Infected with igfxmtc.exe

[Ebaez12]

I recently downloaded a file and it happened to have igfxmtc in it. I can’t seem to uninstall the exe. Please help. I have all the programs you guys have mentioned already installed. I just need some technical support. Thanks. 

[kevinf80]

Hello Ebaez12 and welcome to Malwararebytes,

The file you mention is indicative of "smartservice" infection, that infection does come in different versions, the latest being very difficult to remove.... Do you have a USB flash drive (memory stick) 4 GB or above. Do you also have access to another PC....

For now run the following and if possible post the produced logs:

Download Farbar Recovery Scan Tool and save it to your desktop. Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way... Be aware FRST must be run from an account with Administrator status...   Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.) Make sure Addition.txt is checkmarked under "Optional scans" Press Scan button to run the tool.... It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The tool will also make a log named (Addition.txt) Please attach that log to your reply. Next, Download PowerTool and save to your Desktop, ensure to get the correct version: PowerTool for 64-bit systems >> https://malwarebytes.box.com/s/vnp2jdko58ww33bxabbm8zu9764u0tlh PowerTool for 32-bit systems >> https://malwarebytes.box.com/s/f0bsa1nuzjv994neyzbtrti1au0s98yx Please follow the instructions below: Right click on PowerTool, Select "Run as Administrator" Windows 8/8.1/10 users may see the following, if so select "More Info" In the next Window select "Run Anyway" Initially click on sq image to enlarge window to full screen (As shown in the image below) Now click on Kernel tab (No. 1 on the image below) Then click on Kernel Notify Routine (No. 2 on the image below) Also click on Path so you sort the list by name (No. 3 on the image below) Right click anywhere on listed items under path (No. 4 on the image above) and select Export. Save exported file to your Desktop, zip up that file and attach to your reply.... Thank you, Kevin......

[Ebaez12]

OK Heres the log files: 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2017
Ran by Erick L Jefe (administrator) on DESKTOP-2CK7GDG (06-12-2017 08:19:08)
Running from C:\Users\Erick L Jefe\Downloads
Loaded Profiles: Erick L Jefe (Available Profiles: Erick L Jefe)
Platform: Windows 10 Pro Version 1709 16299.98 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(TOSHIBA CORPORATION) C:\Windows\System32\vsduzlasvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Electronic Arts) E:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.11.2.7\NS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.9.604.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8730.21155.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Users\Erick L Jefe\AppData\Local\avbdkte\avbdkte.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Users\Erick L Jefe\AppData\Local\avbdkte\pcrsmua.exe
() C:\Users\Erick L Jefe\AppData\Local\avbdkte\pcrsmua.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8730.21155.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Corsair Components, Inc.) C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe
(Corsair Components, Inc.) C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Navigraph) E:\Program Files (x86)\Navigraph\FMS Data Manager\NGFMSAgent.exe
(Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(Navigraph) E:\Program Files (x86)\Navigraph\Simlink\NavigraphSimlink.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(MSI) C:\Windows\SysWOW64\muachost.exe
() C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe
(Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegister.exe
() C:\Program Files (x86)\Anvsoft\Syncios\androidnotifier.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe
() C:\Program Files (x86)\Anvsoft\Syncios\adb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.11.2.7\NS.exe
() C:\Users\Erick L Jefe\AppData\Local\igfxmtc\igfxmtc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files\Cyberlink\Shared files\RichVideo64.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Users\Erick L Jefe\AppData\Local\avbdkte\pcrsmua.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Users\Erick L Jefe\AppData\Local\avbdkte\pcrsmua.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Users\Erick L Jefe\AppData\Local\avbdkte\pcrsmua.exe
() C:\Users\Erick L Jefe\AppData\Local\avbdkte\pcrsmua.exe
() C:\Users\Erick L Jefe\AppData\Local\avbdkte\pcrsmua.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-06-20] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-18] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-10-20] (Apple Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [64000 2007-07-17] (ArcSoft)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-07-21] (Seagate Technology LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [Navigraph FMS Data Manager] => E:\Program Files (x86)\Navigraph\FMS Data Manager\NGFMSAgent.exe [992360 2017-12-01] (Navigraph)
HKLM-x32\...\Run: [Navigraph Simlink] => E:\Program Files (x86)\Navigraph\Simlink\NavigraphSimlink.exe [736360 2017-11-29] (Navigraph)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe [1910424 2017-06-06] ()
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26107576 2017-11-01] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [1262544 2017-07-11] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe [20369616 2017-10-11] (Corsair Components, Inc.)
HKU\S-1-5-21-3728291697-3449938618-998988-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-07-21] (Seagate Technology LLC)
HKU\S-1-5-21-3728291697-3449938618-998988-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-3728291697-3449938618-998988-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-3728291697-3449938618-998988-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-3728291697-3449938618-998988-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-3728291697-3449938618-998988-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2017-10-19] (Apple Inc.)
HKU\S-1-5-21-3728291697-3449938618-998988-1001\...\Run: [CorsairLink4] => C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe [27092152 2017-10-31] (Corsair Components, Inc.)
HKU\S-1-5-21-3728291697-3449938618-998988-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Fliqlo.scr [679936 2017-11-08] (ScreenTime Media)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2017-10-31]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
Startup: C:\Users\Erick L Jefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2017-11-08]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7796ec46-a7b5-4537-9d55-b6135ff0ac52}: [DhcpNameServer] 192.168.1.1
ManualProxies:

Internet Explorer:
==================
HKU\S-1-5-21-3728291697-3449938618-998988-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-11-16] (Microsoft Corporation)
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-20] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-20] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.11.2.7\coIEPlg.dll [2017-11-10] (Symantec Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-30] (Microsoft Corporation)

Edge:
======
Edge Session Restore: HKU\S-1-5-21-3728291697-3449938618-998988-1001 -> is enabled.

FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-19] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-11-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-11-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-09-22] (VideoLAN)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3301020&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP57AFB4C0-255B-4923-BF80-8524349D436B"
CHR Profile: C:\Users\Erick L Jefe\AppData\Local\Google\Chrome\User Data\Default [2017-12-06]
CHR Extension: (Slides) - C:\Users\Erick L Jefe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-30]
CHR Extension: (Docs) - C:\Users\Erick L Jefe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-30]
CHR Extension: (Google Drive) - C:\Users\Erick L Jefe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-30]
CHR Extension: (YouTube) - C:\Users\Erick L Jefe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-30]
CHR Extension: (Norton Security Toolbar) - C:\Users\Erick L Jefe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-12-06]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Erick L Jefe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2017-10-30]
CHR Extension: (Sheets) - C:\Users\Erick L Jefe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-30]
CHR Extension: (Google Docs Offline) - C:\Users\Erick L Jefe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-06]
CHR Extension: (Norton Identity Safe) - C:\Users\Erick L Jefe\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-12-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Erick L Jefe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-30]
CHR Extension: (All in ONE Sneaker Site Bot) - C:\Users\Erick L Jefe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ominpiohhaicdnnjggjjnnoaoocppheh [2017-10-30]
CHR Extension: (Visualping) - C:\Users\Erick L Jefe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemhgklkefakciniebenbfclihhmmfcd [2017-10-30]
CHR Extension: (Gmail) - C:\Users\Erick L Jefe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-30]
CHR Extension: (Chrome Media Router) - C:\Users\Erick L Jefe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-06]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.11.2.7\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8063664 2017-11-22] (Microsoft Corporation)
R3 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [32952 2017-10-31] (Corsair Components, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2017-05-19] (Futuremark)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [48824 2017-10-26] (Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2021048 2017-11-01] (Micro-Star INT'L CO., LTD.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-06-20] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [732448 2017-02-24] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [548648 2017-02-24] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-06-05] (Intel Corporation)
R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [128976 2017-07-11] (Micro-Star INT'L CO., LTD.)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [83616 2017-09-11] (Micro-Star INT'L CO., LTD.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2304696 2017-11-01] (Micro-Star INT'L CO., LTD.)
R2 MysticLight2_Service; C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe [30904 2017-09-07] (Micro-Star Int'l Co., Ltd.)
R2 NS; C:\Program Files\Norton Security\Engine\22.11.2.7\NS.exe [326144 2017-11-10] (Symantec Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-15] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [463664 2017-11-27] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-11-15] (NVIDIA Corporation)
S3 Origin Client Service; E:\Program Files (x86)\Origin\OriginClientService.exe [2134848 2017-11-22] (Electronic Arts)
R2 Origin Web Helper Service; E:\Program Files (x86)\Origin\OriginWebHelperService.exe [3014472 2017-11-22] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-09-08] (CyberLink)
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16120 2017-07-21] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143560 2017-07-21] (Seagate Technology LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-11-26] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-07-21] (Intel(R) Corporation)
S2 NAUpdate; "C:\Program Files (x86)\Nero\Update\NASvc.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 adlckhg; C:\WINDOWS\System32\drivers\iwyewykp.sys [79064 2017-12-06] (Malwarebytes)
S4 angmjuop; C:\WINDOWS\System32\drivers\wciknp.sys [79064 2017-12-06] (Malwarebytes)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-05-08] ()
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.11.2.7\Definitions\BASHDefs\20171204.003\BHDrvx64.sys [1872024 2017-12-04] (Symantec Corporation)
R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\160B020.007\ccSetx64.sys [187544 2017-11-10] (Symantec Corporation)
S4 civad; C:\WINDOWS\System32\drivers\tsdbxb.sys [79064 2017-12-06] (Malwarebytes)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45528 2017-07-31] (Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21968 2017-07-31] (Corsair)
R3 cpuz144; C:\WINDOWS\temp\cpuz144\cpuz144_x64.sys [48984 2017-12-06] (CPUID)
S4 duhmq; C:\WINDOWS\System32\drivers\mrifji.sys [79064 2017-12-06] (Malwarebytes)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508056 2017-12-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [158360 2017-12-05] (Symantec Corporation)
S4 ghxptqy; C:\WINDOWS\System32\drivers\twbx.sys [79064 2017-12-06] (Malwarebytes)
S4 hhhqkx; C:\WINDOWS\System32\drivers\cxfd.sys [79064 2017-12-06] (Malwarebytes)
R3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.11.2.7\Definitions\IPSDefs\20171205.001\IDSvia64.sys [1056920 2017-12-05] (Symantec Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37880 2017-05-10] (Intel Corporation)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MysticLight\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2d65b7647eff8c45\nvlddmkm.sys [17020720 2017-11-28] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-10] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-27] (NVIDIA Corporation)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R1 SRTSP; C:\WINDOWS\system32\drivers\NSx64\160B020.007\SRTSP64.SYS [812696 2017-11-10] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\160B020.007\SRTSPX64.SYS [49304 2017-11-10] (Symantec Corporation)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46408 2017-06-01] (SteelSeries ApS)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SYMEFASI64.SYS [1938584 2017-11-10] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NSx64\160B020.007\SymELAM.sys [24608 2017-11-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102600 2017-12-06] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NSx64\160B020.007\Ironx64.SYS [309984 2017-11-10] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\system32\drivers\NSx64\160B020.007\SYMNETS.SYS [566936 2017-11-10] (Symantec Corporation)
S4 ubgaqv; C:\WINDOWS\System32\drivers\bhffm.sys [79064 2017-12-06] (Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
S1 avpjliyf; \??\C:\WINDOWS\system32\drivers\avpjliyf.sys [X]
S4 SMR501; \SystemRoot\System32\drivers\SMR501.SYS [X]
R3 udiskMgr; system32\drivers\ruybeh.sys [X]
S1 yaiadiua; \??\C:\WINDOWS\system32\drivers\yaiadiua.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-06 08:19 - 2017-12-06 08:19 - 000027672 _____ C:\Users\Erick L Jefe\Downloads\FRST.txt
2017-12-06 08:17 - 2017-12-06 08:17 - 009440768 _____ C:\Users\Erick L Jefe\Downloads\PowerTool64.exe
2017-12-06 03:55 - 2017-12-06 03:55 - 000142136 ____N C:\WINDOWS\system32\Drivers\exbnruxb.sys
2017-12-06 03:55 - 2017-12-06 03:55 - 000079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\bhffm.sys
2017-12-06 03:55 - 2017-12-06 03:55 - 000000288 _____ C:\WINDOWS\Tasks\cpmeay
2017-12-06 03:46 - 2017-12-06 03:47 - 000002354 _____ C:\Users\Erick L Jefe\Desktop\Rkill.txt
2017-12-06 03:46 - 2017-12-06 03:46 - 000079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\twbx.sys
2017-12-06 03:45 - 2017-12-06 03:45 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\Erick L Jefe\Downloads\rkill_2.9.1.0.exe
2017-12-06 03:39 - 2017-12-06 03:50 - 000000000 ____D C:\AdwCleaner
2017-12-06 03:38 - 2017-12-06 03:38 - 008187336 _____ (Malwarebytes) C:\Users\Erick L Jefe\Downloads\adwcleaner_7.0.5.0.exe
2017-12-06 03:33 - 2017-12-06 03:33 - 000079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\wciknp.sys
2017-12-06 03:28 - 2017-12-06 08:19 - 000000000 ____D C:\FRST
2017-12-06 03:27 - 2017-12-06 03:27 - 002391552 _____ (Farbar) C:\Users\Erick L Jefe\Downloads\FRST64.exe
2017-12-06 03:21 - 2017-12-06 03:21 - 000079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\cxfd.sys
2017-12-06 03:15 - 2017-12-06 03:15 - 000079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\iwyewykp.sys
2017-12-06 03:06 - 2017-12-06 03:06 - 000079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mrifji.sys
2017-12-06 03:04 - 2017-12-06 03:43 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Local\CrashDumps
2017-12-06 03:01 - 2017-12-06 03:01 - 000079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\tsdbxb.sys
2017-12-06 02:53 - 2017-12-06 02:53 - 000000880 _____ C:\WINDOWS\system32\Drivers\etc\hosts.txt
2017-12-06 02:42 - 2017-12-06 02:42 - 000842924 _____ C:\WINDOWS\Minidump\120617-7984-01.dmp
2017-12-06 02:39 - 2017-12-06 03:52 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-12-06 02:39 - 2017-12-06 03:48 - 001535430 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-06 02:38 - 2017-12-06 02:38 - 000001167 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-12-06 02:38 - 2017-12-06 02:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-12-06 02:38 - 2017-12-06 02:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-12-06 02:38 - 2017-12-06 02:38 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-12-06 02:38 - 2016-03-10 14:09 - 000065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2017-12-06 02:38 - 2016-03-10 14:08 - 000140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-12-06 02:38 - 2016-03-10 14:08 - 000027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-12-06 02:26 - 2017-12-06 03:20 - 000002142 _____ C:\Users\Erick L Jefe\Desktop\Process Hacker 2.lnk
2017-12-06 02:26 - 2017-12-06 02:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
2017-12-06 02:26 - 2017-12-06 02:29 - 000000000 ____D C:\Program Files\Process Hacker 2
2017-12-06 01:02 - 2017-12-06 01:02 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-12-06 00:34 - 2017-12-06 03:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2017-12-06 00:34 - 2017-12-06 00:34 - 000102600 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-12-06 00:34 - 2017-12-06 00:34 - 000008471 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-12-06 00:34 - 2017-12-06 00:34 - 000003374 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-12-06 00:34 - 2017-12-06 00:34 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
2017-12-06 00:33 - 2017-12-06 00:33 - 000002206 _____ C:\Users\Public\Desktop\Norton Security.lnk
2017-12-06 00:33 - 2017-12-06 00:33 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2017-12-06 00:33 - 2017-12-06 00:33 - 000000000 ____D C:\Program Files\Norton Security
2017-12-06 00:32 - 2017-12-06 02:42 - 1716453562 _____ C:\WINDOWS\MEMORY.DMP
2017-12-06 00:32 - 2017-12-06 02:42 - 000000000 ____D C:\WINDOWS\Minidump
2017-12-06 00:32 - 2017-12-06 00:32 - 000842948 _____ C:\WINDOWS\Minidump\120617-10156-01.dmp
2017-12-06 00:28 - 2017-12-06 02:41 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Roaming\Azureus
2017-12-05 23:43 - 2017-12-06 02:12 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Local\NPE
2017-12-05 23:43 - 2017-12-05 23:57 - 000023338 _____ C:\WINDOWS\system32\Drivers\SMR501.dat
2017-12-05 23:40 - 2017-12-06 00:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2017-12-05 23:40 - 2017-12-06 00:33 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2017-12-05 23:27 - 2017-12-06 03:53 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Local\excalwb
2017-12-05 22:48 - 2017-12-06 08:16 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Local\avbdkte
2017-12-05 22:48 - 2017-12-05 23:27 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Local\igfxmtc
2017-12-05 22:47 - 2017-12-05 22:47 - 000140800 _____ C:\Users\Erick L Jefe\AppData\Local\installer.dat
2017-12-05 22:47 - 2017-12-05 22:47 - 000016894 _____ C:\WINDOWS\System32\Tasks\Maestro MOBILITY PC Camera
2017-12-05 22:47 - 2017-12-05 22:47 - 000001291 _____ C:\Users\Erick L Jefe\Desktop\Google Chrome.lnk
2017-12-05 22:46 - 2017-12-06 03:56 - 002884096 _____ (TOSHIBA CORPORATION) C:\WINDOWS\system32\vsduzlasvc.exe
2017-12-05 22:46 - 2017-12-05 22:46 - 000001367 ___RS C:\Users\Public\Desktop\Аеrоsоft Lаuncher.lnk
2017-12-05 22:46 - 2017-12-05 22:46 - 000001345 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Chrоme.lnk
2017-12-05 22:46 - 2017-12-05 22:46 - 000001315 ___RS C:\Users\Public\Desktop\Gооglе Chrоme.lnk
2017-12-05 22:46 - 2017-12-05 22:46 - 000000000 ____D C:\WINDOWS\SysWOW64\csdkhlw
2017-12-05 22:46 - 2017-12-05 22:46 - 000000000 ____D C:\WINDOWS\system32\csdkhlw
2017-12-05 15:30 - 2017-12-05 15:30 - 000002134 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2017-12-05 05:06 - 2017-12-05 05:06 - 000037157 _____ C:\WINDOWS\uninstaller.dat
2017-12-04 20:07 - 2017-12-04 20:07 - 000001199 _____ C:\Users\Public\Desktop\Corsair Utility Engine.lnk
2017-12-04 20:07 - 2017-12-04 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2017-12-04 20:05 - 2017-12-04 20:05 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-12-04 20:05 - 2017-11-27 19:16 - 000137200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-12-04 20:05 - 2017-09-13 18:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-12-04 20:05 - 2017-09-13 18:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-12-04 20:05 - 2017-09-13 18:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-12-04 20:05 - 2017-09-13 18:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-12-04 20:03 - 2017-12-04 20:03 - 000000000 ____D C:\Program Files (x86)\Corsair
2017-12-03 21:29 - 2017-12-03 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2018
2017-12-03 21:27 - 2017-12-03 21:27 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Roaming\Obsidium
2017-12-03 18:26 - 2017-12-03 18:26 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-12-03 18:25 - 2017-11-27 20:56 - 040238576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 036348400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 035159072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 023266584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 019039304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 013866792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 013255032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 011780888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 010883744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 004202808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 003615024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 001991016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438843.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 001674552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438843.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 001331016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 001321264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 001135464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 001101296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 001044848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 001038680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 001032688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 000982000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 000932424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 000794392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 000740152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 000634224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 000616240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 000599536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-12-03 18:25 - 2017-11-27 20:56 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-12-03 01:01 - 2017-12-03 01:01 - 000001045 _____ C:\Users\Public\Desktop\Cielosim - Jacksonville - User Guide.lnk
2017-12-02 01:41 - 2017-11-26 15:35 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-12-02 01:41 - 2017-11-26 15:32 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-12-02 01:41 - 2017-11-26 15:15 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-12-02 01:41 - 2017-11-26 15:15 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-02 01:41 - 2017-11-26 11:43 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-12-02 01:41 - 2017-11-26 08:48 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-02 01:41 - 2017-11-26 08:47 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-02 01:41 - 2017-11-26 08:45 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-12-02 01:41 - 2017-11-26 08:45 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-12-02 01:41 - 2017-11-26 08:45 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-12-02 01:41 - 2017-11-26 08:45 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-12-02 01:41 - 2017-11-26 08:45 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-02 01:41 - 2017-11-26 08:41 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-12-02 01:41 - 2017-11-26 08:38 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-12-02 01:41 - 2017-11-26 08:37 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-12-02 01:41 - 2017-11-26 08:35 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-12-02 01:41 - 2017-11-26 08:35 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-12-02 01:41 - 2017-11-26 08:33 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-02 01:41 - 2017-11-26 08:33 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-12-02 01:41 - 2017-11-26 08:33 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-12-02 01:41 - 2017-11-26 08:33 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-02 01:41 - 2017-11-26 08:33 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-12-02 01:41 - 2017-11-26 08:33 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2017-12-02 01:41 - 2017-11-26 08:33 - 000166808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-12-02 01:41 - 2017-11-26 08:32 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-02 01:41 - 2017-11-26 08:32 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-12-02 01:41 - 2017-11-26 08:32 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-12-02 01:41 - 2017-11-26 08:32 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2017-12-02 01:41 - 2017-11-26 08:31 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-12-02 01:41 - 2017-11-26 08:31 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-02 01:41 - 2017-11-26 08:31 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-12-02 01:41 - 2017-11-26 08:30 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-12-02 01:41 - 2017-11-26 08:29 - 003903272 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-12-02 01:41 - 2017-11-26 08:29 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-12-02 01:41 - 2017-11-26 08:29 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-12-02 01:41 - 2017-11-26 08:29 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-12-02 01:41 - 2017-11-26 08:29 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-12-02 01:41 - 2017-11-26 08:29 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-12-02 01:41 - 2017-11-26 08:29 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-12-02 01:41 - 2017-11-26 08:29 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-12-02 01:41 - 2017-11-26 08:28 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-12-02 01:41 - 2017-11-26 08:28 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-12-02 01:41 - 2017-11-26 08:28 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-12-02 01:41 - 2017-11-26 08:28 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-12-02 01:41 - 2017-11-26 08:28 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-02 01:41 - 2017-11-26 08:28 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-12-02 01:41 - 2017-11-26 08:28 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-12-02 01:41 - 2017-11-26 08:27 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-12-02 01:41 - 2017-11-26 08:27 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-12-02 01:41 - 2017-11-26 08:27 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-12-02 01:41 - 2017-11-26 08:27 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-12-02 01:41 - 2017-11-26 08:27 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-12-02 01:41 - 2017-11-26 08:27 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-12-02 01:41 - 2017-11-26 08:26 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-12-02 01:41 - 2017-11-26 08:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-12-02 01:41 - 2017-11-26 08:25 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-02 01:41 - 2017-11-26 08:24 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-12-02 01:41 - 2017-11-26 08:23 - 007386664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-02 01:41 - 2017-11-26 08:23 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-12-02 01:41 - 2017-11-26 08:23 - 001426160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-12-02 01:41 - 2017-11-26 08:23 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-12-02 01:41 - 2017-11-26 08:23 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-12-02 01:41 - 2017-11-26 08:23 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-12-02 01:41 - 2017-11-26 08:23 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-12-02 01:41 - 2017-11-26 08:23 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-12-02 01:41 - 2017-11-26 08:22 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-12-02 01:41 - 2017-11-26 08:21 - 002220952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-12-02 01:41 - 2017-11-26 08:21 - 001778584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-12-02 01:41 - 2017-11-26 08:21 - 001628056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-12-02 01:41 - 2017-11-26 08:21 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-02 01:41 - 2017-11-26 08:21 - 001420696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-12-02 01:41 - 2017-11-26 08:21 - 000831384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-12-02 01:41 - 2017-11-26 08:21 - 000819096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-12-02 01:41 - 2017-11-26 08:21 - 000813976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-12-02 01:41 - 2017-11-26 08:21 - 000744856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-12-02 01:41 - 2017-11-26 08:21 - 000669592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-12-02 01:41 - 2017-11-26 08:21 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-02 01:41 - 2017-11-26 08:21 - 000645528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-12-02 01:41 - 2017-11-26 08:20 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-12-02 01:41 - 2017-11-26 08:20 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-12-02 01:41 - 2017-11-26 07:57 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-12-02 01:41 - 2017-11-26 07:55 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-12-02 01:41 - 2017-11-26 07:55 - 001307136 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2017-12-02 01:41 - 2017-11-26 07:55 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-02 01:41 - 2017-11-26 07:55 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-12-02 01:41 - 2017-11-26 07:55 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-12-02 01:41 - 2017-11-26 07:55 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-12-02 01:41 - 2017-11-26 07:55 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-12-02 01:41 - 2017-11-26 07:55 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-12-02 01:41 - 2017-11-26 07:54 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-12-02 01:41 - 2017-11-26 07:54 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-12-02 01:41 - 2017-11-26 07:48 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-02 01:41 - 2017-11-26 07:47 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-12-02 01:41 - 2017-11-26 07:43 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-12-02 01:41 - 2017-11-26 07:36 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2017-12-02 01:41 - 2017-11-26 07:36 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-12-02 01:41 - 2017-11-26 07:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-12-02 01:41 - 2017-11-26 07:36 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-02 01:41 - 2017-11-26 07:35 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-12-02 01:41 - 2017-11-26 07:35 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-12-02 01:41 - 2017-11-26 07:34 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2017-12-02 01:41 - 2017-11-26 07:33 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2017-12-02 01:41 - 2017-11-26 07:31 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-12-02 01:41 - 2017-11-26 07:31 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-12-02 01:41 - 2017-11-26 07:31 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-12-02 01:41 - 2017-11-26 07:31 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2017-12-02 01:41 - 2017-11-26 07:29 - 002106880 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-02 01:41 - 2017-11-26 07:29 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-02 01:41 - 2017-11-26 07:29 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-12-02 01:41 - 2017-11-26 07:29 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-12-02 01:41 - 2017-11-26 07:29 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-02 01:41 - 2017-11-26 07:29 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2017-12-02 01:41 - 2017-11-26 07:28 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-12-02 01:41 - 2017-11-26 07:26 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2017-12-02 01:41 - 2017-11-26 07:26 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-02 01:41 - 2017-11-26 07:26 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-12-02 01:41 - 2017-11-26 07:26 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-12-02 01:41 - 2017-11-26 07:25 - 025247744 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-02 01:41 - 2017-11-26 07:25 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-12-02 01:41 - 2017-11-26 07:25 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-12-02 01:41 - 2017-11-26 07:25 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-12-02 01:41 - 2017-11-26 07:25 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-12-02 01:41 - 2017-11-26 07:25 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-12-02 01:41 - 2017-11-26 07:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-12-02 01:41 - 2017-11-26 07:23 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-12-02 01:41 - 2017-11-26 07:22 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-12-02 01:41 - 2017-11-26 07:21 - 008099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-02 01:41 - 2017-11-26 07:19 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-12-02 01:41 - 2017-11-26 07:19 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-12-02 01:41 - 2017-11-26 07:19 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2017-12-02 01:41 - 2017-11-26 07:18 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-12-02 01:41 - 2017-11-26 07:18 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-02 01:41 - 2017-11-26 07:18 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-12-02 01:41 - 2017-11-26 07:17 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-02 01:41 - 2017-11-26 07:17 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-12-02 01:41 - 2017-11-26 07:17 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-12-02 01:41 - 2017-11-26 07:08 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-12-02 01:41 - 2017-11-26 07:06 - 023659008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-02 01:41 - 2017-11-26 07:06 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-02 01:41 - 2017-11-26 07:06 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-02 01:41 - 2017-11-26 07:05 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-12-02 01:41 - 2017-11-26 07:04 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-12-02 01:41 - 2017-11-26 07:04 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-12-02 01:41 - 2017-11-26 07:04 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-02 01:41 - 2017-11-26 07:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-12-02 01:41 - 2017-11-26 07:03 - 004742144 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-02 01:41 - 2017-11-26 07:03 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-12-02 01:41 - 2017-11-26 07:03 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-12-02 01:41 - 2017-11-26 07:01 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-02 01:41 - 2017-11-26 07:00 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-12-02 01:41 - 2017-11-26 07:00 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-12-02 01:41 - 2017-11-26 06:59 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-12-02 01:41 - 2017-11-26 06:59 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-12-02 01:41 - 2017-11-26 06:59 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-12-02 01:41 - 2017-11-26 06:59 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-12-02 01:41 - 2017-11-26 06:58 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-12-02 01:41 - 2017-11-26 06:58 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-12-02 01:41 - 2017-11-26 06:55 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-02 01:41 - 2017-11-26 06:48 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-02 01:41 - 2017-11-26 06:48 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-12-02 01:41 - 2017-11-26 06:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2017-12-02 01:41 - 2017-11-26 06:21 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-12-02 01:41 - 2017-11-26 06:21 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-12-02 01:41 - 2017-11-26 06:20 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-12-02 01:41 - 2017-11-26 06:12 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-12-02 01:41 - 2017-11-26 06:04 - 001145112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-02 01:41 - 2017-11-26 06:04 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-02 01:41 - 2017-11-26 06:02 - 003484848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-12-02 01:41 - 2017-11-26 06:02 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2017-12-02 01:41 - 2017-11-26 06:01 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-12-02 01:41 - 2017-11-26 06:01 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-12-02 01:41 - 2017-11-26 06:01 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-12-02 01:41 - 2017-11-26 06:01 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2017-12-02 01:41 - 2017-11-26 06:01 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-12-02 01:41 - 2017-11-26 06:01 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-12-02 01:41 - 2017-11-26 06:01 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-12-02 01:41 - 2017-11-26 06:00 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-12-02 01:41 - 2017-11-26 06:00 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-02 01:41 - 2017-11-26 06:00 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-12-02 01:41 - 2017-11-26 05:59 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-02 01:41 - 2017-11-26 05:58 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-12-02 01:41 - 2017-11-26 05:58 - 006483176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-02 01:41 - 2017-11-26 05:58 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-12-02 01:41 - 2017-11-26 05:58 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-12-02 01:41 - 2017-11-26 05:58 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-12-02 01:41 - 2017-11-26 05:58 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-12-02 01:41 - 2017-11-26 05:57 - 001490840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-12-02 01:41 - 2017-11-26 05:51 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-12-02 01:41 - 2017-11-26 05:51 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-12-02 01:41 - 2017-11-26 05:41 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-12-02 01:41 - 2017-11-26 05:41 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-12-02 01:41 - 2017-11-26 05:41 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-12-02 01:41 - 2017-11-26 05:41 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2017-12-02 01:41 - 2017-11-26 05:41 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-12-02 01:41 - 2017-11-26 05:41 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-12-02 01:41 - 2017-11-26 05:41 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-12-02 01:41 - 2017-11-26 05:40 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-12-02 01:41 - 2017-11-26 05:38 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2017-12-02 01:41 - 2017-11-26 05:37 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-12-02 01:41 - 2017-11-26 05:36 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-12-02 01:41 - 2017-11-26 05:36 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-12-02 01:41 - 2017-11-26 05:36 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-12-02 01:41 - 2017-11-26 05:36 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-12-02 01:41 - 2017-11-26 05:36 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-12-02 01:41 - 2017-11-26 05:35 - 018915840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-02 01:41 - 2017-11-26 05:35 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2017-12-02 01:41 - 2017-11-26 05:35 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-12-02 01:41 - 2017-11-26 05:35 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-12-02 01:41 - 2017-11-26 05:35 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-12-02 01:41 - 2017-11-26 05:34 - 019339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-02 01:41 - 2017-11-26 05:34 - 006466560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-02 01:41 - 2017-11-26 05:34 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-12-02 01:41 - 2017-11-26 05:32 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-02 01:41 - 2017-11-26 05:31 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-12-02 01:41 - 2017-11-26 05:31 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-12-02 01:41 - 2017-11-26 05:30 - 006036480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-02 01:41 - 2017-11-26 05:30 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-12-02 01:41 - 2017-11-26 05:30 - 003679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-02 01:41 - 2017-11-26 05:30 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-12-02 01:41 - 2017-11-26 05:30 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-12-02 01:41 - 2017-11-26 05:29 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-02 01:41 - 2017-11-26 05:29 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-02 01:41 - 2017-11-26 05:29 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-02 01:41 - 2017-11-26 05:29 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-12-02 01:41 - 2017-11-26 05:28 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-12-02 01:41 - 2017-11-26 05:27 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-02 01:41 - 2017-11-26 05:24 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-12-02 01:41 - 2017-11-26 05:24 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2017-12-02 01:41 - 2017-11-19 02:35 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-12-02 01:41 - 2017-11-18 21:20 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-11-28 17:37 - 2017-11-28 17:37 - 000003190 _____ C:\WINDOWS\System32\Tasks\MSIGH_Host
2017-11-28 17:37 - 2017-11-28 17:37 - 000003132 _____ C:\WINDOWS\System32\Tasks\MSIOSDx86_Host
2017-11-28 17:37 - 2017-11-28 17:37 - 000003132 _____ C:\WINDOWS\System32\Tasks\MSIOSDx64_Host
2017-11-28 17:37 - 2017-11-28 17:37 - 000001122 _____ C:\Users\Public\Desktop\MSI Gaming APP.lnk
2017-11-24 17:02 - 2017-11-24 17:04 - 000040764 _____ C:\WINDOWS\LatinVFR San Juan TJSJ P3Dv4 Setup Log.txt
2017-11-24 16:33 - 2017-11-24 16:33 - 000000985 _____ C:\Users\Erick L Jefe\Desktop\SceneryConfigEditor v1.1.9.lnk
2017-11-24 16:33 - 2017-11-24 16:33 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SceneryConfigEditor
2017-11-24 16:33 - 2017-11-24 16:33 - 000000000 ____D C:\Program Files\SceneryConfigEditor
2017-11-24 15:37 - 2017-11-24 15:38 - 000001399 _____ C:\WINDOWS\LatinVFR Miami Int'l KMIA P3dv4 Setup Log.txt
2017-11-23 16:14 - 2017-10-25 04:11 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-11-23 16:14 - 2017-10-25 03:57 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-11-23 16:14 - 2017-10-24 23:41 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-11-23 16:14 - 2017-10-24 23:40 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-23 16:14 - 2017-10-24 23:40 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-23 16:14 - 2017-10-24 23:40 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-11-23 16:14 - 2017-10-24 23:39 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-11-23 16:14 - 2017-10-24 23:39 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-23 16:14 - 2017-10-24 23:37 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-11-23 16:14 - 2017-10-24 23:37 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-23 16:14 - 2017-10-24 23:34 - 000710920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-23 16:14 - 2017-10-24 23:32 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-23 16:14 - 2017-10-24 23:32 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-11-23 16:14 - 2017-10-24 23:31 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-11-23 16:14 - 2017-10-24 23:30 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-11-23 16:14 - 2017-10-24 23:30 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-11-23 16:14 - 2017-10-24 23:29 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-11-23 16:14 - 2017-10-24 23:29 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-11-23 16:14 - 2017-10-24 23:27 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-23 16:14 - 2017-10-24 23:27 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-11-23 16:14 - 2017-10-24 23:20 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-11-23 16:14 - 2017-10-24 22:52 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-11-23 16:14 - 2017-10-24 22:50 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-23 16:14 - 2017-10-24 22:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-11-23 16:14 - 2017-10-24 22:28 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-11-23 16:14 - 2017-10-24 22:27 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-11-23 16:14 - 2017-10-24 22:27 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-11-23 16:14 - 2017-10-24 22:27 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-11-23 16:14 - 2017-10-24 22:22 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-23 16:14 - 2017-10-24 22:22 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-11-23 16:14 - 2017-10-24 22:19 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-11-23 16:14 - 2017-10-24 22:18 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-11-23 16:14 - 2017-10-24 22:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-11-23 16:14 - 2017-10-24 22:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-11-23 16:14 - 2017-10-24 22:18 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-11-23 16:14 - 2017-10-24 22:16 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-11-23 16:14 - 2017-10-24 22:16 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-11-23 16:14 - 2017-10-24 22:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-23 16:14 - 2017-10-24 22:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-11-23 16:14 - 2017-10-24 22:13 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-23 16:14 - 2017-10-24 22:13 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-11-23 16:14 - 2017-10-24 22:12 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-11-23 16:14 - 2017-10-24 22:12 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-23 16:14 - 2017-10-24 22:11 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-23 16:14 - 2017-10-24 22:09 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-11-23 16:14 - 2017-10-24 22:09 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-23 16:14 - 2017-10-24 22:08 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-23 16:14 - 2017-10-24 22:08 - 001667584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-11-23 16:14 - 2017-10-24 22:08 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-11-23 16:14 - 2017-10-24 22:08 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-11-23 16:14 - 2017-10-24 22:07 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-11-23 16:14 - 2017-10-24 22:07 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-11-23 16:14 - 2017-10-24 22:06 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-23 16:14 - 2017-10-24 22:05 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-11-23 16:14 - 2017-10-24 22:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-23 16:14 - 2017-10-24 22:04 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-11-23 16:14 - 2017-10-24 22:02 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-23 16:14 - 2017-10-24 22:01 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-23 16:14 - 2017-10-24 22:01 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-23 16:14 - 2017-10-24 21:59 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-23 16:14 - 2017-10-24 21:58 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-11-23 16:14 - 2017-10-24 21:58 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-11-23 16:14 - 2017-10-24 21:55 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-11-23 16:14 - 2017-10-24 21:54 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-11-23 16:14 - 2017-10-20 00:08 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-19 21:36 - 2017-11-20 05:40 - 000291231 _____ C:\Users\Erick L Jefe\Documents\Desendants Isabella Bday.pptx
2017-11-18 23:49 - 2017-11-18 23:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft - Mega Airport Oslo 2.0 - PREPAR3D V4.x
2017-11-18 21:48 - 2017-11-18 21:48 - 000000916 _____ C:\Users\Erick L Jefe\Desktop\Vuze Downloads - Shortcut.lnk
2017-11-17 20:24 - 2017-12-06 00:13 - 000000600 _____ C:\WINDOWS\SysWOW64\1712
2017-11-16 10:01 - 2017-11-27 20:56 - 029378960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-11-16 10:01 - 2017-11-14 17:48 - 001989056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438831.dll
2017-11-16 10:01 - 2017-11-14 17:48 - 001673664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438831.dll
2017-11-15 22:59 - 2017-11-15 22:59 - 000403785 _____ C:\Users\Erick L Jefe\Downloads\airplane window1.dzp
2017-11-15 22:54 - 2017-11-15 22:54 - 000470303 _____ C:\Users\Erick L Jefe\Downloads\airplane window.dzp
2017-11-15 18:40 - 2017-12-06 00:35 - 000000000 ____D C:\Program Files (x86)\CorsairLink4
2017-11-15 18:40 - 2017-11-15 18:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corsair LINK 4
2017-11-12 22:02 - 2017-11-12 22:02 - 000236140 _____ C:\Users\Erick L Jefe\Downloads\MagDec_Update.zip
2017-11-12 22:02 - 2017-11-12 22:02 - 000000000 ____D C:\Users\Erick L Jefe\Downloads\MagDec_Update
2017-11-12 21:17 - 2017-11-12 21:17 - 000000771 _____ C:\Users\Erick L Jefe\Desktop\PRO-ATC-X.lnk
2017-11-12 21:17 - 2017-11-12 21:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PRO-ATC-X
2017-11-12 00:45 - 2017-11-12 00:45 - 000000000 ____D C:\ProgramData\FlightSimLabs
2017-11-12 00:39 - 2017-11-12 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlightSimLabs, Ltd
2017-11-12 00:28 - 2017-11-12 00:28 - 000000000 ____D C:\Program Files (x86)\FlightSimLabs
2017-11-12 00:18 - 2017-11-12 00:18 - 000000000 ____D C:\Users\Public\Documents\FSLabs Data
2017-11-08 17:19 - 2017-11-08 17:19 - 000027552 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO64A.SYS
2017-11-08 17:04 - 2017-11-08 17:04 - 000000000 ____D C:\Users\Erick L Jefe\Downloads\_updated__stepris_v1_3_for_rainmeter_by_t_projects-d8cxv8v
2017-11-08 17:00 - 2017-11-08 17:30 - 000071576 ____N C:\Users\Erick L Jefe\Downloads\RMSKIN.bmp
2017-11-08 17:00 - 2017-11-08 17:30 - 000000167 ____N C:\Users\Erick L Jefe\Downloads\RMSKIN.ini
2017-11-08 17:00 - 2017-11-08 17:30 - 000000000 ____D C:\Users\Erick L Jefe\Downloads\Skins
2017-11-08 17:00 - 2017-11-08 17:00 - 000000000 ____D C:\Users\Erick L Jefe\Downloads\Layouts
2017-11-08 16:59 - 2017-11-08 16:59 - 001680871 _____ C:\Users\Erick L Jefe\Downloads\_updated__stepris_v1_3_for_rainmeter_by_t_projects-d8cxv8v.zip
2017-11-08 16:58 - 2017-11-08 16:58 - 000152677 _____ C:\Users\Erick L Jefe\Downloads\nowmusic_by_mistrjosh-da5vpc8.rmskin
2017-11-08 16:51 - 2017-11-08 16:51 - 001889360 _____ C:\Users\Erick L Jefe\Downloads\hexa_weather__rainmeter__by_dberm22-d4ubpxe.zip
2017-11-08 16:51 - 2017-11-08 16:51 - 000000000 ____D C:\Users\Erick L Jefe\Downloads\hexa_weather__rainmeter__by_dberm22-d4ubpxe
2017-11-08 16:40 - 2017-11-08 16:40 - 006637320 _____ C:\Users\Erick L Jefe\Downloads\jsmeterviii_8_0_by_jsmorley-day98oj.rmskin
2017-11-08 16:23 - 2017-11-08 16:29 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Roaming\Rainmeter
2017-11-08 16:23 - 2017-11-08 16:23 - 000001747 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2017-11-08 16:23 - 2017-11-08 16:23 - 000000000 ____D C:\Users\Erick L Jefe\Documents\Rainmeter
2017-11-08 16:23 - 2017-11-08 16:23 - 000000000 ____D C:\Program Files\Rainmeter
2017-11-08 16:22 - 2017-11-08 16:22 - 000679936 ____N (ScreenTime Media) C:\WINDOWS\SysWOW64\Fliqlo.scr
2017-11-08 16:22 - 2017-11-08 16:22 - 000679936 _____ (ScreenTime Media) C:\WINDOWS\system32\Fliqlo.scr
2017-11-08 16:22 - 2017-11-08 16:22 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Local\Screentime
2017-11-08 16:22 - 2017-11-08 16:22 - 000000000 ____D C:\ProgramData\Screentime
2017-11-08 16:21 - 2017-11-08 16:28 - 000000000 ____D C:\Users\Erick L Jefe\Downloads\Fliqlo 1.3.3
2017-11-08 16:17 - 2017-11-08 16:17 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Local\PlaceholderTileLogoFolder
2017-11-06 21:41 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2017-11-06 21:41 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2017-11-06 21:41 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2017-11-06 21:41 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2017-11-06 21:41 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2017-11-06 21:41 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2017-11-06 21:41 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2017-11-06 21:41 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2017-11-06 21:41 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2017-11-06 21:41 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2017-11-06 21:41 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2017-11-06 21:41 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2017-11-06 21:41 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2017-11-06 21:41 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2017-11-06 21:41 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2017-11-06 21:41 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2017-11-06 21:41 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2017-11-06 21:41 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2017-11-06 21:41 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2017-11-06 21:41 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2017-11-06 21:41 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2017-11-06 21:41 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2017-11-06 21:41 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2017-11-06 21:41 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2017-11-06 21:41 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2017-11-06 21:41 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2017-11-06 21:41 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2017-11-06 21:41 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2017-11-06 21:41 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2017-11-06 21:41 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2017-11-06 21:41 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2017-11-06 21:41 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2017-11-06 21:41 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2017-11-06 21:41 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2017-11-06 21:41 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2017-11-06 21:41 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2017-11-06 21:41 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2017-11-06 21:41 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2017-11-06 21:41 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2017-11-06 21:41 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2017-11-06 21:41 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2017-11-06 21:41 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2017-11-06 21:41 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2017-11-06 21:41 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2017-11-06 21:41 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2017-11-06 21:41 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2017-11-06 21:41 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2017-11-06 21:41 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2017-11-06 21:41 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2017-11-06 21:41 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2017-11-06 21:41 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2017-11-06 21:41 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2017-11-06 21:41 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2017-11-06 21:41 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2017-11-06 21:41 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2017-11-06 21:41 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2017-11-06 21:41 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2017-11-06 21:41 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2017-11-06 21:41 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2017-11-06 21:41 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2017-11-06 21:41 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2017-11-06 21:41 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2017-11-06 21:41 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2017-11-06 21:41 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2017-11-06 21:41 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2017-11-06 21:41 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2017-11-06 21:41 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2017-11-06 21:41 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2017-11-06 21:41 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2017-11-06 21:41 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2017-11-06 21:41 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2017-11-06 21:41 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2017-11-06 21:41 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2017-11-06 21:41 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2017-11-06 21:41 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2017-11-06 21:41 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2017-11-06 21:41 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2017-11-06 21:41 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2017-11-06 21:41 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2017-11-06 21:41 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2017-11-06 21:41 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2017-11-06 21:41 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2017-11-06 21:41 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2017-11-06 21:41 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2017-11-06 21:41 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2017-11-06 21:41 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2017-11-06 21:41 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2017-11-06 21:41 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2017-11-06 21:41 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2017-11-06 21:41 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2017-11-06 21:41 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2017-11-06 21:41 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2017-11-06 21:41 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2017-11-06 21:41 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2017-11-06 21:41 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2017-11-06 21:41 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2017-11-06 21:41 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2017-11-06 21:41 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2017-11-06 21:40 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2017-11-06 21:40 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2017-11-06 21:40 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2017-11-06 21:40 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2017-11-06 21:40 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2017-11-06 21:40 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2017-11-06 21:40 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2017-11-06 21:40 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2017-11-06 21:40 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2017-11-06 21:40 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2017-11-06 21:40 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2017-11-06 21:40 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2017-11-06 21:40 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2017-11-06 21:40 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2017-11-06 21:40 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2017-11-06 21:40 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2017-11-06 21:40 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2017-11-06 21:40 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2017-11-06 21:40 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2017-11-06 21:40 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2017-11-06 21:40 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2017-11-06 21:40 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2017-11-06 21:40 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2017-11-06 21:40 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2017-11-06 21:40 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2017-11-06 21:40 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2017-11-06 21:40 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2017-11-06 21:40 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2017-11-06 21:40 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2017-11-06 21:40 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2017-11-06 21:40 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2017-11-06 21:40 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2017-11-06 21:40 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2017-11-06 21:40 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2017-11-06 21:40 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2017-11-06 21:40 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2017-11-06 21:40 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2017-11-06 21:40 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2017-11-06 21:40 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2017-11-06 21:40 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2017-11-06 21:40 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2017-11-06 21:40 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2017-11-06 21:40 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2017-11-06 21:40 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2017-11-06 21:40 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2017-11-06 21:40 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2017-11-06 21:40 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2017-11-06 21:40 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2017-11-06 21:40 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2017-11-06 21:40 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2017-11-06 21:40 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2017-11-06 21:40 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2017-11-06 21:40 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2017-11-06 21:40 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2017-11-06 21:40 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2017-11-06 21:40 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2017-11-06 21:40 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2017-11-06 21:40 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2017-11-06 21:40 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2017-11-06 21:40 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2017-11-06 21:40 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2017-11-06 21:40 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2017-11-06 21:40 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2017-11-06 21:40 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2017-11-06 21:40 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2017-11-06 21:40 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2017-11-06 21:40 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2017-11-06 21:40 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2017-11-06 21:40 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2017-11-06 21:40 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2017-11-06 21:40 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2017-11-06 21:40 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2017-11-06 21:40 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2017-11-06 21:40 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2017-11-06 21:40 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2017-11-06 21:40 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2017-11-06 21:40 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2017-11-06 21:40 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2017-11-06 21:23 - 2017-11-06 21:23 - 000001730 _____ C:\Users\Public\Desktop\REX 4 - Texture Direct with Soft Clouds Enhanced Edition.lnk
2017-11-06 21:23 - 2017-11-06 21:23 - 000000803 _____ C:\Users\Public\Desktop\User Manual-Texture Direct-Soft Clouds Enhanced.lnk
2017-11-06 18:19 - 2017-11-06 18:20 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Local\Steam

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-06 08:17 - 2017-11-03 15:52 - 000004174 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{59051D08-BDB3-4FF8-94C6-225CABFE0188}
2017-12-06 08:17 - 2017-08-04 22:35 - 000000000 ____D C:\ProgramData\NVIDIA
2017-12-06 08:16 - 2017-09-29 18:17 - 000000000 ___RD C:\Users\Erick L Jefe\iCloudDrive
2017-12-06 03:56 - 2017-11-03 15:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-06 03:56 - 2017-11-02 23:05 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Roaming\Syncios
2017-12-06 03:55 - 2017-09-29 03:45 - 021233664 _____ C:\WINDOWS\system32\config\HARDWARE
2017-12-06 03:55 - 2017-09-29 03:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-12-06 03:33 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\tracing
2017-12-06 03:21 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Help
2017-12-06 03:08 - 2017-11-03 15:49 - 000000000 ____D C:\Users\Erick L Jefe
2017-12-06 03:08 - 2017-09-29 08:46 - 000000000 ____D C:\Program Files\Maestro MOBILITY PC Camera
2017-12-06 03:06 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Resources
2017-12-06 02:42 - 2017-11-03 15:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-06 02:37 - 2017-08-05 02:09 - 000000000 ____D C:\Users\Erick L Jefe\Documents\Vuze Downloads
2017-12-06 02:31 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-12-06 01:02 - 2017-10-19 23:23 - 000000000 ____D C:\ProgramData\CLink4
2017-12-06 00:41 - 2017-09-29 08:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-12-06 00:41 - 2017-09-29 03:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-12-06 00:34 - 2017-08-06 15:08 - 000000000 ____D C:\ProgramData\Norton
2017-12-06 00:32 - 2017-08-06 15:08 - 000001328 _____ C:\Users\Erick L Jefe\Desktop\Norton Installation Files.lnk
2017-12-06 00:07 - 2017-08-06 15:08 - 000000000 ____D C:\Users\Public\Downloads\Norton
2017-12-06 00:04 - 2017-08-06 15:09 - 000000000 ____D C:\ProgramData\NortonInstaller
2017-12-05 23:59 - 2017-08-05 01:34 - 000000946 _____ C:\Users\Public\Desktop\Navigraph FMS Data Manager.lnk
2017-12-05 23:59 - 2017-08-05 01:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigraph FMS Data Manager
2017-12-05 23:34 - 2017-03-18 16:03 - 000013499 _____ C:\WINDOWS\system32\Drivers\etc\hosts.old
2017-12-05 23:29 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-12-05 22:47 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-12-05 22:47 - 2017-09-29 08:44 - 000000000 ____D C:\WINDOWS\INF
2017-12-05 22:46 - 2017-08-05 23:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft
2017-12-05 20:59 - 2017-10-20 21:29 - 000000000 ____D C:\Users\Erick L Jefe\Documents\Prepar3D v4 Files
2017-12-05 19:57 - 2017-09-29 08:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-05 19:57 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-05 18:41 - 2017-08-19 16:37 - 000000000 ____D C:\MSI
2017-12-05 15:30 - 2017-08-04 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-12-04 20:05 - 2017-08-04 22:35 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-12-03 18:28 - 2017-11-03 15:52 - 000003518 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics
2017-12-03 18:28 - 2017-08-04 23:12 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Local\NVIDIA
2017-12-03 18:18 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\rescache
2017-12-03 01:04 - 2017-09-28 16:28 - 000000000 ____D C:\Users\Erick L Jefe\Documents\Prepar3D v4 Add-ons
2017-12-02 01:45 - 2017-11-03 15:53 - 000000000 ___RD C:\Users\Erick L Jefe\3D Objects
2017-12-02 01:45 - 2017-11-03 15:45 - 000410688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-02 01:45 - 2017-08-04 22:34 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-12-02 01:44 - 2017-09-29 09:42 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2017-12-02 01:44 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-12-02 01:44 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-12-02 01:44 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-12-02 01:44 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-02 01:44 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-12-02 01:44 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-02 01:44 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Provisioning
2017-12-02 01:44 - 2017-09-29 08:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-12-02 01:44 - 2017-09-29 08:46 - 000000000 ____D C:\PerfLogs
2017-12-02 01:41 - 2017-09-29 08:42 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-12-02 01:41 - 2017-09-29 08:41 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-12-02 01:41 - 2017-09-29 08:41 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-12-02 01:41 - 2017-09-29 08:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-02 01:41 - 2017-09-29 08:41 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-12-02 01:41 - 2017-09-29 08:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-02 01:41 - 2017-09-29 08:41 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-12-02 01:41 - 2017-09-29 08:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-01 21:23 - 2017-09-22 16:21 - 000000915 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigraph Simlink.lnk
2017-12-01 21:19 - 2017-09-22 16:21 - 000000982 _____ C:\Users\Public\Desktop\Navigraph Charts Desktop.lnk
2017-12-01 21:19 - 2017-09-22 16:21 - 000000982 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigraph Charts Desktop.lnk
2017-12-01 21:07 - 2017-08-05 20:28 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Roaming\virtuali
2017-11-30 16:21 - 2017-09-29 08:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-30 16:21 - 2017-08-04 23:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-11-28 17:37 - 2017-08-19 16:44 - 000001837 _____ C:\Users\Public\Desktop\Dragon Eye.lnk
2017-11-28 17:37 - 2017-08-19 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2017-11-27 20:56 - 2017-10-30 21:15 - 004485560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-11-27 20:56 - 2017-10-30 21:15 - 003817584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-11-27 20:56 - 2017-10-30 21:15 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-11-27 20:56 - 2017-10-30 21:15 - 000048442 _____ C:\WINDOWS\system32\nvinfo.pb
2017-11-27 19:37 - 2017-08-04 23:11 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-11-27 19:06 - 2017-08-04 23:11 - 005965624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-11-27 19:06 - 2017-08-04 23:11 - 002588976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-11-27 19:06 - 2017-08-04 23:11 - 001766288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-11-27 19:06 - 2017-08-04 23:11 - 000608240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-11-27 19:06 - 2017-08-04 23:11 - 000450544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-11-27 19:06 - 2017-08-04 23:11 - 000122768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-11-27 19:06 - 2017-08-04 23:11 - 000082736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-11-25 18:40 - 2017-08-28 11:16 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Roaming\MSI
2017-11-25 18:38 - 2017-08-28 09:54 - 000002032 _____ C:\Users\Public\Desktop\MSI Live Update 6.lnk
2017-11-25 18:38 - 2017-08-19 16:37 - 000000000 ____D C:\Program Files (x86)\MSI
2017-11-24 19:18 - 2017-08-06 00:24 - 000000184 _____ C:\Users\Erick L Jefe\FSDreamTeam_JFK V2.reg
2017-11-24 19:02 - 2017-08-07 10:12 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Roaming\ArcSoft
2017-11-24 17:04 - 2017-08-05 21:02 - 000001143 _____ C:\Users\Erick L Jefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LatinVFR_Manual_TJSJ.lnk
2017-11-24 17:04 - 2017-08-05 21:02 - 000000803 _____ C:\Users\Erick L Jefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TJSJ uninstaller.lnk
2017-11-23 17:41 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-11-23 17:41 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-11-23 17:41 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-11-23 17:41 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-11-23 17:41 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-11-23 16:16 - 2017-08-05 02:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-23 16:15 - 2017-10-23 19:11 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-23 16:15 - 2017-08-05 02:35 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-22 18:11 - 2017-08-04 22:35 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-11-21 18:25 - 2017-11-03 15:52 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-21 18:25 - 2017-11-03 15:52 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-21 18:25 - 2017-11-03 15:52 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-21 18:25 - 2017-11-03 15:52 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-21 18:25 - 2017-11-03 15:52 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-21 18:25 - 2017-11-03 15:52 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-21 18:25 - 2017-11-03 15:52 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-21 18:25 - 2017-11-03 15:52 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-21 18:25 - 2017-08-04 23:12 - 000001481 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-11-21 18:25 - 2017-08-04 22:35 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-11-21 15:54 - 2017-08-05 02:36 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-11-20 06:04 - 2017-08-04 23:11 - 007874971 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-11-17 22:57 - 2017-10-30 15:48 - 000000000 ____D C:\Users\Erick L Jefe\Downloads\pta_2.60
2017-11-16 09:00 - 2017-10-30 15:43 - 000002272 ____H C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-15 23:00 - 2017-08-05 00:11 - 000000000 ____D C:\Users\Public\CyberLink
2017-11-15 20:41 - 2017-08-04 23:12 - 002404800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-11-15 20:41 - 2017-08-04 23:12 - 002070976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-11-15 20:41 - 2017-08-04 23:12 - 001309120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-11-15 20:41 - 2017-08-04 23:10 - 000186304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-11-15 20:41 - 2017-08-04 23:10 - 000152512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-11-15 19:53 - 2017-08-04 23:12 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-11-15 19:05 - 2017-10-22 17:55 - 000001706 _____ C:\WINDOWS\SysWOW64\1711
2017-11-15 18:40 - 2017-08-04 22:37 - 000000000 ____D C:\ProgramData\Package Cache
2017-11-15 18:32 - 2017-10-27 11:47 - 000000760 _____ C:\Users\Erick L Jefe\Desktop\Active Sky Cloud Art.lnk
2017-11-15 17:44 - 2017-10-22 16:50 - 000000837 _____ C:\Users\Public\Desktop\FSDT Installation Guide.lnk
2017-11-15 17:44 - 2017-10-22 16:50 - 000000821 _____ C:\Users\Public\Desktop\FSDT Live Update.lnk
2017-11-15 17:44 - 2017-08-05 20:26 - 000000000 ____D C:\ProgramData\Virtuali
2017-11-15 16:02 - 2017-11-03 19:44 - 000000000 ____D C:\Windows.old
2017-11-13 20:48 - 2017-11-03 15:52 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-13 20:48 - 2017-11-03 15:52 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-13 16:28 - 2017-09-03 18:20 - 000001151 _____ C:\Users\Erick L Jefe\Desktop\MSI Afterburner.lnk
2017-11-13 15:23 - 2017-08-05 02:09 - 000000774 _____ C:\Users\Public\Desktop\Vuze.lnk
2017-11-13 15:23 - 2017-08-05 02:09 - 000000774 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2017-11-12 00:14 - 2017-08-05 20:26 - 000000000 ____D C:\ProgramData\Esellerate
2017-11-11 00:45 - 2017-08-06 08:31 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Roaming\vlc
2017-11-10 20:38 - 2017-08-05 22:56 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Local\ElevatedDiagnostics
2017-11-10 20:08 - 2017-08-05 00:52 - 000000000 ____D C:\Users\Public\Documents\PFPX Data
2017-11-08 16:17 - 2017-11-03 15:49 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Local\Packages
2017-11-07 15:44 - 2017-11-03 09:07 - 000000000 ___DC C:\WINDOWS\Panther
2017-11-06 21:19 - 2017-08-05 02:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REX 4
2017-11-06 16:38 - 2017-11-03 15:52 - 000003384 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3728291697-3449938618-998988-1001
2017-11-06 16:38 - 2017-08-04 22:35 - 000002380 _____ C:\Users\Erick L Jefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== Files in the root of some directories =======

2017-08-05 22:42 - 2017-08-12 00:14 - 000000179 _____ () C:\Users\Erick L Jefe\FSDreamTeam_GSX.reg
2017-08-05 22:47 - 2017-08-05 22:47 - 000000185 _____ () C:\Users\Erick L Jefe\FSDreamTeam_Honolulu.reg
2017-08-06 00:24 - 2017-11-24 19:18 - 000000184 _____ () C:\Users\Erick L Jefe\FSDreamTeam_JFK V2.reg
2017-08-05 22:27 - 2017-08-05 22:27 - 000000181 _____ () C:\Users\Erick L Jefe\FSDreamTeam_KFLL.reg
2017-08-19 17:53 - 2017-08-19 17:55 - 001065984 _____ () C:\Users\Erick L Jefe\AppData\Local\file__0.localstorage
2017-12-05 22:47 - 2017-12-05 22:47 - 000140800 _____ () C:\Users\Erick L Jefe\AppData\Local\installer.dat
2017-09-09 21:16 - 2017-10-24 19:15 - 000007604 _____ () C:\Users\Erick L Jefe\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2017-12-06 01:47 - 2017-12-06 01:47 - 000514264 _____ (OldProp Solutions Inc.) C:\Users\Erick L Jefe\AppData\Local\Temp\ChasePlane_Bridge.exe
2017-12-06 02:41 - 2017-12-06 02:41 - 000079904 _____ () C:\Users\Erick L Jefe\AppData\Local\Temp\i4jdel0.exe
2017-12-06 01:47 - 2017-12-06 01:47 - 003383808 _____ () C:\Users\Erick L Jefe\AppData\Local\Temp\SlimDX.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\drivers\exbnruxb.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION

LastRegBack: 2017-12-05 15:46

==================== End of FRST.txt ============================

 

notify.zip

Addition.txt

[kevinf80]

Do you have a USB flash drive (memory stick) 4 GB or above. Do you also have access to another PC....

[Ebaez12]

Yes and yes

[kevinf80]

From your spare PC download and save FRST64.exe to your flashdrive: https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

Open FRST, go not further, just leave it open. Open these keys together Ctrl - Y A blank notepad page will open, copy/past the following onto the blank page:

Quote

start::
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\yaiadiua
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\UDiskMgr
C:\WINDOWS\system32\drivers\exbnruxb.sys
C:\WINDOWS\system32\Drivers\exb*.sys
C:\Windows\System32\vsduzlasvc.exe
C:\Windows\System32\vsd*.exe
C:\Users\Erick L Jefe\AppData\Local\avbdkte\avbdkte.exe
C:\Users\Erick L Jefe\AppData\Local\avbdkte\pcrsmua.exe
C:\Users\Erick L Jefe\AppData\Local\avbdkte
GroupPolicy: Restriction <==== ATTENTION
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3301020&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP57AFB4C0-255B-4923-BF80-8524349D436B"
S2 NAUpdate; "C:\Program Files (x86)\Nero\Update\NASvc.exe" [X]
S4 adlckhg; C:\WINDOWS\System32\drivers\iwyewykp.sys [79064 2017-12-06] (Malwarebytes)
C:\WINDOWS\System32\drivers\iwyewykp.sys
S4 angmjuop; C:\WINDOWS\System32\drivers\wciknp.sys [79064 2017-12-06] (Malwarebytes)
C:\WINDOWS\System32\drivers\wciknp.sys
S4 civad; C:\WINDOWS\System32\drivers\tsdbxb.sys [79064 2017-12-06] (Malwarebytes)
C:\WINDOWS\System32\drivers\tsdbxb.sys
S4 duhmq; C:\WINDOWS\System32\drivers\mrifji.sys [79064 2017-12-06] (Malwarebytes)
C:\WINDOWS\System32\drivers\mrifji.sys
S4 ghxptqy; C:\WINDOWS\System32\drivers\twbx.sys [79064 2017-12-06] (Malwarebytes)
C:\WINDOWS\System32\drivers\twbx.sys
S4 hhhqkx; C:\WINDOWS\System32\drivers\cxfd.sys [79064 2017-12-06] (Malwarebytes)
C:\WINDOWS\System32\drivers\cxfd.sys
S4 ubgaqv; C:\WINDOWS\System32\drivers\bhffm.sys [79064 2017-12-06] (Malwarebytes)
C:\WINDOWS\System32\drivers\bhffm.sys
S1 avpjliyf; \??\C:\WINDOWS\system32\drivers\avpjliyf.sys [X]
C:\WINDOWS\system32\drivers\avpjliyf.sys
S4 SMR501; \SystemRoot\System32\drivers\SMR501.SYS [X]
C:\WINDOWS\System32\drivers\SMR501.SYS
R3 udiskMgr; system32\drivers\ruybeh.sys [X]
C:\WINDOWS\system32\drivers\ruybeh.sys
S1 yaiadiua; \??\C:\WINDOWS\system32\drivers\yaiadiua.sys [X]
C:\WINDOWS\system32\drivers\yaiadiua.sys
2017-12-06 03:55 - 2017-12-06 03:55 - 000079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\bhffm.sys
2017-12-06 03:55 - 2017-12-06 03:55 - 000000288 _____ C:\WINDOWS\Tasks\cpmeay
2017-12-06 03:46 - 2017-12-06 03:46 - 000079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\twbx.sys
2017-12-06 03:21 - 2017-12-06 03:21 - 000079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\cxfd.sys
2017-12-06 03:15 - 2017-12-06 03:15 - 000079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\iwyewykp.sys
2017-12-06 03:06 - 2017-12-06 03:06 - 000079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mrifji.sys
2017-12-06 03:01 - 2017-12-06 03:01 - 000079064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\tsdbxb.sys
2017-12-05 23:27 - 2017-12-06 03:53 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Local\excalwb
2017-12-05 22:48 - 2017-12-06 08:16 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Local\avbdkte
2017-12-05 22:48 - 2017-12-05 23:27 - 000000000 ____D C:\Users\Erick L Jefe\AppData\Local\igfxmtc
2017-12-05 22:47 - 2017-12-05 22:47 - 000140800 _____ C:\Users\Erick L Jefe\AppData\Local\installer.dat
2017-12-05 22:46 - 2017-12-05 22:46 - 000000000 ____D C:\WINDOWS\SysWOW64\csdkhlw
2017-12-05 22:46 - 2017-12-05 22:46 - 000000000 ____D C:\WINDOWS\system32\csdkhlw
2017-12-06 02:41 - 2017-12-06 02:41 - 000079904 _____ () C:\Users\Erick L Jefe\AppData\Local\Temp\i4jdel0.exe
2017-12-06 01:47 - 2017-12-06 01:47 - 003383808 _____ () C:\Users\Erick L Jefe\AppData\Local\Temp\SlimDX.dll
Task: {6B181FC2-BAA8-4407-9F25-FD8B5EFB0037} - System32\Tasks\Maestro MOBILITY PC Camera => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Maestro MOBILITY PC Camera\Maestro MOBILITY PC Camera.dll",bjMqlRhUqH <==== ATTENTION
Shortcut: C:\Users\Erick L Jefe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Int?rn?t ?x?lorer.lnk -> C:\Users\Erick L Jefe\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Erick L Jefe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\G??gle Chr?me.lnk -> C:\Users\Erick L Jefe\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G??gl? Chr?me.lnk -> C:\Users\Erick L Jefe\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\G??gl? Chr?me.lnk -> C:\Users\Erick L Jefe\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\??r?s?ft L?uncher.lnk -> C:\Users\Erick L Jefe\AppData\Roaming\Browsers\exe.rehcnualtfosorea.bat (No File) <==== Cyrillic
HKU\S-1-5-21-3728291697-3449938618-998988-1001\...\StartupApproved\Run: => "6OF5FTH8RGXJBYJ"
HKU\S-1-5-21-3728291697-3449938618-998988-1001\...\StartupApproved\Run: => "8KKM8W4BXAZ6L65"
HKU\S-1-5-21-3728291697-3449938618-998988-1001\...\StartupApproved\Run: => "72BG8KY2Z7K0YT3"
HKU\S-1-5-21-3728291697-3449938618-998988-1001\...\StartupApproved\Run: => "CP4FAFOFLLPEEX2"
HKU\S-1-5-21-3728291697-3449938618-998988-1001\...\StartupApproved\Run: => "KY16P3BLNNUVFX1"
FirewallRules: [{1D3A8365-B4AA-4B98-ADBA-B12794E96351}] => (Allow) LPort=445
FirewallRules: [{0358029B-9F5A-4D8E-BA02-E1A135E74B24}] => (Allow) LPort=19284
FirewallRules: [{49D7B3E1-1650-4143-803D-E3B6F83CCF35}] => (Allow) LPort=19285
FirewallRules: [{927CE115-F775-4A9C-B5E3-E12EED2AD124}] => (Allow) LPort=8888
FirewallRules: [{A830914A-F5A3-47B4-9399-7860DC7BEAC8}] => (Allow) LPort=8888
FirewallRules: [{F8FB5917-7B3C-44D9-BBC4-E190156FEBAB}] => (Allow) LPort=26789
FirewallRules: [{55C6A1B5-6A37-4B29-A4ED-412D8DB69A4A}] => (Allow) LPort=26820
FirewallRules: [{8E380716-316E-4783-B414-36B7C72D24F7}] => (Allow) LPort=26822
end::

Do not name or change that page, now select these two keys together Ctrl - S close notepad, you should now have a random name file saved to the flash drive with FRST64.

Back to the sick PC download and save the attached zip file, boot_into_RE.zip to your Desktop, unzip that file so you now have boot_into_RE.bat

Right click on that batch file and select "Run as Administrator" Plug in the flash drive to sick PC only when Recovery Environment is opened successfully Your PC will boot to the "Choose an Option" window, from that window select "Troubleshoot" From the next window select "Advanced Options" From the next window select "Command Prompt" Ensure to plug the Flashdrive into an open USB port, Continue with the following: In the command window type in notepad and press Enter. The notepad opens. Under File menu select Open. Select "Computer" or "My PC" and find your flash drive letter and close the notepad. In the command window type E:\frst64 or E:\frst depending on your version. Press Enter Note: Replace letter E with the drive letter of your flash drive. <<<----vey important The tool will start to run. When the tool opens click Yes to disclaimer. Press Fix button. It will make a log (Fixlog.txt) on the flash drive. You will need to boot back to Normal windows to post the log, or if applicable do that action from a spare PC... To boot back to windows, type exit at the prompt and hit enter Please copy and paste or attach FRST log to your reply.

boot_into_RE.zip

[Ebaez12]

Followed the steps, but when pc reboots it doesn't boot into recovery mode.

[kevinf80]

Is that from the batch file, what happens,,?

[Ebaez12]

Nothing it reboots back into normal mode. Doesn’t reboot into recovery mode

[kevinf80]

Probably Recovery Environment is disabled by the infection... Try again with attached zip file.

boot_into_RE_2.zip

[Ebaez12]

ok standby, I was able to boot into safe mode by changing the settings in msconfig. let me go back to regular boot up mode and try this batch file

 

[kevinf80]

Ok....

[Ebaez12]

tried that and nothing

[kevinf80]

ok, select these keys together Windows key and X from the list that opens select Command prompt (Admin)

At the prompt copy/paste this command bcdedit.exe /set {default} recoveryenabled yes hit the enter key. Do you get successful return, if so try the first batch file again, then second if first one fails... any progress..?

[Ebaez12]

ok standby

[kevinf80]

Okey dokey....

[Ebaez12]

I got a successful return when i entered that in the command prompt. Tried it with the first batch file and nothing. Trying with the second one now and nothing.

 

[kevinf80]

Which version of Windows is on your spare PC...

[Ebaez12]

windows 10 home

[kevinf80]

Ok, back to your spare PC, plug in the Flash drive and open up.. Drag FRST64 and Random named file onto the Desktop. Leave the flash drive plugged in, this next process will format the flash drive....

Select the search function bottom left corner of desktop, type or copy/paste create recovery drive hit enter key, accept UAC

A new window will open, make sure to UNCHECK this box "Back up system files to recovery drive" when that is UNCHECKED select "Next" from there just follow the prompts. When complete the Recovery Environment Tools will be copied to your flash drive, open that drive and drag and drop FRST64 and random named file. If the back up system files is left checked those files would have been copied over if the flash drive was big enough. Problem then is that drive is PC specific to where created. When only the RE utilities are copied over that flash drive can boot any Windows 10 system....

Back to the sick PC, the boot order will have to be changed so that USB devices are first in the boot order, if this is a newish PC that may already be so. My laptop is about a year old, boot order is CD\DVD > USB > HDD. Obviously a bootable device must be present or the boot check moves to next in order... Is that something you can do. Maybe just try with the flash drive plugged in and boot up sick PC, if it boots from the RD we are ok, if not the boot order would need altering....

[Ebaez12]

Funny thing I was just created a windows media creation dvd on the sick pc so I coukl boot into recovery mode and then plug in usb and be able to continue the process. But since the usb can hold both ill do it this way. BRB

[kevinf80]

Yes anyway is good, if you have a DVD or you prefer USB flash drive. When you boot from the Flash drive you are presented with Keyboard variations, select yours (mine is UK)

From there your PC will boot to the "Choose an Option" window, from that window select "Troubleshoot" From the next window select "Advanced Options" From the next window select "Command Prompt"   In the command window type in notepad and press Enter. The notepad opens. Under File menu select Open. Select "Computer" or "My PC" and find your flash drive letter and close the notepad. In the command window type E:\frst64 or E:\frst depending on your version. Press Enter Note: Replace letter E with the drive letter of your flash drive. <<<----vey important The tool will start to run. When the tool opens click Yes to disclaimer. Press Fix button. It will make a log (Fixlog.txt) on the flash drive. You will need to boot back to Normal windows to post the log, or if applicable do that action from a spare PC... To boot back to windows, type exit at the prompt and hit enter Please copy and paste or attach FRST log to your reply. When that is complete and you are back at Normal mode run a threat scan with Malwarebytes, post that log.. Thanks, Kevin

Edited December 6, 2017 by kevinf80
typing error

[Ebaez12]

Got this message when I did what u told me. I’m currently now trying with the windows install dvd I created. 

[kevinf80]

Secure boot can be turned off within the BIOS, I see your PC is a Dell, I believe selecting F2 or F12 gives access to BIOS... See what happens with your DVD..

Edited December 6, 2017 by kevinf80

[Ebaez12]

It’s not a dell. Only the monitor is. Lol. It’s a custom built pc. Brb