Jump to content

SVC Host Detected Pop Up


Recommended Posts

I have a brand new windows 10 HP computer fresh install , out of the box. At the time I picked this up, I also purchased a  1 year malware bytes product.

 

I installed it and firefox onto my computer (the only things I have installed) and I keep getting popups of the svchost outbound warning.

Here is what it says in report:

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 1/28/18
Protection Event Time: 5:15 AM
Log File: 89585c3a-041c-11e8-8f5f-18602474c7d4.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.3806
License: Premium

-System Information-
OS: Windows 10 (Build 15063.608)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Category: Unspecified
Domain:
IP Address: 46.17.101.199
Port: [57803]
Type: Outbound
File: C:\Windows\System32\svchost.exe

 

(end)

 

And another time earlier today, just in case there are any differences:

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 1/28/18
Protection Event Time: 4:42 AM
Log File: fc5c87ba-0417-11e8-946a-18602474c7d4.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.3806
License: Premium

-System Information-
OS: Windows 10 (Build 15063.608)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Category: Unspecified
Domain:
IP Address: 46.17.101.199
Port: [50434]
Type: Outbound
File: C:\Windows\System32\svchost.exe

 

(end)

 

I ran a full system scan with malware bytes, here is what it said:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 1/28/18
Scan Time: 4:05 AM
Log File: ccb6780e-0412-11e8-975f-18602474c7d4.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.3806
License: Premium

-System Information-
OS: Windows 10 (Build 15063.608)
CPU: x64
File System: NTFS
User: DESKTOP-21B8KBG\Kaci

-Scan Summary-
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 272791
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 21 min, 2 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)

 

I have not hooked up anything from my previous computer nor have I installed anything else apart from firefox (no addons) and malwarebytes premium. This computer is a full factory installation, brand new. So, I can't see why I would have any malware on it at all. The last computer I had, I did something that kept it from popping up (I thought it was a false positive) and it worked but I can't remember what it was that I did.

 

Thank you for any help.

Edited by kelizabeth
meant windows 10, still working on getting used to this keyboard
Link to post
Share on other sites

Hello kelizabeth and welcome to Malwarebytes,

The IP address 46.17.101.199 is listed to the Russian Federation, https://whois.domaintools.com/46.17.101.199

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.

Thank you,

Kevin

Link to post
Share on other sites

Hi Kevin! I have attached the addition.txt and here is the FRST txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by Kaci (administrator) on DESKTOP-21B8KBG (28-01-2018 07:40:00)
Running from C:\Users\Kaci\Desktop
Loaded Profiles: Kaci &  (Available Profiles: Kaci)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122870 .inf_amd64_a18460114154fd38\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122870 .inf_amd64_a18460114154fd38\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122870 .inf_amd64_a18460114154fd38\IntelCpHDCPSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\modulecore\ModuleCoreService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\intel security\pef\CORE\PEFService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\amcore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\vscore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\modulecore\ModuleCoreService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122870 .inf_amd64_a18460114154fd38\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\csp\2.3.322.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.72.117.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Intel Security) C:\Program Files\Common Files\mcafee\clientanalytics\legacy\McClientAnalytics.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [704832 2017-04-27] (HP Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 46.17.101.199 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{1caa8844-0cbd-45ba-8002-d2dbeb48d27a}: [DhcpNameServer] 46.17.101.199 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3432493963-2501948043-491498502-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3432493963-2501948043-491498502-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3432493963-2501948043-491498502-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01282018071212726\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3432493963-2501948043-491498502-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01282018071212726\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-04-07] (HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-04-07] (HP Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-02-01] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-02-01] (McAfee, Inc.)

FireFox:
========
FF DefaultProfile: uqbyn1gm.default
FF ProfilePath: C:\Users\Kaci\AppData\Roaming\Mozilla\Firefox\Profiles\uqbyn1gm.default [2018-01-28]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2018-01-27] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-01] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-01] ()

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1747800 2017-02-16] (Intel Security)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [630776 2017-02-06] (HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515768 2017-04-13] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-11-08] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-23] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [454560 2016-11-15] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\\McCSPServiceHost.exe [2054080 2017-02-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [1342904 2017-02-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.)
R3 mfevtp; C:\windows\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2017-04-27] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [77432 2017-11-29] ()
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [174600 2017-04-13] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193968 2018-01-27] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2018-01-28] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2018-01-28] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-01-28] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2018-01-28] (Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7647232 2017-10-17] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [954368 2017-04-14] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [419296 2017-02-22] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
R3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-28 08:49 - 2018-01-28 06:56 - 000000000 ____D C:\Windows.old
2018-01-28 08:48 - 2018-01-28 08:49 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-01-28 08:47 - 2018-01-28 08:48 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-01-28 08:47 - 2018-01-28 08:47 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-01-28 08:46 - 2018-01-28 08:46 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-28 08:46 - 2018-01-28 08:46 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-28 08:46 - 2018-01-28 08:46 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-01-28 08:46 - 2018-01-28 08:46 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-01-28 08:46 - 2018-01-28 08:46 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2018-01-28 08:46 - 2018-01-28 08:46 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2018-01-28 08:46 - 2018-01-28 08:46 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2018-01-28 08:46 - 2018-01-28 08:46 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-01-28 08:46 - 2018-01-28 08:46 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-01-28 08:44 - 2018-01-28 08:44 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-01-28 08:44 - 2018-01-28 08:44 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-01-28 08:44 - 2018-01-28 08:44 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-01-28 08:44 - 2018-01-28 08:44 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-01-28 08:44 - 2018-01-28 08:44 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-01-28 08:44 - 2018-01-28 08:44 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-01-28 08:44 - 2018-01-28 08:44 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-01-28 08:44 - 2018-01-28 08:44 - 000000000 ____D C:\Program Files\MSBuild
2018-01-28 08:44 - 2018-01-28 08:44 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-01-28 08:44 - 2018-01-28 08:44 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-01-28 08:44 - 2018-01-28 08:44 - 000000000 ____D C:\inetpub
2018-01-28 07:40 - 2018-01-28 07:40 - 000014159 _____ C:\Users\Kaci\Desktop\FRST.txt
2018-01-28 07:39 - 2018-01-28 07:40 - 000000000 ____D C:\FRST
2018-01-28 07:38 - 2018-01-28 07:38 - 002393088 _____ (Farbar) C:\Users\Kaci\Desktop\FRST64.exe
2018-01-28 06:58 - 2018-01-28 06:58 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-01-28 06:57 - 2018-01-28 06:57 - 000000000 ___RD C:\Users\Kaci\3D Objects
2018-01-28 06:57 - 2018-01-28 06:57 - 000000000 ___HD C:\Users\Kaci\MicrosoftEdgeBackups
2018-01-28 06:57 - 2018-01-28 06:57 - 000000000 ____D C:\ProgramData\USOShared
2018-01-28 06:56 - 2018-01-28 06:56 - 000000020 ___SH C:\Users\Kaci\ntuser.ini
2018-01-28 06:55 - 2018-01-28 06:55 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2018-01-28 06:55 - 2018-01-28 06:55 - 000007623 _____ C:\WINDOWS\diagerr.xml
2018-01-28 06:55 - 2018-01-28 06:55 - 000003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2018-01-28 06:55 - 2018-01-28 06:55 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3432493963-2501948043-491498502-1001
2018-01-28 06:55 - 2018-01-28 06:55 - 000002856 _____ C:\WINDOWS\System32\Tasks\HPJumpStartLaunch
2018-01-28 06:55 - 2018-01-28 06:55 - 000002768 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2018-01-28 06:55 - 2018-01-28 06:55 - 000002500 _____ C:\WINDOWS\System32\Tasks\HPEA3JOBS
2018-01-28 06:55 - 2018-01-28 06:55 - 000002470 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2018-01-28 06:55 - 2018-01-28 06:55 - 000002440 _____ C:\WINDOWS\System32\Tasks\HPAudioSwitch
2018-01-28 06:55 - 2018-01-28 06:55 - 000002280 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2018-01-28 06:55 - 2018-01-28 06:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-28 06:55 - 2018-01-28 06:55 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2018-01-28 06:55 - 2018-01-28 06:55 - 000000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2018-01-28 06:54 - 2018-01-28 06:54 - 000022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-01-28 06:52 - 2018-01-28 06:52 - 000001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-01-28 06:52 - 2017-09-29 07:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-01-28 06:51 - 2018-01-28 07:21 - 000000000 ____D C:\Users\Kaci\AppData\Local\Packages
2018-01-28 06:51 - 2018-01-28 06:58 - 000980702 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-28 06:51 - 2018-01-28 06:57 - 000000000 ____D C:\Users\Kaci
2018-01-28 06:51 - 2018-01-28 06:51 - 000002063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Control.lnk
2018-01-28 06:51 - 2017-06-23 04:34 - 000140240 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2018-01-28 06:51 - 2017-06-23 04:34 - 000116672 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2018-01-28 06:50 - 2018-01-28 06:53 - 000395504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-28 06:50 - 2018-01-28 06:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-28 06:38 - 2018-01-28 06:39 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2018-01-28 06:25 - 2018-01-28 06:25 - 000000000 ____D C:\Program Files\rempl
2018-01-28 06:22 - 2018-01-28 06:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-28 06:21 - 2018-01-28 06:21 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-28 06:21 - 2018-01-28 06:21 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-28 05:02 - 2018-01-28 06:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2018-01-28 04:35 - 2017-07-17 19:19 - 000680296 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2152733.exe
2018-01-28 04:34 - 2018-01-28 04:34 - 000000000 ____D C:\Users\Kaci\AppData\Roaming\Hewlett-Packard
2018-01-28 04:31 - 2018-01-28 06:56 - 000000000 ___DC C:\WINDOWS\Panther
2018-01-27 23:30 - 2018-01-27 23:30 - 000000000 _SHDL C:\Documents and Settings
2018-01-27 18:00 - 2018-01-28 08:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-01-27 18:00 - 2018-01-28 07:01 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-01-27 18:00 - 2018-01-28 06:53 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-01-27 18:00 - 2018-01-28 06:53 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-01-27 18:00 - 2018-01-28 06:53 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-01-27 18:00 - 2018-01-27 18:00 - 000193968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-01-27 18:00 - 2018-01-27 18:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-27 18:00 - 2018-01-27 18:00 - 000000000 ____D C:\Program Files\Malwarebytes
2018-01-27 18:00 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-01-27 17:04 - 2018-01-28 07:16 - 000000000 ____D C:\Users\Kaci\AppData\LocalLow\Mozilla
2018-01-27 17:04 - 2018-01-27 17:51 - 000000000 ____D C:\Users\Kaci\AppData\Local\Mozilla
2018-01-27 17:04 - 2018-01-27 17:05 - 000000000 ____D C:\Users\Kaci\AppData\Roaming\Mozilla
2018-01-27 17:04 - 2018-01-27 17:04 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-01-27 17:04 - 2018-01-27 17:04 - 000001000 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-01-27 17:04 - 2018-01-27 17:04 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-01-27 17:04 - 2018-01-27 17:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-27 16:58 - 2018-01-27 16:58 - 000000000 ____D C:\Users\Kaci\AppData\Local\Comms
2018-01-27 16:55 - 2018-01-27 16:59 - 000000000 ____D C:\Users\Kaci\AppData\Local\MicrosoftEdge
2018-01-27 16:55 - 2018-01-27 16:55 - 000000000 ____D C:\Users\Kaci\AppData\Local\DBG
2018-01-27 16:45 - 2018-01-27 16:45 - 000000000 ____D C:\Users\Kaci\AppData\Roaming\Macromedia
2018-01-27 16:43 - 2018-01-27 16:44 - 000002367 _____ C:\Users\Kaci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-27 16:43 - 2018-01-27 16:44 - 000000000 ___RD C:\Users\Kaci\OneDrive
2018-01-27 16:42 - 2018-01-27 16:43 - 000000000 ____D C:\Users\Kaci\AppData\Roaming\HP
2018-01-27 16:41 - 2018-01-28 06:56 - 000000000 __SHD C:\Users\Kaci\IntelGraphicsProfiles
2018-01-27 16:41 - 2018-01-28 04:35 - 000000000 ____D C:\Users\Kaci\AppData\Roaming\WildTangent
2018-01-27 16:41 - 2018-01-27 17:46 - 000000000 ____D C:\Users\Kaci\AppData\Local\Publishers
2018-01-27 16:41 - 2018-01-27 16:41 - 000000000 ____D C:\Users\Kaci\AppData\Roaming\Adobe
2018-01-27 16:41 - 2018-01-27 16:41 - 000000000 ____D C:\Users\Kaci\AppData\Local\VirtualStore
2018-01-27 16:41 - 2018-01-27 16:41 - 000000000 ____D C:\Users\Kaci\AppData\Local\HP JumpStart Apps
2018-01-27 16:41 - 2018-01-27 16:41 - 000000000 ____D C:\Users\Kaci\AppData\Local\Crashpad
2018-01-27 16:41 - 2018-01-27 16:41 - 000000000 ____D C:\Users\Kaci\AppData\Local\ConnectedDevicesPlatform
2018-01-27 16:39 - 2018-01-28 06:57 - 000000000 ____D C:\Users\Kaci\AppData\Local\TileDataLayer
2018-01-27 16:39 - 2017-09-26 04:35 - 000000000 ___HD C:\Users\Kaci\Documents\hp.system.package.metadata
2018-01-27 16:39 - 2017-09-26 04:35 - 000000000 ___HD C:\Users\Kaci\Documents\hp.applications.package.appdata

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-28 08:50 - 2017-09-29 07:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-01-28 08:49 - 2017-09-29 07:49 - 000000000 ____D C:\WINDOWS\Setup
2018-01-28 08:49 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-01-28 08:49 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\spool
2018-01-28 08:49 - 2017-09-29 07:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-01-28 08:49 - 2017-09-29 02:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2018-01-28 08:49 - 2017-09-26 05:49 - 000000000 ____D C:\WINDOWS\SysWOW64\WildTangent
2018-01-28 08:49 - 2017-09-26 05:44 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-01-28 08:49 - 2017-09-26 05:41 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-01-28 08:49 - 2017-09-26 05:38 - 000000000 ____D C:\Program Files\Intel
2018-01-28 08:49 - 2017-09-26 04:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2018-01-28 08:49 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-01-28 08:48 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-01-28 08:48 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\appcompat
2018-01-28 08:48 - 2017-09-26 05:38 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2018-01-28 08:48 - 2017-09-26 05:38 - 000000000 ____D C:\Program Files\Realtek
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\si-LK
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\am-ET
2018-01-28 08:47 - 2017-09-29 08:42 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-01-28 08:47 - 2017-09-29 07:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-01-28 08:47 - 2017-09-29 07:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-01-28 08:47 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-01-28 08:47 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2018-01-28 08:47 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-01-28 08:47 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2018-01-28 08:47 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-01-28 08:47 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-01-28 08:47 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-01-28 08:47 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\Provisioning
2018-01-28 08:47 - 2017-09-29 07:46 - 000000000 ____D C:\Program Files\Windows Defender
2018-01-28 08:47 - 2017-09-29 07:46 - 000000000 ____D C:\PerfLogs
2018-01-28 08:47 - 2017-09-29 02:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-01-28 08:44 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2018-01-28 08:44 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2018-01-28 07:26 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-28 07:21 - 2017-09-29 07:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-28 07:13 - 2017-09-29 07:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-01-28 07:00 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-01-28 07:00 - 2017-09-29 07:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-28 06:57 - 2017-09-29 07:46 - 000000000 ____D C:\ProgramData\USOPrivate
2018-01-28 06:57 - 2017-09-29 07:44 - 000000000 ____D C:\WINDOWS\INF
2018-01-28 06:57 - 2017-03-17 21:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-28 06:56 - 2017-09-29 09:04 - 000000000 ___HD C:\$WINDOWS.~BT
2018-01-28 06:55 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\Registration
2018-01-28 06:54 - 2017-09-29 07:46 - 000000000 __RHD C:\Users\Public\Libraries
2018-01-28 06:53 - 2017-09-29 02:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-01-28 06:52 - 2017-09-29 07:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-01-28 06:51 - 2017-09-29 02:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-01-28 06:51 - 2017-09-26 05:40 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2018-01-28 06:51 - 2017-09-26 05:39 - 000000000 ____D C:\Intel
2018-01-28 06:51 - 2017-09-26 05:39 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2018-01-28 06:51 - 2017-09-26 05:38 - 000063002 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2018-01-28 06:51 - 2017-09-26 05:38 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-01-28 06:51 - 2017-03-31 23:38 - 000936124 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2018-01-27 17:48 - 2017-09-26 04:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-01-27 17:28 - 2017-09-26 05:44 - 000000000 ____D C:\ProgramData\WildTangent
2018-01-27 17:16 - 2017-09-26 05:44 - 000000000 ____D C:\ProgramData\mcafee
2018-01-27 16:45 - 2017-09-26 05:44 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-01-27 16:45 - 2017-09-26 04:36 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2018-01-27 16:41 - 2017-06-08 09:11 - 000000000 ___HD C:\SYSTEM.SAV

==================== Files in the root of some directories =======

2018-01-28 04:35 - 2017-07-17 19:19 - 000680296 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2152733.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-28 06:50

==================== End of FRST.txt ============================

Addition.txt

Link to post
Share on other sites

Hello kelizabeth...

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Reset your router, instructons available at the following link:

http://setuprouter.com/networking/how-to-reset-your-router/

Follow those instructions very carefully.

Next,

Download and unzip DNSJumper to your Desktop, the tool is portable no installation necessary.

Tool can be downloaded here: http://www.sordum.org/downloads/?dns-jumper
 
  • Right click on Dnsjumper.exe and select "Run as Administrator" to start the tool, For XP just double click to run.
  • From the left hand pane select "Flush DNS"
  • From the main interface select the dropdown under "Choose a DNS Server"
  • From the list select either "Google Public DNS" or "Open DNS"
  • From the left hand pane select "Apply DNS"



When done re-boot your system.... Post the log from FRST fix, also let me know if the issue has ceased...

Thank you,

Kevin

fixlist.txt

Edited by kevinf80
typing error
Link to post
Share on other sites

Okay, I have followed the instructions. Here is the fixlog

Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by Kaci (28-01-2018 07:55:07) Run:1
Running from C:\Users\Kaci\Desktop
Loaded Profiles: Kaci (Available Profiles: Kaci)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
Tcpip\Parameters: [DhcpNameServer] 46.17.101.199 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{1caa8844-0cbd-45ba-8002-d2dbeb48d27a}: [DhcpNameServer] 46.17.101.199 8.8.8.8 8.8.4.4
2018-01-28 04:35 - 2017-07-17 19:19 - 000680296 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2152733.exe
End
*****************

"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1caa8844-0cbd-45ba-8002-d2dbeb48d27a}\\DhcpNameServer" => removed successfully
C:\ProgramData\uninstall2152733.exe => moved successfully

==== End of Fixlog 07:55:08 ====

I chose the google one, is that okay?

And so far, since the reboot, I haven't had it pop up. I've looked around on the internet and checked for malwarebytes updates to make sure and so far, it is no longer occurring.

I'm in no way smart at this kind of stuff, does the log say what was causing it to do that?

Also; when I scan my computer malwarebytes takes up 80% of my CPU, is that normal? It drops back down once the scan is paused or complete.

Thank you!

Link to post
Share on other sites

Hello kelizabeth,

Yes google settings are fine, regarding cause of problem, i`d say exploited Router.

Unless you have any remaining issues or concerns run the following to clean up..

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

If your security program alerts to Delfix either, accept the alert or turn your security off.

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:

 
  • Remove disinfection tools <----- this will remove tools we may have used.
  • Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created.
  • Reset system settings <--- this will reset any system settings back to default that were changed either by us during cleansing or malware/infection


Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…

Next,

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin... user posted image
Link to post
Share on other sites

  • 2 weeks later...

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.