C0B0289C-6CE3-47AC-8FBC-2F6A03A39833}] => (Allow) LPort=9009 FirewallRules: [TCP Query User{2800C948-94CF-445D-83BF-C05BF6D080DE}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{7AF9FF0F-A70C-4742-9018-9AD7D57146F3}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{C60B7EE1-56BD-472F-873E-351E3D023150}] => (Allow) LPort=9009 FirewallRules: [{DDADCCE9-4632-40D3-AC2D-DABBB794685C}] => (Allow) LPort=9009 FirewallRules: [{B26BBF0B-7663-4F09-9C34-127DA72D19E0}] => (Allow) LPort=9009 FirewallRules: [{5A94A142-019C-4BBF-BECE-354B5EFAE56D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{F848B7C2-7572-45BB-87CA-0EE8FD5B8050}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{ECAD5754-551C-4E31-9B34-56CE5FF21242}] => (Allow) LPort=9009 FirewallRules: [{3F1F5156-327D-45B9-8D51-BF96D7764AB0}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe FirewallRules: [{BA36AA19-61D2-4080-A62A-53BC3335DDD0}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe FirewallRules: [{B9FBAD2A-C0BA-4D2E-8EB5-AA09C6B95504}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{B25F81A4-0CDD-4972-8A03-95B198163EF3}] => (Allow) LPort=9009 FirewallRules: [{C703C47C-4500-45AE-AF16-47A59699D3AC}] => (Allow) LPort=9009 FirewallRules: [{2762C199-22BC-49F0-82AC-AAEA1B9FF548}] => (Allow) LPort=9009 FirewallRules: [{9B996000-43D7-4865-B985-561D4B844D70}] => (Allow) LPort=9009 FirewallRules: [{566CEBB1-03B5-4F13-8C0F-75C90A7E74CF}] => (Allow) LPort=9009 FirewallRules: [{E5BCB9C3-959F-4EBA-84D4-D16AF852AC77}] => (Allow) LPort=9009 FirewallRules: [{B1A0D4E5-7D25-48CA-93FE-BAE79C26C8AE}] => (Allow) LPort=9009 FirewallRules: [{06163873-AB24-4F5A-B847-161F7A5F3CDF}] => (Allow) LPort=9009 FirewallRules: [{02A66B88-DCB2-4199-ABBF-A148B6ECDAD1}] => (Allow) LPort=9009 FirewallRules: [{546A0257-76F5-434E-8AB9-D3D89C08BDD5}] => (Allow) LPort=9009 FirewallRules: [{22199ADA-CDA8-454A-99F5-7C427366A8C0}] => (Allow) LPort=9009 FirewallRules: [{74BE028C-4FA0-429A-972A-9B33E768B5ED}] => (Allow) LPort=9009 FirewallRules: [{282BA0D8-6708-47CF-B0A0-75CA0B8E072D}] => (Allow) LPort=9009 FirewallRules: [{B0460901-DBB4-4BB8-89FD-D64DB0C43B9F}] => (Allow) LPort=9009 FirewallRules: [{414EAF95-4978-4416-B1C0-92B2262FC6DC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{FF07AC7C-5AD7-4540-9D26-D6831183AF8A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{B9233285-A03D-4953-ADC6-6E1E6EB912D0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{28773DD1-3B95-480E-9FAA-378CEFC8B252}] => (Allow) LPort=9009 FirewallRules: [{D2B97169-7581-4E25-BD8B-B0D421E0AEE6}] => (Allow) LPort=9009 FirewallRules: [{43C80BD7-E006-4698-93EB-85C48B22321D}] => (Allow) LPort=9009 FirewallRules: [{1F23B557-3332-4834-8F9F-04F586EC7B9E}] => (Allow) LPort=9009 FirewallRules: [{E4C8FD53-D00C-440C-A455-DA0940753A1C}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe FirewallRules: [{23711680-943A-4BB5-A9F3-162E17EE1679}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiWad.exe FirewallRules: [{52161125-37F5-4472-8DA3-D0E319EB471B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{B280ED77-C2EF-433A-A54F-A96FFF182E1E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{A27C7DEB-3AEF-4AF2-9E4F-F0F55F094D45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{EBB60853-59E8-4A8C-9D11-640F68C18A36}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{7E29CF2F-CDC0-4280-8324-721415487299}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{CFA2295A-88EF-48EB-BE26-F34C3F7BE32C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{7DF15598-93F7-4FC9-92B1-AB58BFCE0172}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{15C83691-BBB1-44D5-AC70-49119975A535}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\Spotify.exe FirewallRules: [{0ACECA03-3C99-4FC5-B5A9-38950ACA2FEE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe FirewallRules: [{D03A409F-D678-41FC-8DA7-E2349AC63FBD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.77.338.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (04/09/2018 08:55:07 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: ) Description: Event-ID 5000 Error: (04/09/2018 08:55:07 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: ) Description: Event-ID 5000 Error: (04/09/2018 08:55:00 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: ) Description: Event-ID 5000 Error: (04/09/2018 08:55:00 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: ) Description: Event-ID 5000 Error: (04/07/2018 04:32:41 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: ) Description: Event-ID 5000 Error: (04/07/2018 04:32:41 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: ) Description: Event-ID 5000 Error: (04/07/2018 04:32:34 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: ) Description: Event-ID 5000 Error: (04/07/2018 04:32:34 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: ) Description: Event-ID 5000 System errors: ============= Error: (04/09/2018 06:38:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Interactive Services Detection service terminated with the following error: Incorrect function. Error: (04/09/2018 06:37:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NCBCSZSJRSB-SpotifyAB.SpotifyMusic. Error: (04/09/2018 06:34:24 PM) (Source: DCOM) (EventID: 10016) (User: John-PC) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user John-PC\John SID (S-1-5-21-2633733505-2947214174-3764764193-1000) from address LocalHost (Using LRPC) running in the application container SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0 SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (04/09/2018 09:20:43 AM) (Source: DCOM) (EventID: 10010) (User: John-PC) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Error: (04/09/2018 09:20:43 AM) (Source: DCOM) (EventID: 10010) (User: John-PC) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Error: (04/09/2018 09:20:43 AM) (Source: DCOM) (EventID: 10010) (User: John-PC) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Error: (04/09/2018 09:20:43 AM) (Source: DCOM) (EventID: 10010) (User: John-PC) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Error: (04/09/2018 09:20:43 AM) (Source: DCOM) (EventID: 10010) (User: John-PC) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Windows Defender: =================================== Date: 2018-01-26 01:48:31.855 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Bitrep.A&threatid=2147723097&enterprise=0 Name: Trojan:Win32/Bitrep.A ID: 2147723097 Severity: Severe Category: Trojan Path: file:_D:\Downloads\1AF810FC.exe Detection Origin: Local machine Detection Type: FastPath Detection Source: System Process Name: Unknown Signature Version: AV: 1.251.42.0, AS: 1.251.42.0, NIS: 116.1.0.0 Engine Version: AM: 1.1.14104.0, NIS: 2.1.13804.0 CodeIntegrity: =================================== Date: 2018-04-02 19:06:47.951 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\Common\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-04-02 19:06:47.948 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\Common\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-04-02 19:06:47.946 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Red Giant Link\Common\tools\update_installer\USERENV.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2018-03-19 02:53:04.046 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements. Date: 2018-03-19 02:53:00.586 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements. Date: 2018-03-19 02:52:56.394 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements. Date: 2018-03-19 02:52:56.111 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements. Date: 2018-03-19 02:50:34.717 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Ansel\Tools\NvCameraWhitelisting64.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz Percentage of memory in use: 21% Total physical RAM: 24525.05 MB Available physical RAM: 19254.88 MB Total Virtual: 36525.05 MB Available Virtual: 31044.54 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:118.66 GB) (Free:28.73 GB) NTFS Drive d: (Booterous Maximus) (Fixed) (Total:931.51 GB) (Free:420.28 GB) NTFS Drive e: () (Removable) (Total:14.9 GB) (Free:14.85 GB) FAT32 \\?\Volume{1a11efc4-7bf2-11e6-bfaa-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{8a0cf9db-0000-0000-0000-c0b01d000000}\ () (Fixed) (Total:0.48 GB) (Free:0.08 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 8A0CF9DB) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=490 MB) - (Type=27) ======================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 18931892) Partition: GPT. ======================================================== Disk: 2 (Protective MBR) (Size: 14.9 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================
  4. jseoung
    Fixlog.txt Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018 Ran by John (administrator) on JOHN-PC (09-04-2018 18:38:51) Running from E:\ Loaded Profiles: John (Available Profiles: John & Admin) Platform: Windows 10 Pro Version 1709 16299.309 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (McAfee LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (Apple Inc.) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe () C:\Windows\System32\PnkBstrA.exe (cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Microsoft Online Services\MSOIDSVC.EXE (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe (Microsoft) C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe (Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe () C:\Program Files (x86)\Backblaze\bzserv.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (McAfee LLC) C:\Windows\System32\mfevtps.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Microsoft Online Services\MSOIDSVCM.EXE (McAfee LLC) C:\Windows\System32\mfevtps.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (McAfee LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FCDBLog.exe (FortiClient System Helper) C:\Program Files (x86)\Fortinet\FortiClient\FCHelper64.exe (Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiESNAC.exe (Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiSSLVPNdaemon.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_8\mcapexe.exe (McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe (McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.7.371.0\McCSPServiceHost.exe () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiTray.exe (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngine.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (cFos Software GmbH) C:\Program Files\cFosSpeed\cfosspeed.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech, Inc.) C:\Program Files\Logitech Gaming Software\LAClient\laclient.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe () C:\Program Files (x86)\Backblaze\bzbui.exe (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11803.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1803.711.1000_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Kakao Corp. ) D:\KakaoTalk\KakaoTalk.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [Gigabyte Speed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [2088872 2015-09-09] (cFos Software GmbH) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17987704 2017-10-19] (Logitech Inc.) HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [866224 2017-03-16] () HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2018-01-26] (Realtek Semiconductor) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587800 2017-12-19] (Oracle Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-2633733505-2947214174-3764764193-1000\...\Run: [KakaoTalk] => D:\KakaoTalk\KakaoTalk.exe [9663264 2018-03-29] (Kakao Corp. ) HKU\S-1-5-21-2633733505-2947214174-3764764193-1000\...\Run: [Backblaze] => C:\Program Files (x86)\Backblaze\bzbui.exe [734440 2018-01-26] () HKU\S-1-5-21-2633733505-2947214174-3764764193-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd) HKU\S-1-5-21-2633733505-2947214174-3764764193-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [36864 2017-09-29] (Microsoft Corporation) Startup: C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-03-11] ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation) BootExecute: autocheck autochk * sdnclean64.exe GroupPolicy: Restriction <==== ATTENTION GroupPolicy\User: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: 127.0.0.1 wildixintegration.eu Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3483CCE9-658B-4AB2-B3B8-CBB29570F580}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{36F0202D-BF59-4686-ADC3-52E92DD1139A}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{36F0202D-BF59-4686-ADC3-52E92DD1139A}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{3DA634BD-BCB8-4501-8BA2-E232144BF474}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{3DA634BD-BCB8-4501-8BA2-E232144BF474}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{504D593E-3471-4DF3-B90A-145C35B743AF}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{6C741185-3A44-480B-888D-BAC318CE5F8B}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{84898883-443B-44BE-AE77-64B2F3CDC6D4}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{84898883-443B-44BE-AE77-64B2F3CDC6D4}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{89BEABFC-68EA-4584-9805-E46C0CD0C49F}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{D73305FC-46ED-4C04-86FD-A60ECB5CF246}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{F6AAC278-073A-4F0A-8D3F-22BA189EC340}: [NameServer] 8.8.8.8 Internet Explorer: ================== HKU\S-1-5-21-2633733505-2947214174-3764764193-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2633733505-2947214174-3764764193-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2633733505-2947214174-3764764193-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-02-24] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-01-26] (Oracle Corporation) BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-03-19] (McAfee, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-01-23] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-01-23] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-26] (Oracle Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-03-17] (Microsoft Corporation) BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-03-19] (McAfee, Inc.) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-03-17] (Microsoft Corporation) BHO-x32: KeepVid Pro 4.10.0 -> {F9B65201-3D7F-48DA-AAB3-57A6FAD648FD} -> C:\Program Files (x86)\Keepvid\KeepVid Pro (Desktop)\BrowserPlugin\KVBrowserAppMgr.dll [2017-11-13] () Toolbar: HKU\S-1-5-21-2633733505-2947214174-3764764193-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-23] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-23] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-23] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-23] (Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-03-19] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-03-19] (McAfee, Inc.) Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File Handler: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - No File Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2018-01-25] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2018-01-25] (McAfee, Inc.) FireFox: ======== FF DefaultProfile: nmdehze2.default FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\nmdehze2.default [2018-04-09] FF Extension: (Grammarly for Firefox) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\nmdehze2.default\Extensions\87677a2c52b84ad3a151a4a72f5bd3c4@jetpack.xpi [2018-03-23] FF Extension: (Greasemonkey) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\nmdehze2.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-03-23] FF Extension: (TLS 1.3 gradual roll-out) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\nmdehze2.default\features\{dda3107f-d349-4a56-8e85-3c2f79784b41}\tls13-rollout-bug1442042@mozilla.org.xpi [2018-04-05] [Legacy] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-02-09] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2018-03-17] [Legacy] [not signed] FF HKU\S-1-5-21-2633733505-2947214174-3764764193-1000\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\John\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found FF HKU\S-1-5-21-2633733505-2947214174-3764764193-1000\...\Firefox\Extensions: [KVAllmytube@KeepVid.com] - C:\Program Files (x86)\Keepvid\KeepVid Pro (Desktop)\BrowserPlugin\kvallmytube@keepvid.com_xpi FF Extension: (KeepVid Pro) - C:\Program Files (x86)\Keepvid\KeepVid Pro (Desktop)\BrowserPlugin\kvallmytube@keepvid.com_xpi [2017-12-30] [Legacy] FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-26] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-26] (Oracle Corporation) FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2018-01-25] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] ( Microsoft Corporation) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) FF Plugin-x32: @FortinetCacheClean -> C:\Program Files (x86)\Fortinet\FortiClient\npccplugin.dll [2017-06-15] (Fortinet Inc.) FF Plugin-x32: @FortinetCacheCleanEx -> C:\Program Files (x86)\Fortinet\FortiClient\npccpluginex.dll [2017-06-15] (Fortinet Inc.) FF Plugin-x32: @FortinetTunnelControl -> C:\Program Files (x86)\Fortinet\FortiClient\nptcplugin.dll [2017-06-15] (Fortinet Inc.) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2018-01-25] () FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-17] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-23] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File] FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-03] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-03] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-03-19] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-03-19] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2633733505-2947214174-3764764193-1000: @acestream.net/acestreamplugin,version=3.1.11 -> C:\Users\John\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File] FF Plugin HKU\S-1-5-21-2633733505-2947214174-3764764193-1000: @citrixonline.com/appdetectorplugin -> C:\Users\John\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2017-03-31] (Citrix Online) FF Plugin HKU\S-1-5-21-2633733505-2947214174-3764764193-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\John\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-02-21] (Zoom Video Communications, Inc.) FF Plugin HKU\S-1-5-21-2633733505-2947214174-3764764193-1000: SkypePlugin -> C:\Users\John\AppData\Local\SkypePlugin\7.27.0.105\npGatewayNpapi.dll [2016-10-20] (Skype Technologies S.A.) FF Plugin HKU\S-1-5-21-2633733505-2947214174-3764764193-1000: SkypePlugin64 -> C:\Users\John\AppData\Local\SkypePlugin\7.27.0.105\npGatewayNpapi-x64.dll [2016-10-20] (Skype Technologies S.A.) Chrome: ======= CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default [2018-04-09] CHR Extension: (Slides) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-17] CHR Extension: (Docs) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-17] CHR Extension: (Google Drive) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-17] CHR Extension: (Skype Calling) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2018-03-19] CHR Extension: (YouTube) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-17] CHR Extension: (Tampermonkey) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-03-17] CHR Extension: (Adobe Acrobat) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-03-17] CHR Extension: (ARC Welder) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\emfinbmielocnlhgmfkkmkngdoccbadn [2018-03-19] CHR Extension: (Sheets) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-17] CHR Extension: (McAfee® WebAdvisor) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-03-17] CHR Extension: (Google Docs Offline) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-18] CHR Extension: (IE Tab) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2018-03-19] CHR Extension: (Themer) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\ialgjgaalhegkbeicphjelikjeafkkje [2018-03-19] CHR Extension: (Grammarly for Chrome) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-03-23] CHR Extension: (Cryptonite by MetaCert ) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\keghdcpemohlojlglbiegihkljkgnige [2018-03-23] CHR Extension: (chrome-themes-hd) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\lieeengkphajmbknpiabepjeaioegdgp [2018-03-20] CHR Extension: (App Runtime for Chrome (Beta)) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfaihdlpglflfgpfjcifdjdjcckigekc [2018-03-19] CHR Extension: (Ace Script) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2018-03-17] CHR Extension: (Chrome Web Store Payments) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-03-17] CHR Extension: (TeamViewer) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\oooiobdokpcfdlahlmcddobejikcmkfo [2018-03-19] CHR Extension: (Gmail) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-17] CHR Extension: (Chrome Media Router) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-20] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2633733505-2947214174-3764764193-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2633733505-2947214174-3764764193-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2633733505-2947214174-3764764193-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2018-01-06] () R2 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2017-04-22] (Apple Inc.) R2 bzserv; C:\Program Files (x86)\Backblaze\bzserv.exe [445672 2018-01-26] () R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [726952 2015-09-09] (cFos Software GmbH) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761584 2018-03-03] (Microsoft Corporation) S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-09-21] (McAfee, Inc.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [526888 2017-11-24] (EasyAntiCheat Ltd) R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [144816 2017-03-27] (GIGA-BYTE TECHNOLOGY CO., LTD.) R2 FA_Scheduler; C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe [127296 2017-06-15] (Fortinet Inc.) R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2017-03-16] () R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-11-16] (Microsoft) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-10-19] (Logitech Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604312 2018-03-19] (McAfee, Inc.) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_8\McApExe.exe [728296 2018-01-31] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.7.371.0\\McCSPServiceHost.exe [2140888 2017-12-14] (McAfee, Inc.) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [359888 2018-01-26] (McAfee LLC) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [512976 2018-01-26] (McAfee LLC) R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [475600 2018-01-26] (McAfee LLC) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1666224 2017-12-19] (McAfee, Inc.) R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [1385280 2013-12-10] (Microsoft Corp.) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-03] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-03] (NVIDIA Corporation) S2 OcButtonService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\OcButtonService.exe [123312 2017-03-27] (GIGA-BYTE TECHNOLOGY CO., LTD.) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2158912 2018-03-19] (Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3028808 2018-03-19] (Electronic Arts) R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1045360 2018-01-30] (McAfee, Inc.) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2017-09-04] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-09-04] () S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-13] (Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2018-03-01] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation) R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [456296 2017-12-18] (Windscribe Limited) S3 WsDrvInst; C:\Program Files (x86)\Keepvid\KeepVid Pro (Desktop)\DriverInstall.exe [107128 2017-11-13] (Wondershare) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77216 2018-01-31] (McAfee LLC) R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [555592 2018-01-26] (Intel Corporation) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77432 2017-11-29] () S3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-07-28] (ELAN Microelectronic Corp.) S3 fortiapd; C:\WINDOWS\System32\drivers\fortiapd.sys [18000 2017-06-15] (Fortinet Inc) R1 FortiFilter; C:\WINDOWS\system32\DRIVERS\FortiFilter.sys [25312 2014-12-11] (Fortinet Inc) S3 Fortips; C:\WINDOWS\System32\drivers\fortips.sys [147536 2017-06-15] (Fortinet Inc) R1 FortiShield; C:\WINDOWS\System32\drivers\FortiShield.sys [72272 2017-06-15] (Fortinet Inc) S3 fortisniff; C:\WINDOWS\System32\drivers\fortisniff2.sys [85072 2017-06-15] (Fortinet Inc) R3 ftsvnic; C:\WINDOWS\System32\drivers\ftsvnic.sys [66600 2017-04-24] (Fortinet Inc.) R3 ft_vnic; C:\WINDOWS\system32\DRIVERS\ftvnic.sys [16928 2011-03-21] (Fortinet Inc.) S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218336 2017-10-09] (McAfee, Inc.) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-09-16] (REALiX(tm)) S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45192 2017-10-19] (Logitech Inc.) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-10-19] (Logitech Inc.) R3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation) S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [58792 2017-03-05] (Visicom Media Inc.) S3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2018-01-26] (Malwarebytes) S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2018-01-26] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-04-08] (Malwarebytes) S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2018-01-26] (Malwarebytes) S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-28] (Visicom Media Inc.) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [496544 2018-01-31] (McAfee LLC) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [357792 2018-01-31] (McAfee LLC) U3 mfeavfk01; no ImagePath S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83952 2018-01-31] (McAfee LLC) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [528288 2018-01-31] (McAfee LLC) R1 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [948128 2018-01-31] (McAfee LLC) R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [521128 2017-11-21] (McAfee LLC.) S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [108464 2017-11-21] (McAfee LLC.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [115104 2018-01-31] (McAfee LLC) R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252832 2018-01-31] (McAfee LLC) R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2017-02-26] (CACE Technologies, Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5601d21ccd639df9\nvlddmkm.sys [17486096 2018-01-05] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2018-01-03] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50808 2017-11-15] (NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2018-01-03] (NVIDIA Corporation) R3 pppop; C:\WINDOWS\System32\drivers\pppop64.sys [54344 2016-03-29] (Fortinet Inc.) S3 smbdirect; C:\WINDOWS\System32\DRIVERS\smbdirect.sys [151552 2017-09-29] (Microsoft Corporation) R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [45560 2017-09-13] (The OpenVPN Project) R1 VBoxNetAdp; C:\WINDOWS\System32\DRIVERS\VBoxNetAdp6.sys [132120 2016-11-21] (Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [206416 2016-11-21] (Oracle Corporation) U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [41472 2017-12-13] (Microsoft Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation) R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [54344 2016-11-22] (Intel Corporation) S4 htclwr; System32\drivers\spsimaxo.sys [X] U3 idsvc; no ImagePath U3 wpcsvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-04-07 11:32 - 2018-04-07 11:32 - 000000000 ____D C:\Users\John\AppData\Local\wmsvihc 2018-04-07 11:29 - 2018-04-07 11:29 - 000002206 _____ C:\Users\John\Desktop\Rkill.txt 2018-04-07 11:10 - 2018-04-09 08:35 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2018-04-07 11:09 - 2018-04-07 11:09 - 027020872 _____ (Adlice Software) C:\Users\John\Downloads\RogueKiller_portable64.exe 2018-04-07 11:08 - 2018-04-07 11:08 - 000000000 ____D C:\ProgramData\RogueKiller 2018-04-07 11:01 - 2018-04-09 08:28 - 000000000 ____D C:\AdwCleaner 2018-04-07 10:51 - 2018-04-07 10:51 - 000797760 _____ C:\Users\John\Downloads\delfix_1.013.exe 2018-04-07 10:49 - 2018-04-07 10:50 - 022640712 _____ (Adlice Software) C:\Users\John\Downloads\RogueKiller_portable32.exe 2018-04-07 10:49 - 2018-04-07 10:49 - 008222496 _____ (Malwarebytes) C:\Users\John\Downloads\AdwCleaner.exe 2018-04-07 10:44 - 2018-04-09 18:38 - 000000000 ____D C:\FRST 2018-04-07 10:44 - 2018-04-07 10:44 - 002403328 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe 2018-04-07 10:44 - 2018-04-07 10:44 - 000000790 _____ C:\Users\John\Downloads\Fixlog.txt 2018-04-07 10:40 - 2018-04-07 10:40 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\7D75A512.sys 2018-04-07 10:35 - 2018-04-07 11:04 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2018-04-06 23:03 - 2018-04-07 11:01 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2018-04-06 23:03 - 2018-04-07 10:36 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2018-04-06 23:03 - 2018-04-06 23:03 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\721107AC.sys 2018-04-06 23:02 - 2018-04-06 23:02 - 014161479 _____ C:\Users\John\Downloads\mbar-1.10.3.1001-nr.exe 2018-04-06 22:59 - 2018-04-06 22:59 - 000003638 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask 2018-04-06 22:58 - 2018-04-06 22:59 - 000000666 _____ C:\DelFix.txt 2018-04-05 15:46 - 2018-04-05 15:46 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2018-03-24 17:32 - 2018-03-24 17:32 - 000000000 ____D C:\Users\John\AppData\Roaming\Origin 2018-03-23 22:49 - 2018-04-08 21:10 - 000000000 ____D C:\Users\John\AppData\Local\wmcagent 2018-03-23 22:48 - 2018-04-09 18:38 - 000000000 ____D C:\Users\John\AppData\LocalLow\Mozilla 2018-03-23 22:48 - 2018-04-07 00:03 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-03-23 22:48 - 2018-04-07 00:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-03-23 22:48 - 2018-03-31 12:57 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-03-23 22:48 - 2018-03-23 22:53 - 000000000 ____D C:\Users\John\AppData\Local\Mozilla 2018-03-23 22:48 - 2018-03-23 22:48 - 000313544 _____ (Mozilla) C:\Users\John\Downloads\Firefox Installer.exe 2018-03-23 22:48 - 2018-03-23 22:48 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk 2018-03-23 22:34 - 2018-03-23 22:34 - 000000000 ____D C:\Users\John\AppData\Local\DBG 2018-03-19 06:02 - 2018-03-19 06:02 - 000000000 ___HD C:\$SysReset 2018-03-19 06:01 - 2018-03-19 06:46 - 000000000 _____ C:\Recovery.txt 2018-03-19 02:58 - 2018-03-19 02:58 - 000000000 ____D C:\Users\John\AppData\Roaming\Google 2018-03-19 02:56 - 2018-03-19 02:56 - 000000000 ____D C:\Users\John\AppData\Local\dsavowt 2018-03-19 02:53 - 2018-03-23 22:18 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-03-19 02:53 - 2018-03-19 02:53 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2018-03-19 02:53 - 2018-03-19 02:53 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2018-03-19 02:48 - 2018-03-19 02:48 - 000000000 ____D C:\Users\Admin\AppData\Local\raeksun 2018-03-19 02:48 - 2018-03-19 02:48 - 000000000 ____D C:\Users\Admin\AppData\Local\lmbovns 2018-03-19 01:23 - 2018-03-19 01:23 - 000000000 ____D C:\Users\Admin\AppData\Local\Comms 2018-03-19 01:13 - 2018-03-19 01:13 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2633733505-2947214174-3764764193-1004 2018-03-19 01:12 - 2018-03-19 01:13 - 000002772 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2018-03-19 01:12 - 2018-03-19 01:13 - 000002404 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-03-19 01:12 - 2018-03-19 01:13 - 000000000 ___RD C:\Users\Admin\OneDrive 2018-03-19 01:12 - 2018-03-19 01:12 - 000000000 ___HD C:\Users\Admin\MicrosoftEdgeBackups 2018-03-19 01:12 - 2018-03-19 01:12 - 000000000 ____D C:\Users\Admin\AppData\Local\MicrosoftEdge 2018-03-19 01:12 - 2018-03-19 01:12 - 000000000 ____D C:\Users\Admin\AppData\Local\Logitech 2018-03-19 01:12 - 2018-03-19 01:12 - 000000000 ____D C:\Users\Admin\AppData\Local\DBG 2018-03-19 01:12 - 2018-03-19 01:12 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps 2018-03-19 01:12 - 2018-03-19 01:12 - 000000000 ____D C:\Users\Admin\AppData\Local\cFos 2018-03-19 01:12 - 2018-03-19 01:12 - 000000000 ____D C:\Users\Admin\AppData\Local\CEF 2018-03-19 01:11 - 2018-03-19 01:13 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages 2018-03-19 01:11 - 2018-03-19 01:13 - 000000000 ____D C:\Users\Admin\AppData\Local\NVIDIA Corporation 2018-03-19 01:11 - 2018-03-19 01:12 - 000000000 ____D C:\Users\Admin 2018-03-19 01:11 - 2018-03-19 01:11 - 000002336 _____ C:\Users\Admin\Desktop\Google Chrome.lnk 2018-03-19 01:11 - 2018-03-19 01:11 - 000001428 __RSH C:\Users\Admin\ntuser.pol 2018-03-19 01:11 - 2018-03-19 01:11 - 000001332 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee WebAdvisor.lnk 2018-03-19 01:11 - 2018-03-19 01:11 - 000000020 ___SH C:\Users\Admin\ntuser.ini 2018-03-19 01:11 - 2018-03-19 01:11 - 000000000 ___RD C:\Users\Admin\3D Objects 2018-03-19 01:11 - 2018-03-19 01:11 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Adobe 2018-03-19 01:11 - 2018-03-19 01:11 - 000000000 ____D C:\Users\Admin\AppData\Local\VirtualStore 2018-03-19 01:11 - 2018-03-19 01:11 - 000000000 ____D C:\Users\Admin\AppData\Local\Publishers 2018-03-19 01:11 - 2018-03-19 01:11 - 000000000 ____D C:\Users\Admin\AppData\Local\NVIDIA 2018-03-19 01:11 - 2018-03-19 01:11 - 000000000 ____D C:\Users\Admin\AppData\Local\Google 2018-03-19 01:11 - 2018-03-19 01:11 - 000000000 ____D C:\Users\Admin\AppData\Local\ConnectedDevicesPlatform 2018-03-19 01:11 - 2017-06-24 12:56 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Macromedia 2018-03-19 01:11 - 2016-09-28 10:43 - 000002104 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2018-03-19 01:11 - 2011-04-12 04:28 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Media Center Programs 2018-03-19 01:07 - 2018-03-19 01:07 - 002527376 _____ (Trend Micro Inc.) C:\Users\John\Downloads\HousecallLauncher64.exe 2018-03-18 19:28 - 2018-03-18 19:32 - 000000000 ____D C:\temphb 2018-03-18 19:27 - 2018-03-18 19:28 - 005415920 _____ (Mohamad AbdelAzeem) C:\Users\John\Downloads\Hirens2BootableUSB2.3.1.exe 2018-03-18 19:24 - 2018-03-18 19:24 - 000967800 _____ (Akeo Consulting (hxxp://akeo.ie)) C:\Users\John\Downloads\rufus-2.18.exe 2018-03-18 19:20 - 2018-03-18 19:21 - 621283886 _____ C:\Users\John\Downloads\Hirens.BootCD.15.2.zip 2018-03-18 19:04 - 2018-03-18 19:04 - 000000085 _____ C:\WINDOWS\wininit.ini 2018-03-18 18:59 - 2018-03-18 18:59 - 000525151 _____ C:\Users\John\Downloads\TakeOwnershipEx.zip 2018-03-18 18:55 - 2017-02-05 20:55 - 000069120 _____ (FilExile) C:\WINDOWS\system32\FilExileExt.dll 2018-03-18 18:54 - 2018-03-18 18:54 - 000858688 _____ (FilExile Team ) C:\Users\John\Downloads\FilExilev3.00_Setup.exe 2018-03-18 16:42 - 2018-03-18 19:06 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2018-03-18 16:42 - 2018-03-18 19:04 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2018-03-18 16:42 - 2018-03-18 16:42 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking 2018-03-18 16:41 - 2018-03-18 16:41 - 051725936 _____ (Safer-Networking Ltd. ) C:\Users\John\Downloads\spybotsd-2.6.46.exe 2018-03-18 16:40 - 2018-03-18 16:40 - 005009935 _____ C:\Users\John\Downloads\spybot-s-d.zip 2018-03-18 16:38 - 2018-03-18 16:38 - 000228186 _____ C:\Users\John\Downloads\RootkitRevealer.zip 2018-03-18 16:34 - 2018-03-18 16:34 - 000000000 ____D C:\Users\John\AppData\Local\seixoua 2018-03-18 16:16 - 2018-03-18 16:16 - 000035228 _____ C:\Users\John\Downloads\USBFormat.zip 2018-03-18 15:59 - 2018-03-18 15:59 - 000001332 _____ C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee WebAdvisor.lnk 2018-03-17 17:15 - 2018-03-17 17:15 - 000002125 _____ C:\Users\Public\Desktop\McAfee Multi Access - Total Protection (PC).lnk 2018-03-17 17:15 - 2018-03-17 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2018-03-17 17:15 - 2017-10-09 23:14 - 000218336 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys 2018-03-17 17:14 - 2018-03-17 17:15 - 000000000 ____D C:\Program Files\McAfee 2018-03-17 17:14 - 2018-03-17 17:14 - 000000286 _____ C:\WINDOWS\Tasks\McAfeeLogon.job 2018-03-17 17:14 - 2018-03-17 17:14 - 000000000 ____D C:\Program Files\McAfee.com 2018-03-17 17:13 - 2018-03-23 22:17 - 000000000 ____D C:\Program Files (x86)\McAfee 2018-03-17 17:13 - 2018-03-17 17:13 - 000000262 _____ C:\WINDOWS\Tasks\McAfee Remediation (Prepare).job 2018-03-17 17:13 - 2018-03-17 17:13 - 000000000 ____D C:\Program Files\Common Files\AV 2018-03-17 17:11 - 2018-03-18 15:59 - 000000000 ____D C:\ProgramData\McAfee 2018-03-17 17:11 - 2018-03-17 17:15 - 000000000 ____D C:\Program Files\Common Files\McAfee 2018-03-17 17:11 - 2018-01-26 15:48 - 000475600 _____ (McAfee LLC) C:\WINDOWS\system32\mfevtps.exe 2018-03-17 16:53 - 2018-04-07 16:09 - 002888704 _____ C:\WINDOWS\system32\wdbnvtksvc.exe 2018-03-17 15:37 - 2018-03-17 15:37 - 000000000 ____D C:\SUPERDelete 2018-03-17 15:36 - 2018-03-18 19:04 - 000000000 ____D C:\Program Files\SUPERAntiSpyware 2018-03-17 15:25 - 2018-03-17 15:25 - 000000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA% 2018-03-17 15:03 - 2018-04-08 17:12 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2018-03-17 14:57 - 2018-04-06 23:39 - 000000000 ____D C:\Users\John\AppData\Local\tidmwkl 2018-03-17 14:53 - 2018-03-17 16:21 - 002888704 _____ C:\WINDOWS\system32\wdbnvtksvc_.exe 2018-03-17 14:53 - 2018-03-17 14:53 - 000000000 ____D C:\WINDOWS\SysWOW64\sndovzi 2018-03-17 14:53 - 2018-03-17 14:53 - 000000000 ____D C:\WINDOWS\system32\sndovzi 2018-03-17 14:53 - 2018-03-17 14:53 - 000000000 ____D C:\Users\John\AppData\Roaming\et 2018-03-17 14:52 - 2018-03-17 14:52 - 000003952 _____ C:\WINDOWS\System32\Tasks\molar-rosemount 2018-03-17 14:52 - 2018-03-17 14:52 - 000003944 _____ C:\WINDOWS\System32\Tasks\dirks flatbush 2018-03-17 14:52 - 2018-03-17 14:52 - 000003926 _____ C:\WINDOWS\System32\Tasks\elliott_fi 2018-03-17 14:52 - 2018-03-17 14:52 - 000003910 _____ C:\WINDOWS\System32\Tasks\vala 2018-03-17 14:52 - 2018-03-17 14:52 - 000003820 _____ C:\WINDOWS\System32\Tasks\Samolar-rosemountmolar-rosemount 2018-03-17 14:52 - 2018-03-17 14:52 - 000003810 _____ C:\WINDOWS\System32\Tasks\Sadirks flatbushdirks flatbush 2018-03-17 14:52 - 2018-03-17 14:52 - 000003786 _____ C:\WINDOWS\System32\Tasks\Saelliott_fielliott_fi 2018-03-17 14:52 - 2018-03-17 14:52 - 000003756 _____ C:\WINDOWS\System32\Tasks\Savalavala 2018-03-17 14:52 - 2018-03-17 14:52 - 000000012 _____ C:\WINDOWS\b31513833 2018-03-17 14:46 - 2018-03-17 16:16 - 000000000 ____D C:\Program Files (x86)\ManyCam 2018-03-17 10:35 - 2018-03-17 10:35 - 000002534 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk 2018-03-17 10:35 - 2018-03-17 10:35 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk 2018-03-13 21:21 - 2018-03-01 23:36 - 017085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2018-03-13 21:21 - 2018-03-01 23:02 - 000037888 _____ C:\WINDOWS\system32\SpectrumSyncClient.dll 2018-03-13 21:21 - 2018-03-01 23:01 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll 2018-03-13 21:21 - 2018-03-01 23:00 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll 2018-03-13 21:21 - 2018-03-01 23:00 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\svf.dll 2018-03-13 21:21 - 2018-03-01 23:00 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll 2018-03-13 21:21 - 2018-03-01 22:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe 2018-03-13 21:21 - 2018-03-01 16:28 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll 2018-03-13 21:21 - 2018-03-01 03:50 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2018-03-13 21:21 - 2018-03-01 03:49 - 000389536 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2018-03-13 21:21 - 2018-03-01 03:48 - 000664472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2018-03-13 21:21 - 2018-03-01 03:47 - 000749464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2018-03-13 21:21 - 2018-03-01 03:47 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2018-03-13 21:21 - 2018-03-01 03:46 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2018-03-13 21:21 - 2018-03-01 03:46 - 001568664 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2018-03-13 21:21 - 2018-03-01 03:46 - 000609176 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2018-03-13 21:21 - 2018-03-01 03:46 - 000138144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2018-03-13 21:21 - 2018-03-01 03:45 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll 2018-03-13 21:21 - 2018-03-01 03:40 - 002514936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2018-03-13 21:21 - 2018-03-01 03:40 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2018-03-13 21:21 - 2018-03-01 03:40 - 000273304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2018-03-13 21:21 - 2018-03-01 03:37 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2018-03-13 21:21 - 2018-03-01 03:31 - 008602520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2018-03-13 21:21 - 2018-03-01 03:30 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2018-03-13 21:21 - 2018-03-01 03:30 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe 2018-03-13 21:21 - 2018-03-01 03:29 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2018-03-13 21:21 - 2018-03-01 03:27 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2018-03-13 21:21 - 2018-03-01 03:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2018-03-13 21:21 - 2018-03-01 03:25 - 000377752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys 2018-03-13 21:21 - 2018-03-01 03:23 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2018-03-13 21:21 - 2018-03-01 03:19 - 000710768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2018-03-13 21:21 - 2018-03-01 03:17 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2018-03-13 21:21 - 2018-03-01 03:17 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2018-03-13 21:21 - 2018-03-01 03:17 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2018-03-13 21:21 - 2018-03-01 03:15 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2018-03-13 21:21 - 2018-03-01 03:14 - 007675784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2018-03-13 21:21 - 2018-03-01 03:14 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2018-03-13 21:21 - 2018-03-01 03:14 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthFWSnapin.dll 2018-03-13 21:21 - 2018-03-01 03:14 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2018-03-13 21:21 - 2018-03-01 03:14 - 000356952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2018-03-13 21:21 - 2018-03-01 03:14 - 000147872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2018-03-13 21:21 - 2018-03-01 03:14 - 000128928 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll 2018-03-13 21:21 - 2018-03-01 03:12 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2018-03-13 21:21 - 2018-03-01 03:12 - 000250264 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2018-03-13 21:21 - 2018-03-01 03:12 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll 2018-03-13 21:21 - 2018-03-01 03:11 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2018-03-13 21:21 - 2018-03-01 03:10 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2018-03-13 21:21 - 2018-03-01 03:10 - 000075168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll 2018-03-13 21:21 - 2018-03-01 03:10 - 000022936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys 2018-03-13 21:21 - 2018-03-01 03:09 - 001054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2018-03-13 21:21 - 2018-03-01 02:51 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2018-03-13 21:21 - 2018-03-01 02:48 - 001930736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2018-03-13 21:21 - 2018-03-01 02:39 - 000213400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2018-03-13 21:21 - 2018-03-01 02:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2018-03-13 21:21 - 2018-03-01 02:29 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2018-03-13 21:21 - 2018-03-01 02:29 - 000574960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll 2018-03-13 21:21 - 2018-03-01 02:28 - 006480616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2018-03-13 21:21 - 2018-03-01 02:28 - 002193168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2018-03-13 21:21 - 2018-03-01 02:28 - 000115096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll 2018-03-13 21:21 - 2018-03-01 02:27 - 000284112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2018-03-13 21:21 - 2018-03-01 02:27 - 000221592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll 2018-03-13 21:21 - 2018-03-01 02:26 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2018-03-13 21:21 - 2018-03-01 02:26 - 001057816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2018-03-13 21:21 - 2018-03-01 02:23 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthFWSnapin.dll 2018-03-13 21:21 - 2018-03-01 02:21 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2018-03-13 21:21 - 2018-03-01 02:09 - 025251840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2018-03-13 21:21 - 2018-03-01 02:03 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2018-03-13 21:21 - 2018-03-01 02:03 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll 2018-03-13 21:21 - 2018-03-01 02:03 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2018-03-13 21:21 - 2018-03-01 02:03 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll 2018-03-13 21:21 - 2018-03-01 02:03 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2018-03-13 21:21 - 2018-03-01 02:01 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2018-03-13 21:21 - 2018-03-01 02:01 - 006575616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2018-03-13 21:21 - 2018-03-01 02:01 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2018-03-13 21:21 - 2018-03-01 02:01 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll 2018-03-13 21:21 - 2018-03-01 02:00 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll 2018-03-13 21:21 - 2018-03-01 01:59 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll 2018-03-13 21:21 - 2018-03-01 01:58 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2018-03-13 21:21 - 2018-03-01 01:58 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2018-03-13 21:21 - 2018-03-01 01:58 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll 2018-03-13 21:21 - 2018-03-01 01:58 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2018-03-13 21:21 - 2018-03-01 01:57 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2018-03-13 21:21 - 2018-03-01 01:56 - 018922496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2018-03-13 21:21 - 2018-03-01 01:56 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2018-03-13 21:21 - 2018-03-01 01:55 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll 2018-03-13 21:21 - 2018-03-01 01:54 - 003664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2018-03-13 21:21 - 2018-03-01 01:54 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2018-03-13 21:21 - 2018-03-01 01:54 - 001296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2018-03-13 21:21 - 2018-03-01 01:54 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2018-03-13 21:21 - 2018-03-01 01:54 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2018-03-13 21:21 - 2018-03-01 01:54 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2018-03-13 21:21 - 2018-03-01 01:53 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2018-03-13 21:21 - 2018-03-01 01:53 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2018-03-13 21:21 - 2018-03-01 01:53 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2018-03-13 21:21 - 2018-03-01 01:53 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2018-03-13 21:21 - 2018-03-01 01:53 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll 2018-03-13 21:21 - 2018-03-01 01:53 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2018-03-13 21:21 - 2018-03-01 01:53 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll 2018-03-13 21:21 - 2018-03-01 01:53 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll 2018-03-13 21:21 - 2018-03-01 01:53 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll 2018-03-13 21:21 - 2018-03-01 01:53 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe 2018-03-13 21:21 - 2018-03-01 01:52 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2018-03-13 21:21 - 2018-03-01 01:52 - 006030336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2018-03-13 21:21 - 2018-03-01 01:51 - 002329088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll 2018-03-13 21:21 - 2018-03-01 01:51 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2018-03-13 21:21 - 2018-03-01 01:51 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2018-03-13 21:21 - 2018-03-01 01:51 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll 2018-03-13 21:21 - 2018-03-01 01:50 - 003677184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2018-03-13 21:21 - 2018-03-01 01:50 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2018-03-13 21:21 - 2018-03-01 01:50 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2018-03-13 21:21 - 2018-03-01 01:50 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll 2018-03-13 21:21 - 2018-03-01 01:50 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys 2018-03-13 21:21 - 2018-03-01 01:49 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2018-03-13 21:21 - 2018-03-01 01:49 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2018-03-13 21:21 - 2018-03-01 01:49 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll 2018-03-13 21:21 - 2018-03-01 01:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2018-03-13 21:21 - 2018-03-01 01:48 - 000543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll 2018-03-13 21:21 - 2018-03-01 01:48 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2018-03-13 21:21 - 2018-03-01 01:47 - 023674368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2018-03-13 21:21 - 2018-03-01 01:47 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll 2018-03-13 21:21 - 2018-03-01 01:47 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll 2018-03-13 21:21 - 2018-03-01 01:46 - 004051968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2018-03-13 21:21 - 2018-03-01 01:46 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2018-03-13 21:21 - 2018-03-01 01:46 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll 2018-03-13 21:21 - 2018-03-01 01:45 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2018-03-13 21:21 - 2018-03-01 01:45 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2018-03-13 21:21 - 2018-03-01 01:45 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll 2018-03-13 21:21 - 2018-03-01 01:44 - 008030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2018-03-13 21:21 - 2018-03-01 01:44 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2018-03-13 21:21 - 2018-03-01 01:43 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2018-03-13 21:21 - 2018-03-01 01:42 - 003505664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll 2018-03-13 21:21 - 2018-03-01 01:42 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2018-03-13 21:21 - 2018-03-01 01:41 - 008103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2018-03-13 21:21 - 2018-03-01 01:41 - 004745728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2018-03-13 21:21 - 2018-03-01 01:41 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2018-03-13 21:21 - 2018-03-01 01:41 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2018-03-13 21:21 - 2018-03-01 01:41 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2018-03-13 21:21 - 2018-03-01 01:40 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2018-03-13 21:21 - 2018-03-01 01:39 - 002222592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2018-03-13 21:21 - 2018-03-01 01:39 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2018-03-13 21:21 - 2018-03-01 01:39 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2018-03-13 21:21 - 2018-03-01 01:39 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll 2018-03-13 21:21 - 2018-03-01 01:38 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2018-03-13 21:21 - 2018-03-01 01:38 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2018-03-13 21:21 - 2018-03-01 01:36 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2018-03-13 21:21 - 2018-03-01 01:36 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll 2018-03-13 21:21 - 2018-03-01 01:35 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe 2018-03-13 21:21 - 2018-03-01 01:35 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll 2018-03-13 21:21 - 2018-03-01 01:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe 2018-03-13 21:21 - 2018-02-21 22:23 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2018-03-13 21:21 - 2018-02-21 22:23 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2018-03-13 21:21 - 2018-02-21 22:13 - 000279456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2018-03-13 21:21 - 2018-02-21 22:13 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2018-03-13 21:21 - 2018-02-21 22:11 - 000109984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys 2018-03-13 21:21 - 2018-02-21 22:10 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2018-03-13 21:21 - 2018-02-21 22:08 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2018-03-13 21:21 - 2018-02-21 22:08 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2018-03-13 21:21 - 2018-02-21 22:08 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2018-03-13 21:21 - 2018-02-21 22:07 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2018-03-13 21:21 - 2018-02-21 22:07 - 001209248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2018-03-13 21:21 - 2018-02-21 22:07 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys 2018-03-13 21:21 - 2018-02-21 22:03 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2018-03-13 21:21 - 2018-02-21 22:03 - 000082848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys 2018-03-13 21:21 - 2018-02-21 22:02 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys 2018-03-13 21:21 - 2018-02-21 22:00 - 000187296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2018-03-13 21:21 - 2018-02-21 21:59 - 021351624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2018-03-13 21:21 - 2018-02-21 21:54 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2018-03-13 21:21 - 2018-02-21 21:52 - 000103328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2018-03-13 21:21 - 2018-02-21 21:51 - 000555424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2018-03-13 21:21 - 2018-02-21 21:51 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys 2018-03-13 21:21 - 2018-02-21 21:51 - 000045472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys 2018-03-13 21:21 - 2018-02-21 21:50 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2018-03-13 21:21 - 2018-02-21 21:50 - 000229272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2018-03-13 21:21 - 2018-02-21 20:41 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2018-03-13 21:21 - 2018-02-21 20:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys 2018-03-13 21:21 - 2018-02-21 20:30 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys 2018-03-13 21:21 - 2018-02-21 20:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys 2018-03-13 21:21 - 2018-02-21 20:30 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys 2018-03-13 21:21 - 2018-02-21 20:27 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2018-03-13 21:21 - 2018-02-21 20:25 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll 2018-03-13 21:21 - 2018-02-21 20:16 - 001286144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2018-03-13 21:21 - 2018-02-21 20:12 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll 2018-03-13 21:21 - 2018-02-10 02:21 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll 2018-03-13 21:21 - 2018-02-10 02:20 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2018-03-13 21:21 - 2018-02-10 02:19 - 001133888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll 2018-03-13 21:21 - 2018-02-10 02:18 - 001193192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll 2018-03-13 21:21 - 2018-02-10 02:18 - 000319864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll 2018-03-13 21:21 - 2018-02-10 02:18 - 000098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe 2018-03-13 21:21 - 2018-02-10 02:18 - 000022400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll 2018-03-13 21:21 - 2018-02-10 02:16 - 002406456 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2018-03-13 21:21 - 2018-02-10 02:16 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2018-03-13 21:21 - 2018-02-10 02:15 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2018-03-13 21:21 - 2018-02-10 02:15 - 000471968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2018-03-13 21:21 - 2018-02-10 02:14 - 004504464 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2018-03-13 21:21 - 2018-02-10 02:14 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2018-03-13 21:21 - 2018-02-10 02:14 - 001002592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2018-03-13 21:21 - 2018-02-10 02:13 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2018-03-13 21:21 - 2018-02-10 02:13 - 000535960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2018-03-13 21:21 - 2018-02-10 02:13 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2018-03-13 21:21 - 2018-02-10 02:12 - 004537040 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll 2018-03-13 21:21 - 2018-02-10 02:12 - 001313016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe 2018-03-13 21:21 - 2018-02-10 02:12 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2018-03-13 21:21 - 2018-02-10 02:11 - 001029528 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2018-03-13 21:21 - 2018-02-10 02:11 - 000711432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2018-03-13 21:21 - 2018-02-10 02:10 - 002447768 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2018-03-13 21:21 - 2018-02-10 02:10 - 000614160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll 2018-03-13 21:21 - 2018-02-10 02:10 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2018-03-13 21:21 - 2018-02-10 02:10 - 000154520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2018-03-13 21:21 - 2018-02-10 02:09 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2018-03-13 21:21 - 2018-02-10 02:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2018-03-13 21:21 - 2018-02-10 02:09 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2018-03-13 21:21 - 2018-02-10 02:09 - 000491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2018-03-13 21:21 - 2018-02-10 02:08 - 003010248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2018-03-13 21:21 - 2018-02-10 02:08 - 000687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2018-03-13 21:21 - 2018-02-10 02:08 - 000398824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2018-03-13 21:21 - 2018-02-10 02:08 - 000096200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll 2018-03-13 21:21 - 2018-02-10 02:08 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2018-03-13 21:21 - 2018-02-10 02:07 - 004506576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2018-03-13 21:21 - 2018-02-10 02:07 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2018-03-13 21:21 - 2018-02-10 02:07 - 000436632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2018-03-13 21:21 - 2018-02-10 02:06 - 004486904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2018-03-13 21:21 - 2018-02-10 02:06 - 000824896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2018-03-13 21:21 - 2018-02-10 02:06 - 000819096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2018-03-13 21:21 - 2018-02-10 02:06 - 000727448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2018-03-13 21:21 - 2018-02-10 02:06 - 000594048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2018-03-13 21:21 - 2018-02-10 02:06 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2018-03-13 21:21 - 2018-02-10 02:06 - 000100248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2018-03-13 21:21 - 2018-02-10 02:06 - 000087384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll 2018-03-13 21:21 - 2018-02-10 02:05 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2018-03-13 21:21 - 2018-02-10 02:05 - 000413888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2018-03-13 21:21 - 2018-02-10 02:05 - 000070856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2018-03-13 21:21 - 2018-02-10 02:04 - 006791984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2018-03-13 21:21 - 2018-02-10 02:04 - 001778584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2018-03-13 21:21 - 2018-02-10 02:04 - 001628056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2018-03-13 21:21 - 2018-02-10 02:04 - 001430760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2018-03-13 21:21 - 2018-02-10 02:04 - 001426672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2018-03-13 21:21 - 2018-02-10 02:04 - 001254144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2018-03-13 21:21 - 2018-02-10 02:04 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2018-03-13 21:21 - 2018-02-10 02:04 - 000614296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2018-03-13 21:21 - 2018-02-10 02:04 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2018-03-13 21:21 - 2018-02-10 02:04 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe 2018-03-13 21:21 - 2018-02-10 02:04 - 000339872 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll 2018-03-13 21:21 - 2018-02-10 02:04 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2018-03-13 21:21 - 2018-02-10 02:04 - 000212880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2018-03-13 21:21 - 2018-02-10 02:03 - 001619808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2018-03-13 21:21 - 2018-02-10 02:03 - 000849304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll 2018-03-13 21:21 - 2018-02-10 02:03 - 000722616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2018-03-13 21:21 - 2018-02-10 02:03 - 000706600 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2018-03-13 21:21 - 2018-02-10 02:03 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll 2018-03-13 21:21 - 2018-02-10 02:03 - 000098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll 2018-03-13 21:21 - 2018-02-10 02:02 - 002773400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2018-03-13 21:21 - 2018-02-10 02:02 - 002220952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2018-03-13 21:21 - 2018-02-10 02:02 - 001420696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2018-03-13 21:21 - 2018-02-10 02:02 - 001103768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2018-03-13 21:21 - 2018-02-10 02:02 - 000831384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2018-03-13 21:21 - 2018-02-10 02:02 - 000813976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll 2018-03-13 21:21 - 2018-02-10 02:02 - 000744856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll 2018-03-13 21:21 - 2018-02-10 02:02 - 000670104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2018-03-13 21:21 - 2018-02-10 02:02 - 000645528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2018-03-13 21:21 - 2018-02-10 02:02 - 000628632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll 2018-03-13 21:21 - 2018-02-10 02:02 - 000617304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2018-03-13 21:21 - 2018-02-10 02:02 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll 2018-03-13 21:21 - 2018-02-10 02:02 - 000397720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll 2018-03-13 21:21 - 2018-02-10 02:02 - 000231320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe 2018-03-13 21:21 - 2018-02-10 02:02 - 000040352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClientPS.dll 2018-03-13 21:21 - 2018-02-10 01:21 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2018-03-13 21:21 - 2018-02-10 01:18 - 001384288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll 2018-03-13 21:21 - 2018-02-10 01:18 - 000022424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll 2018-03-13 21:21 - 2018-02-10 01:17 - 002255112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2018-03-13 21:21 - 2018-02-10 01:17 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2018-03-13 21:21 - 2018-02-10 01:17 - 000542856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll 2018-03-13 21:21 - 2018-02-10 01:15 - 001145624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2018-03-13 21:21 - 2018-02-10 01:12 - 004382032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll 2018-03-13 21:21 - 2018-02-10 01:11 - 001250528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe 2018-03-13 21:21 - 2018-02-10 01:10 - 000422592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2018-03-13 21:21 - 2018-02-10 01:09 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2018-03-13 21:21 - 2018-02-10 01:09 - 002338776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2018-03-13 21:21 - 2018-02-10 01:09 - 001123456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2018-03-13 21:21 - 2018-02-10 01:09 - 000559976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll 2018-03-13 21:21 - 2018-02-10 01:09 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2018-03-13 21:21 - 2018-02-10 01:08 - 003980720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2018-03-13 21:21 - 2018-02-10 01:08 - 000592792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll 2018-03-13 21:21 - 2018-02-10 01:07 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2018-03-13 21:21 - 2018-02-10 01:07 - 000527864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll 2018-03-13 21:21 - 2018-02-10 01:07 - 000123808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2018-03-13 21:21 - 2018-02-10 01:07 - 000089504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll 2018-03-13 21:21 - 2018-02-10 01:07 - 000083216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll 2018-03-13 21:21 - 2018-02-10 01:07 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2018-03-13 21:21 - 2018-02-10 01:06 - 006014688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2018-03-13 21:21 - 2018-02-10 01:06 - 004670728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2018-03-13 21:21 - 2018-02-10 01:06 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2018-03-13 21:21 - 2018-02-10 01:05 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2018-03-13 21:21 - 2018-02-10 01:05 - 001149272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2018-03-13 21:21 - 2018-02-10 01:05 - 000718232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll 2018-03-13 21:21 - 2018-02-10 01:05 - 000662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2018-03-13 21:21 - 2018-02-10 01:05 - 000654456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll 2018-03-13 21:21 - 2018-02-10 01:05 - 000551672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2018-03-13 21:21 - 2018-02-10 01:05 - 000386424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2018-03-13 21:21 - 2018-02-10 01:05 - 000193248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll 2018-03-13 21:21 - 2018-02-10 01:05 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2018-03-13 21:21 - 2018-02-10 01:05 - 000079256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll 2018-03-13 21:21 - 2018-02-10 01:05 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe 2018-03-13 21:21 - 2018-02-10 01:05 - 000074992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll 2018-03-13 21:21 - 2018-02-10 01:04 - 001491352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2018-03-13 21:21 - 2018-02-10 01:04 - 000027032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVClientPS.dll 2018-03-13 21:21 - 2018-02-10 01:03 - 000505160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll 2018-03-13 21:21 - 2018-02-10 00:50 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2018-03-13 21:21 - 2018-02-10 00:50 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2018-03-13 21:21 - 2018-02-10 00:49 - 001664512 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2018-03-13 21:21 - 2018-02-10 00:49 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys 2018-03-13 21:21 - 2018-02-10 00:49 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll 2018-03-13 21:21 - 2018-02-10 00:49 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe 2018-03-13 21:21 - 2018-02-10 00:48 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2018-03-13 21:21 - 2018-02-10 00:48 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys 2018-03-13 21:21 - 2018-02-10 00:48 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll 2018-03-13 21:21 - 2018-02-10 00:47 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2018-03-13 21:21 - 2018-02-10 00:47 - 013704192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2018-03-13 21:21 - 2018-02-10 00:47 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe 2018-03-13 21:21 - 2018-02-10 00:47 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll 2018-03-13 21:21 - 2018-02-10 00:47 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2018-03-13 21:21 - 2018-02-10 00:47 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll 2018-03-13 21:21 - 2018-02-10 00:47 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll 2018-03-13 21:21 - 2018-02-10 00:47 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2018-03-13 21:21 - 2018-02-10 00:47 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2018-03-13 21:21 - 2018-02-10 00:46 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll 2018-03-13 21:21 - 2018-02-10 00:46 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2018-03-13 21:21 - 2018-02-10 00:46 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll 2018-03-13 21:21 - 2018-02-10 00:46 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys 2018-03-13 21:21 - 2018-02-10 00:46 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll 2018-03-13 21:21 - 2018-02-10 00:46 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll 2018-03-13 21:21 - 2018-02-10 00:46 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2018-03-13 21:21 - 2018-02-10 00:46 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll 2018-03-13 21:21 - 2018-02-10 00:46 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2018-03-13 21:21 - 2018-02-10 00:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe 2018-03-13 21:21 - 2018-02-10 00:46 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCShellCommonProxyStub.dll 2018-03-13 21:21 - 2018-02-10 00:46 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe 2018-03-13 21:21 - 2018-02-10 00:45 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2018-03-13 21:21 - 2018-02-10 00:45 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll 2018-03-13 21:21 - 2018-02-10 00:45 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll 2018-03-13 21:21 - 2018-02-10 00:45 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll 2018-03-13 21:21 - 2018-02-10 00:45 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2018-03-13 21:21 - 2018-02-10 00:45 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2018-03-13 21:21 - 2018-02-10 00:45 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll 2018-03-13 21:21 - 2018-02-10 00:45 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll 2018-03-13 21:21 - 2018-02-10 00:45 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EnterpriseAppMgmtClient.dll 2018-03-13 21:21 - 2018-02-10 00:44 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2018-03-13 21:21 - 2018-02-10 00:44 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe 2018-03-13 21:21 - 2018-02-10 00:44 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll 2018-03-13 21:21 - 2018-02-10 00:44 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll 2018-03-13 21:21 - 2018-02-10 00:44 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2018-03-13 21:21 - 2018-02-10 00:44 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll 2018-03-13 21:21 - 2018-02-10 00:44 - 000302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 2018-03-13 21:21 - 2018-02-10 00:44 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2018-03-13 21:21 - 2018-02-10 00:44 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2018-03-13 21:21 - 2018-02-10 00:44 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2018-03-13 21:21 - 2018-02-10 00:44 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll 2018-03-13 21:21 - 2018-02-10 00:44 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll 2018-03-13 21:21 - 2018-02-10 00:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2018-03-13 21:21 - 2018-02-10 00:43 - 006466560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2018-03-13 21:21 - 2018-02-10 00:43 - 003756032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll 2018-03-13 21:21 - 2018-02-10 00:43 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll 2018-03-13 21:21 - 2018-02-10 00:43 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2018-03-13 21:21 - 2018-02-10 00:43 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2018-03-13 21:21 - 2018-02-10 00:43 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2018-03-13 21:21 - 2018-02-10 00:43 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2018-03-13 21:21 - 2018-02-10 00:43 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2018-03-13 21:21 - 2018-02-10 00:43 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll 2018-03-13 21:21 - 2018-02-10 00:43 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2018-03-13 21:21 - 2018-02-10 00:43 - 000247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll 2018-03-13 21:21 - 2018-02-10 00:43 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll 2018-03-13 21:21 - 2018-02-10 00:43 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppManagementConfiguration.dll 2018-03-13 21:21 - 2018-02-10 00:43 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll 2018-03-13 21:21 - 2018-02-10 00:43 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll 2018-03-13 21:21 - 2018-02-10 00:43 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll 2018-03-13 21:21 - 2018-02-10 00:43 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCShellCommonProxyStub.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 001113600 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2018-03-13 21:21 - 2018-02-10 00:42 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe 2018-03-13 21:21 - 2018-02-10 00:42 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2018-03-13 21:21 - 2018-02-10 00:42 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2018-03-13 21:21 - 2018-02-10 00:42 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll 2018-03-13 21:21 - 2018-02-10 00:42 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvr32.exe 2018-03-13 21:21 - 2018-02-10 00:41 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2018-03-13 21:21 - 2018-02-10 00:41 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2018-03-13 21:21 - 2018-02-10 00:41 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2018-03-13 21:21 - 2018-02-10 00:41 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2018-03-13 21:21 - 2018-02-10 00:41 - 000721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2018-03-13 21:21 - 2018-02-10 00:41 - 000504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2018-03-13 21:21 - 2018-02-10 00:41 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll 2018-03-13 21:21 - 2018-02-10 00:41 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll 2018-03-13 21:21 - 2018-02-10 00:41 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2018-03-13 21:21 - 2018-02-10 00:41 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2018-03-13 21:21 - 2018-02-10 00:41 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2018-03-13 21:21 - 2018-02-10 00:41 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2018-03-13 21:21 - 2018-02-10 00:41 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll 2018-03-13 21:21 - 2018-02-10 00:41 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll 2018-03-13 21:21 - 2018-02-10 00:41 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppManagementConfiguration.dll 2018-03-13 21:21 - 2018-02-10 00:41 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll 2018-03-13 21:21 - 2018-02-10 00:41 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 004498432 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2018-03-13 21:21 - 2018-02-10 00:40 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 001234432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 001002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2018-03-13 21:21 - 2018-02-10 00:40 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 000800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl 2018-03-13 21:21 - 2018-02-10 00:40 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl 2018-03-13 21:21 - 2018-02-10 00:40 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll 2018-03-13 21:21 - 2018-02-10 00:40 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll 2018-03-13 21:21 - 2018-02-10 00:39 - 005500928 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2018-03-13 21:21 - 2018-02-10 00:39 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2018-03-13 21:21 - 2018-02-10 00:39 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2018-03-13 21:21 - 2018-02-10 00:39 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2018-03-13 21:21 - 2018-02-10 00:39 - 002677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2018-03-13 21:21 - 2018-02-10 00:39 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll 2018-03-13 21:21 - 2018-02-10 00:39 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2018-03-13 21:21 - 2018-02-10 00:39 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll 2018-03-13 21:21 - 2018-02-10 00:39 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll 2018-03-13 21:21 - 2018-02-10 00:39 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2018-03-13 21:21 - 2018-02-10 00:39 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll 2018-03-13 21:21 - 2018-02-10 00:39 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2018-03-13 21:21 - 2018-02-10 00:39 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll 2018-03-13 21:21 - 2018-02-10 00:39 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll 2018-03-13 21:21 - 2018-02-10 00:39 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll 2018-03-13 21:21 - 2018-02-10 00:39 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2018-03-13 21:21 - 2018-02-10 00:39 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysdm.cpl 2018-03-13 21:21 - 2018-02-10 00:39 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll 2018-03-13 21:21 - 2018-02-10 00:39 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll 2018-03-13 21:21 - 2018-02-10 00:39 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe 2018-03-13 21:21 - 2018-02-10 00:38 - 006722560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe 2018-03-13 21:21 - 2018-02-10 00:38 - 004815360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 003169280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 003125760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 002184192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 002082304 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2018-03-13 21:21 - 2018-02-10 00:38 - 001968640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 001228800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2018-03-13 21:21 - 2018-02-10 00:38 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 000885248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl 2018-03-13 21:21 - 2018-02-10 00:38 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2018-03-13 21:21 - 2018-02-10 00:38 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2018-03-13 21:21 - 2018-02-10 00:38 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll 2018-03-13 21:21 - 2018-02-10 00:37 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2018-03-13 21:21 - 2018-02-10 00:37 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2018-03-13 21:21 - 2018-02-10 00:37 - 003419136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2018-03-13 21:21 - 2018-02-10 00:37 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll 2018-03-13 21:21 - 2018-02-10 00:37 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2018-03-13 21:21 - 2018-02-10 00:37 - 002523648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll 2018-03-13 21:21 - 2018-02-10 00:37 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2018-03-13 21:21 - 2018-02-10 00:37 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2018-03-13 21:21 - 2018-02-10 00:37 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll 2018-03-13 21:21 - 2018-02-10 00:37 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll 2018-03-13 21:21 - 2018-02-10 00:37 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll 2018-03-13 21:21 - 2018-02-10 00:37 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2018-03-13 21:21 - 2018-02-10 00:37 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll 2018-03-13 21:21 - 2018-02-10 00:37 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2018-03-13 21:21 - 2018-02-10 00:37 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe 2018-03-13 21:21 - 2018-02-10 00:37 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll 2018-03-13 21:21 - 2018-02-10 00:36 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2018-03-13 21:21 - 2018-02-10 00:36 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2018-03-13 21:21 - 2018-02-10 00:36 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll 2018-03-13 21:21 - 2018-02-10 00:36 - 001759744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2018-03-13 21:21 - 2018-02-10 00:36 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2018-03-13 21:21 - 2018-02-10 00:36 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2018-03-13 21:21 - 2018-02-10 00:36 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll 2018-03-13 21:21 - 2018-02-10 00:36 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2018-03-13 21:21 - 2018-02-10 00:36 - 000915968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2018-03-13 21:21 - 2018-02-10 00:36 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2018-03-13 21:21 - 2018-02-10 00:36 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2018-03-13 21:21 - 2018-02-10 00:36 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2018-03-13 21:21 - 2018-02-10 00:36 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll 2018-03-13 21:21 - 2018-02-10 00:36 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll 2018-03-13 21:21 - 2018-02-10 00:36 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll 2018-03-13 21:21 - 2018-02-10 00:36 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2018-03-13 21:21 - 2018-02-10 00:36 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll 2018-03-13 21:21 - 2018-02-10 00:35 - 005388800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2018-03-13 21:21 - 2018-02-10 00:35 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2018-03-13 21:21 - 2018-02-10 00:35 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll 2018-03-13 21:21 - 2018-02-10 00:35 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll 2018-03-13 21:21 - 2018-02-10 00:35 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2018-03-13 21:21 - 2018-02-10 00:35 - 002013184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2018-03-13 21:21 - 2018-02-10 00:35 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2018-03-13 21:21 - 2018-02-10 00:35 - 000943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll 2018-03-13 21:21 - 2018-02-10 00:35 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll 2018-03-13 21:21 - 2018-02-10 00:35 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll 2018-03-13 21:21 - 2018-02-10 00:35 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2018-03-13 21:21 - 2018-02-10 00:35 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2018-03-13 21:21 - 2018-02-10 00:35 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2018-03-13 21:21 - 2018-02-10 00:35 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll 2018-03-13 21:21 - 2018-02-10 00:35 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2018-03-13 21:21 - 2018-02-10 00:35 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2018-03-13 21:21 - 2018-02-10 00:35 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll 2018-03-13 21:21 - 2018-02-10 00:35 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2018-03-13 21:21 - 2018-02-10 00:35 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll 2018-03-13 21:21 - 2018-02-10 00:35 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll 2018-03-13 21:21 - 2018-02-10 00:34 - 006532096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2018-03-13 21:21 - 2018-02-10 00:34 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2018-03-13 21:21 - 2018-02-10 00:34 - 002983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll 2018-03-13 21:21 - 2018-02-10 00:34 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL 2018-03-13 21:21 - 2018-02-10 00:34 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2018-03-13 21:21 - 2018-02-10 00:34 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL 2018-03-13 21:21 - 2018-02-10 00:34 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.ProxyStub.dll 2018-03-13 21:21 - 2018-02-10 00:33 - 001936384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe 2018-03-13 21:21 - 2018-02-10 00:33 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll 2018-03-13 21:21 - 2018-02-10 00:33 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2018-03-13 21:21 - 2018-02-10 00:33 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2018-03-13 21:21 - 2018-02-10 00:33 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2018-03-13 21:21 - 2018-02-10 00:33 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll 2018-03-13 21:21 - 2018-02-10 00:33 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll 2018-03-13 21:21 - 2018-02-10 00:33 - 000604672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll 2018-03-13 21:21 - 2018-02-10 00:33 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll 2018-03-13 21:21 - 2018-02-10 00:33 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll 2018-03-13 21:21 - 2018-02-10 00:33 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe 2018-03-13 21:21 - 2018-02-10 00:33 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll 2018-03-13 21:21 - 2018-02-10 00:33 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2018-03-13 21:21 - 2018-02-10 00:33 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll 2018-03-13 21:21 - 2018-02-10 00:32 - 002427904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll 2018-03-13 21:21 - 2018-02-10 00:32 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL 2018-03-13 21:21 - 2018-02-10 00:32 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL 2018-03-13 21:21 - 2018-02-10 00:32 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys 2018-03-13 21:21 - 2018-02-10 00:32 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.ProxyStub.dll 2018-03-13 21:21 - 2018-02-10 00:31 - 001488896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe 2018-03-13 21:21 - 2018-02-10 00:31 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll 2018-03-13 21:21 - 2018-02-10 00:31 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll 2018-03-13 21:21 - 2018-02-10 00:31 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll 2018-03-13 21:21 - 2018-02-10 00:31 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll 2018-03-13 21:21 - 2018-02-09 22:59 - 000804240 _____ C:\WINDOWS\SysWOW64\locale.nls 2018-03-13 21:21 - 2018-02-09 22:59 - 000804240 _____ C:\WINDOWS\system32\locale.nls 2018-03-13 21:21 - 2018-02-08 23:35 - 004959688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll 2018-03-13 21:21 - 2018-02-08 23:35 - 001234888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll 2018-03-13 21:21 - 2018-02-08 23:35 - 001002952 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll 2018-03-13 21:21 - 2018-02-08 23:35 - 000892872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll 2018-03-13 21:21 - 2018-02-08 23:35 - 000065992 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll 2018-03-13 21:21 - 2018-02-01 23:36 - 003903944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll 2018-03-13 21:21 - 2018-02-01 23:36 - 000921032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll 2018-03-13 21:21 - 2018-02-01 23:36 - 000854976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll 2018-03-13 21:21 - 2018-02-01 23:36 - 000649672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll 2018-03-13 21:21 - 2018-02-01 23:36 - 000054720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll 2018-03-13 21:21 - 2018-01-01 08:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll 2018-03-13 21:21 - 2018-01-01 08:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll 2018-03-13 21:21 - 2018-01-01 08:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys 2018-03-13 21:21 - 2018-01-01 08:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2018-03-13 21:21 - 2018-01-01 08:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2018-03-13 21:21 - 2018-01-01 08:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2018-03-13 21:21 - 2018-01-01 08:48 - 000382360 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2018-03-13 21:21 - 2018-01-01 08:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2018-03-13 21:21 - 2018-01-01 08:46 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2018-03-13 21:21 - 2018-01-01 08:45 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys 2018-03-13 21:21 - 2018-01-01 08:43 - 000367336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2018-03-13 21:21 - 2018-01-01 08:43 - 000062872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys 2018-03-13 21:21 - 2018-01-01 08:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2018-03-13 21:21 - 2018-01-01 08:41 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2018-03-13 21:21 - 2018-01-01 08:41 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2018-03-13 21:21 - 2018-01-01 08:39 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2018-03-13 21:21 - 2018-01-01 08:39 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2018-03-13 21:21 - 2018-01-01 08:39 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys 2018-03-13 21:21 - 2018-01-01 08:38 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys 2018-03-13 21:21 - 2018-01-01 08:37 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe 2018-03-13 21:21 - 2018-01-01 08:36 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2018-03-13 21:21 - 2018-01-01 08:36 - 000113560 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll 2018-03-13 21:21 - 2018-01-01 08:36 - 000057752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys 2018-03-13 21:21 - 2018-01-01 08:34 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2018-03-13 21:21 - 2018-01-01 08:27 - 000163736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2018-03-13 21:21 - 2018-01-01 08:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2018-03-13 21:21 - 2018-01-01 08:26 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys 2018-03-13 21:21 - 2018-01-01 08:25 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2018-03-13 21:21 - 2018-01-01 08:06 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2018-03-13 21:21 - 2018-01-01 08:03 - 000650328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2018-03-13 21:21 - 2018-01-01 08:03 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2018-03-13 21:21 - 2018-01-01 08:03 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2018-03-13 21:21 - 2018-01-01 07:49 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2018-03-13 21:21 - 2018-01-01 07:49 - 000258808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll 2018-03-13 21:21 - 2018-01-01 07:46 - 000289816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2018-03-13 21:21 - 2018-01-01 07:45 - 000450928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2018-03-13 21:21 - 2018-01-01 07:42 - 001003152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2018-03-13 21:21 - 2018-01-01 07:34 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2018-03-13 21:21 - 2018-01-01 07:25 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2018-03-13 21:21 - 2018-01-01 07:25 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe 2018-03-13 21:21 - 2018-01-01 07:24 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboutSettingsHandlers.dll 2018-03-13 21:21 - 2018-01-01 07:24 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2018-03-13 21:21 - 2018-01-01 07:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2018-03-13 21:21 - 2018-01-01 07:24 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2018-03-13 21:21 - 2018-01-01 07:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2018-03-13 21:21 - 2018-01-01 07:23 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2018-03-13 21:21 - 2018-01-01 07:23 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2018-03-13 21:21 - 2018-01-01 07:23 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys 2018-03-13 21:21 - 2018-01-01 07:23 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2018-03-13 21:21 - 2018-01-01 07:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll 2018-03-13 21:21 - 2018-01-01 07:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2018-03-13 21:21 - 2018-01-01 07:22 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys 2018-03-13 21:21 - 2018-01-01 07:22 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll 2018-03-13 21:21 - 2018-01-01 07:21 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys 2018-03-13 21:21 - 2018-01-01 07:21 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll 2018-03-13 21:21 - 2018-01-01 07:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll 2018-03-13 21:21 - 2018-01-01 07:21 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys 2018-03-13 21:21 - 2018-01-01 07:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys 2018-03-13 21:21 - 2018-01-01 07:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys 2018-03-13 21:21 - 2018-01-01 07:21 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll 2018-03-13 21:21 - 2018-01-01 07:20 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll 2018-03-13 21:21 - 2018-01-01 07:20 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll 2018-03-13 21:21 - 2018-01-01 07:20 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2018-03-13 21:21 - 2018-01-01 07:20 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll 2018-03-13 21:21 - 2018-01-01 07:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2018-03-13 21:21 - 2018-01-01 07:20 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll 2018-03-13 21:21 - 2018-01-01 07:20 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2018-03-13 21:21 - 2018-01-01 07:20 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll 2018-03-13 21:21 - 2018-01-01 07:20 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll 2018-03-13 21:21 - 2018-01-01 07:19 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll 2018-03-13 21:21 - 2018-01-01 07:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2018-03-13 21:21 - 2018-01-01 07:19 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2018-03-13 21:21 - 2018-01-01 07:19 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2018-03-13 21:21 - 2018-01-01 07:19 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2018-03-13 21:21 - 2018-01-01 07:19 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll 2018-03-13 21:21 - 2018-01-01 07:19 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2018-03-13 21:21 - 2018-01-01 07:19 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2018-03-13 21:21 - 2018-01-01 07:19 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll 2018-03-13 21:21 - 2018-01-01 07:19 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll 2018-03-13 21:21 - 2018-01-01 07:19 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2018-03-13 21:21 - 2018-01-01 07:19 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msoert2.dll 2018-03-13 21:21 - 2018-01-01 07:19 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2018-03-13 21:21 - 2018-01-01 07:18 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2018-03-13 21:21 - 2018-01-01 07:18 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2018-03-13 21:21 - 2018-01-01 07:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2018-03-13 21:21 - 2018-01-01 07:18 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll 2018-03-13 21:21 - 2018-01-01 07:18 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2018-03-13 21:21 - 2018-01-01 07:18 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2018-03-13 21:21 - 2018-01-01 07:18 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2018-03-13 21:21 - 2018-01-01 07:18 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll 2018-03-13 21:21 - 2018-01-01 07:18 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll 2018-03-13 21:21 - 2018-01-01 07:18 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2018-03-13 21:21 - 2018-01-01 07:18 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll 2018-03-13 21:21 - 2018-01-01 07:18 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2018-03-13 21:21 - 2018-01-01 07:18 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll 2018-03-13 21:21 - 2018-01-01 07:18 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll 2018-03-13 21:21 - 2018-01-01 07:18 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2018-03-13 21:21 - 2018-01-01 07:18 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2018-03-13 21:21 - 2018-01-01 07:17 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll 2018-03-13 21:21 - 2018-01-01 07:17 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2018-03-13 21:21 - 2018-01-01 07:17 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2018-03-13 21:21 - 2018-01-01 07:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2018-03-13 21:21 - 2018-01-01 07:17 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2018-03-13 21:21 - 2018-01-01 07:17 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll 2018-03-13 21:21 - 2018-01-01 07:17 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll 2018-03-13 21:21 - 2018-01-01 07:17 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msoert2.dll 2018-03-13 21:21 - 2018-01-01 07:16 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2018-03-13 21:21 - 2018-01-01 07:16 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll 2018-03-13 21:21 - 2018-01-01 07:16 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2018-03-13 21:21 - 2018-01-01 07:16 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2018-03-13 21:21 - 2018-01-01 07:15 - 012687872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2018-03-13 21:21 - 2018-01-01 07:15 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll 2018-03-13 21:21 - 2018-01-01 07:15 - 001381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll 2018-03-13 21:21 - 2018-01-01 07:15 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2018-03-13 21:21 - 2018-01-01 07:15 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2018-03-13 21:21 - 2018-01-01 07:15 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2018-03-13 21:21 - 2018-01-01 07:15 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2018-03-13 21:21 - 2018-01-01 07:15 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll 2018-03-13 21:21 - 2018-01-01 07:15 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2018-03-13 21:21 - 2018-01-01 07:14 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll 2018-03-13 21:21 - 2018-01-01 07:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2018-03-13 21:21 - 2018-01-01 07:14 - 000870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2018-03-13 21:21 - 2018-01-01 07:13 - 013657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2018-03-13 21:21 - 2018-01-01 07:13 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll 2018-03-13 21:21 - 2018-01-01 07:13 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2018-03-13 21:21 - 2018-01-01 07:12 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2018-03-13 21:21 - 2018-01-01 07:12 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2018-03-13 21:21 - 2018-01-01 07:12 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2018-03-13 21:21 - 2018-01-01 07:12 - 000760320 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2018-03-13 21:21 - 2018-01-01 07:11 - 001955328 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll 2018-03-13 21:21 - 2018-01-01 07:11 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2018-03-13 21:21 - 2018-01-01 07:11 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2018-03-13 21:21 - 2018-01-01 07:11 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2018-03-13 21:21 - 2018-01-01 07:11 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2018-03-13 21:21 - 2018-01-01 07:10 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2018-03-13 21:21 - 2018-01-01 07:10 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll 2018-03-13 21:21 - 2018-01-01 07:09 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2018-03-13 21:21 - 2018-01-01 07:08 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll 2018-03-13 21:21 - 2018-01-01 07:08 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2018-03-13 21:21 - 2018-01-01 07:06 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll 2018-03-13 21:21 - 2018-01-01 07:05 - 002510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2018-03-13 21:21 - 2018-01-01 07:05 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-04-09 18:37 - 2017-09-29 09:46 - 000000000 ___HD C:\Program Files\WindowsApps 2018-04-09 18:37 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2018-04-09 18:37 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-04-09 18:36 - 2016-09-28 14:11 - 000000000 ____D C:\Users\John\Documents\Outlook Files 2018-04-09 18:36 - 2016-09-16 18:32 - 000000000 ____D C:\ProgramData\NVIDIA 2018-04-09 18:34 - 2018-01-07 18:59 - 000000000 ____D C:\ProgramData\Logishrd 2018-04-09 08:28 - 2018-01-26 02:01 - 001612482 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-04-09 08:25 - 2018-01-26 01:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-04-08 18:51 - 2016-09-26 16:17 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2018-04-08 17:12 - 2018-01-26 02:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-04-08 17:12 - 2016-09-16 18:59 - 000026192 _____ (Windows (R) Server 2003 DDK provider) C:\WINDOWS\gdrv.sys 2018-04-08 17:05 - 2017-09-29 04:45 - 020971520 _____ C:\WINDOWS\system32\config\HARDWARE 2018-04-08 17:05 - 2017-09-29 04:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2018-04-07 11:10 - 2017-09-04 20:00 - 000000000 ____D C:\WINDOWS\pss 2018-04-07 00:02 - 2016-09-16 19:32 - 000000000 ____D C:\Program Files (x86)\Steam 2018-04-06 23:03 - 2017-01-15 21:45 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-04-06 22:14 - 2018-01-26 01:36 - 000000000 ___DC C:\WINDOWS\Panther 2018-04-05 15:46 - 2017-09-29 09:44 - 000000000 ____D C:\WINDOWS\INF 2018-04-05 15:26 - 2017-09-29 04:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2018-03-31 13:13 - 2016-12-17 12:09 - 000000000 ____D C:\Program Files (x86)\Origin 2018-03-24 17:51 - 2016-12-17 12:05 - 000000000 ____D C:\ProgramData\Origin 2018-03-23 22:48 - 2017-03-15 14:50 - 000000000 ____D C:\Users\John\AppData\Roaming\Mozilla 2018-03-23 22:48 - 2016-09-26 16:38 - 000000000 ____D C:\Users\John\AppData\Roaming\TeamViewer 2018-03-23 22:34 - 2016-09-17 02:23 - 000000000 ____D C:\Users\John\AppData\Local\CrashDumps 2018-03-19 02:59 - 2016-09-16 18:02 - 000000000 ____D C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps 2018-03-19 02:53 - 2016-09-16 18:01 - 000000000 ____D C:\Program Files (x86)\Google 2018-03-19 01:19 - 2018-01-26 04:55 - 000000000 ____D C:\WINDOWS\system32\msmq 2018-03-19 01:11 - 2018-01-26 02:37 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-03-18 20:22 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\rescache 2018-03-18 19:49 - 2017-04-27 23:26 - 000000400 __RSH C:\ProgramData\ntuser.pol 2018-03-18 19:11 - 2016-09-16 17:48 - 000000000 ____D C:\Users\John\AppData\Local\VirtualStore 2018-03-18 19:03 - 2018-01-26 02:08 - 000000000 ____D C:\Users\John\AppData\Local\Packages 2018-03-18 19:03 - 2016-09-16 18:35 - 000000000 ____D C:\Users\John\AppData\Local\NVIDIA Corporation 2018-03-17 17:29 - 2017-12-30 04:52 - 000000000 ____D C:\Users\John\Desktop\NBG 2018-03-17 17:11 - 2017-09-29 09:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2018-03-17 15:32 - 2016-09-16 18:05 - 000000000 ____D C:\Users\John\AppData\Roaming\IObit 2018-03-17 15:32 - 2009-07-13 23:20 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2018-03-17 15:22 - 2017-04-06 23:01 - 000000000 ____D C:\Users\John\AppData\Local\ElevatedDiagnostics 2018-03-17 15:16 - 2016-10-14 18:45 - 000000000 ____D C:\Users\John\AppData\Roaming\BitTorrent 2018-03-17 15:09 - 2018-01-26 02:08 - 000000000 ___RD C:\Users\John\3D Objects 2018-03-17 15:08 - 2018-01-26 01:59 - 003344928 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-03-17 15:07 - 2017-09-29 09:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2018-03-17 15:07 - 2017-09-29 09:46 - 000000000 ___SD C:\WINDOWS\system32\F12 2018-03-17 15:07 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\TextInput 2018-03-17 15:07 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2018-03-17 15:07 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\system32\oobe 2018-03-17 15:07 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\system32\migwiz 2018-03-17 15:07 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\system32\appraiser 2018-03-17 15:07 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\ShellExperiences 2018-03-17 15:07 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\Provisioning 2018-03-17 15:07 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2018-03-17 15:07 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\bcastdvr 2018-03-17 15:07 - 2017-09-29 04:45 - 000000000 ____D C:\WINDOWS\system32\Dism 2018-03-17 10:35 - 2017-09-29 09:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-03-17 10:35 - 2016-09-28 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools 2018-03-17 10:35 - 2016-09-28 10:33 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2018-03-17 10:26 - 2018-01-26 02:26 - 000003018 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (John) 2018-03-13 21:26 - 2017-09-29 09:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-03-13 21:26 - 2016-10-05 02:03 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-03-13 21:24 - 2017-10-16 04:02 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2018-03-13 21:24 - 2016-10-05 02:03 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-03-13 21:22 - 2017-09-29 09:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2018-03-13 21:22 - 2017-09-29 09:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2018-03-11 21:48 - 2017-10-15 15:40 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk ==================== Files in the root of some directories ======= 2017-01-08 01:03 - 2017-01-09 22:04 - 000000600 _____ () C:\Users\John\AppData\Local\PUTTY.RND 2016-12-21 21:33 - 2016-12-21 21:33 - 000001229 _____ () C:\Users\John\AppData\Local\recently-used.xbel 2016-12-31 19:29 - 2018-01-07 04:32 - 000007601 _____ () C:\Users\John\AppData\Local\Resmon.ResmonCfg Some files in TEMP: ==================== 2018-04-07 11:08 - 2018-02-10 02:15 - 001954048 _____ (Microsoft Corporation) C:\Users\John\AppData\Local\Temp\dllnt_dump.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-04-06 16:55 ==================== End of FRST.txt ============================
  5. jseoung
    FRST.txt Here you are Addition.txt
  6. jseoung
    RogueKiller V12.12.11.0 (x64) [Apr 3 2018] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Website : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 10 (10.0.16299) 64 bits version Started in : Normal mode User : John [Administrator] Started from : E:\RogueKiller_portable64.exe Mode : Scan -- Date : 04/09/2018 08:35:16 (Duration : 00:20:01) ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 0 ¤¤¤ ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: SanDisk SD8SN8U128G1122 SCSI Disk Device +++++ --- User --- [MBR] c2e30c2cdd208f59d53f9e80a51f9be1 [BSP] f663d897cb210ebe12d2b30aff559aca : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 121510 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 249061376 | Size: 490 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: TOSHIBA DT01ACA100 +++++ --- User --- [MBR] cfd6f7779bd2d08be8e2d06dd3063572 [BSP] 66ac01e4512b41edd7cffd352b22ba9d : Empty|VT.Unknown MBR Code Partition table: 0 - Basic data partition | Offset (sectors): 2048 | Size: 953868 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive2: SanDisk Cruzer Fit USB Device +++++ --- User --- [MBR] d81dba5f2d4b30c9fc94cf18b294d306 [BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code Partition table: 0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 32 | Size: 15263 MB User = LL1 ... OK Error reading LL2 MBR! ([32] The request is not supported. )
  7. jseoung
    # AdwCleaner 7.0.8.0 - Logfile created on Mon Apr 09 12:28:49 2018 # Updated on 2018/08/02 by Malwarebytes # Database: 2018-04-09.1 # Running on Windows 10 Pro (X64) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries. ************************* C:/AdwCleaner/AdwCleaner[C0].txt - [2011 B] - [2018/4/7 15:3:40] C:/AdwCleaner/AdwCleaner[S0].txt - [1705 B] - [2018/4/7 15:3:9] C:/AdwCleaner/AdwCleaner[S1].txt - [1075 B] - [2018/4/7 20:2:3] ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ##########
  8. jseoung
    Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 4/8/18 Scan Time: 5:51 PM Log File: 02e429d0-3b77-11e8-8f81-1c1b0d0280a6.json Administrator: Yes -Software Information- Version: 3.3.1.2183 Components Version: 1.0.262 Update Package Version: 1.0.4660 License: Free -System Information- OS: Windows 10 (Build 16299.309) CPU: x64 File System: NTFS User: John-PC\John -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 345757 Threats Detected: 1 Threats Quarantined: 1 Time Elapsed: 0 min, 53 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 PUP.Optional.CityPageToday, C:\USERS\JOHN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [260], [480530],1.0.4660 Physical Sector: 0 (No malicious items detected) (end)
  9. jseoung
    Please see attachment. FRST.txt
  10. jseoung
    Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018 Ran by John (08-04-2018 16:54:28) Run:5 Running from E:\ Loaded Profiles: John (Available Profiles: John & Admin) Boot Mode: Normal ============================================== fixlist content: ***************** CMD: bcdedit.exe /set {bootmgr} displaybootmenu yes CMD: bcdedit.exe /set {default} recoveryenabled yes ***************** ========= bcdedit.exe /set {bootmgr} displaybootmenu yes ========= The operation completed successfully. ========= End of CMD: ========= ========= bcdedit.exe /set {default} recoveryenabled yes ========= The operation completed successfully. ========= End of CMD: ========= ==== End of Fixlog 16:54:28 ====
  11. jseoung
    I have a window process manager item running and I can't get rid of it. FRST.txtAddition.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.