Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Having some major connection issues and my system is slooooooow. Please help!

  1. #1
    Member
    Join Date
    Oct 2005
    Posts
    71

    Default Having some major connection issues and my system is slooooooow. Please help!

    I have begin to notice that my system is not running properly. I initially thought it was a WiFi connection issue, but it appears to be my system, as I'm getting a message on my computer telling me that I'm affected by malware and to contact a number to have the technician assist me in removing the malware. I haven't contacted them to do so. I ran the Farbar Recovery Scan tool, and have copied the logs below. However, when I try to run the aswMBR program, my system consistently restarts and will not run the program. Therefore, I haven't submitted the log. Please assist me in getting my computer back in good shape. Thanks in advance!

    The logs are as follows:

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
    Ran by Rabigalo (administrator) on BIGGIE (31-08-2017 19:14:36)
    Running from C:\Users\Rabigalo\Desktop
    Loaded Profiles: Rabigalo (Available Profiles: Rabigalo)
    Platform: Windows 10 Pro Version 1703 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\igfxCUIService.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
    (Intel Corporation) C:\Windows\System32\ibtsiva.exe
    (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
    (Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
    (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    (Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
    (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
    (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_7\mcapexe.exe
    (McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\McCSPServiceHost.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\igfxEM.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe
    (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
    (Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
    (FrescoLogic) C:\Program Files\Fresco Logic\Fresco Logic USB Display Driver\FL2000\x64\flvga_tray.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    (Dell) C:\Users\Rabigalo\AppData\Local\Apps\2.0\674XYRYO.PE5\KDR27GDB.EJC\dell..tion_831211ca63b981c5_0008.0005_9a48d74816d64e41\DellSystemDetect.exe
    (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunes.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
    (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
    (Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
    (Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Dell Inc.) C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
    (Dell) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    (Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
    (Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
    (Dell) C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    (Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
    (Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\IntelCpHeciSvc.exe
    (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\acrotray.exe
    (McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe

    ==================== Registry (Whitelisted) ====================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8848640 2016-02-05] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008 2016-02-05] (Realtek Semiconductor)
    HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [7823824 2015-09-21] (Dell Inc.)
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323040 2015-11-17] (Intel Corporation)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
    HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [718256 2015-12-22] (Waves Audio Ltd.)
    HKLM\...\Run: [flvga_tray] => C:\Program Files\Fresco Logic\Fresco Logic USB Display Driver\FL2000\x64\flvga_tray.exe [439424 2016-12-23] (FrescoLogic)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
    HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3487032 2017-08-22] (Dropbox, Inc.)
    HKLM-x32\...\Run: [PowerDVD16Agent] => C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe [516296 2016-03-27] (CyberLink Corp.)
    HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Acrotray.exe [1868272 2017-07-31] (Adobe Systems Inc.)
    HKLM-x32\...\Run: [flvga_tray32] => C:\Program Files\Fresco Logic\Fresco Logic USB Display Driver\FL2000\x86\flvga_tray.exe [419968 2016-12-23] (FrescoLogic)
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-21-3267101396-1119176653-3220088351-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-07-14] (Apple Inc.)
    HKU\S-1-5-21-3267101396-1119176653-3220088351-1001\...\Run: [DellSystemDetect] => C:\Users\Rabigalo\AppData\Local\Apps\2.0\674XYRYO.PE5\KDR27GDB.EJC\dell..tion_831211ca63b981c5_0008.0005_9a48d74816d64e41\DellSystemDetect.exe [313264 2017-07-01] (Dell)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 209.18.47.62 209.18.47.61
    Tcpip\..\Interfaces\{86fe8734-7225-4a88-bd23-9f1328f17cce}: [DhcpNameServer] 209.18.47.62 209.18.47.61
    Tcpip\..\Interfaces\{94a402d9-3519-4427-8d51-bc6a6ff9b72e}: [DhcpNameServer] 209.18.47.61 209.18.47.62

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    HKU\S-1-5-21-3267101396-1119176653-3220088351-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKU\S-1-5-21-3267101396-1119176653-3220088351-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
    SearchScopes: HKLM -> DefaultScope {294B6A7F-85F4-4D70-83D2-22158F594F6E} URL =
    SearchScopes: HKLM-x32 -> DefaultScope {294B6A7F-85F4-4D70-83D2-22158F594F6E} URL =
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-08-23] (Microsoft Corporation)
    BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
    BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-08-23] (Microsoft Corporation)
    BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
    BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-08-23] (Microsoft Corporation)
    BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
    BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-08-23] (Microsoft Corporation)
    BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
    Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\x64\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
    Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\2015\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
    Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-23] (Microsoft Corporation)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-08-23] (Microsoft Corporation)
    Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-23] (Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-08-23] (Microsoft Corporation)
    Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-23] (Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-08-23] (Microsoft Corporation)
    Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-23] (Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-08-23] (Microsoft Corporation)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-08-03] (McAfee, Inc.)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-08-03] (McAfee, Inc.)

    Edge:
    ======
    Edge HomeButtonPage: HKU\S-1-5-21-3267101396-1119176653-3220088351-1001 -> hxxp://my.earthlink.net/

    FireFox:
    ========
    FF ProfilePath: C:\Users\Rabigalo\AppData\Roaming\Mozilla\Firefox\Profiles\ma5f8kek.default-1473380576373 [2017-08-31]
    FF NewTab: Mozilla\Firefox\Profiles\ma5f8kek.default-1473380576373 -> about:newtab
    FF DefaultSearchEngine: Mozilla\Firefox\Profiles\ma5f8kek.default-1473380576373 -> Yahoo! Powered
    FF SelectedSearchEngine: Mozilla\Firefox\Profiles\ma5f8kek.default-1473380576373 -> Yahoo! Powered
    FF Homepage: Mozilla\Firefox\Profiles\ma5f8kek.default-1473380576373 -> hxxp://search.heasyspeedtest.co?uid=b59fbfa1-1e06-4137-991e-ff6542bc9874&uc=20170831&ap=appfocus1&source=display-googledisplay-bb8&page=homepage&implementation_id=speedtest_4.0.17
    FF Keyword.URL: Mozilla\Firefox\Profiles\ma5f8kek.default-1473380576373 -> user_pref("keyword.URL", true);
    FF Extension: (Speedtest) - C:\Users\Rabigalo\AppData\Roaming\Mozilla\Firefox\Profiles\ma5f8kek.default-1473380576373\Extensions\@Speedtest.xpi [2017-08-31]
    FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Browser\WCFirefoxExtn
    FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Browser\WCFirefoxExtn [2017-04-12]
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
    FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-08-20] [not signed]
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-09] ()
    FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-08-03] ()
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-08-23] (Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-09] ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel Corporation)
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-08-03] ()
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-08-23] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-08-23] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)
    FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat\Air\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
    FF Plugin HKU\S-1-5-21-3267101396-1119176653-3220088351-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Rabigalo\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-09-11] (Citrix Online)

    Chrome:
    =======
    CHR StartupUrls: Default -> "hxxp://my.earthlink.net/"
    CHR Profile: C:\Users\Rabigalo\AppData\Local\Google\Chrome\User Data\Default [2017-08-31]
    CHR Extension: (Google Slides) - C:\Users\Rabigalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-07]
    CHR Extension: (Google Docs) - C:\Users\Rabigalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-07]
    CHR Extension: (Google Drive) - C:\Users\Rabigalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-07]
    CHR Extension: (YouTube) - C:\Users\Rabigalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-07]
    CHR Extension: (Adobe Acrobat) - C:\Users\Rabigalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-07-07]
    CHR Extension: (Google Sheets) - C:\Users\Rabigalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-07]
    CHR Extension: (Google Docs Offline) - C:\Users\Rabigalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-07]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Rabigalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-25]
    CHR Extension: (Gmail) - C:\Users\Rabigalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-07]
    CHR Extension: (Chrome Media Router) - C:\Users\Rabigalo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-08]
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-08-12] (Microsoft Corporation)
    R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1509680 2017-07-13] (McAfee, Inc.)
    R3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\IntelCpHeciSvc.exe [303064 2017-02-20] (Intel Corporation)
    S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\IntelCpHDCPSvc.exe [480224 2017-02-20] (Intel Corporation)
    S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-08] (Dropbox, Inc.)
    S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-08] (Dropbox, Inc.)
    R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-08-22] (Dropbox, Inc.)
    R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208760 2017-07-27] (Dell Inc.)
    R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294584 2017-07-27] (Dell Inc.)
    R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-07-27] (Dell Inc.)
    R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
    R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
    R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [77648 2016-12-22] (Dell Inc.)
    R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [120872 2017-05-04] (Dell)
    R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [230248 2017-05-01] (Dell Inc.)
    R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
    S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [File not signed]
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19424 2015-11-17] (Intel Corporation)
    R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\igfxCUIService.exe [341976 2017-02-20] (Intel Corporation)
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
    S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
    R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation)
    R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_7\McApExe.exe [990696 2017-07-20] (McAfee, Inc.)
    R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
    R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe [2139832 2017-05-30] (McAfee, Inc.)
    R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
    R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
    R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
    R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [242640 2017-06-21] (McAfee, Inc.)
    R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [394704 2017-06-21] (McAfee, Inc.)
    R3 mfevtp; C:\Windows\system32\mfevtps.exe [350160 2017-06-21] (McAfee, Inc.)
    R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1545880 2017-06-27] (McAfee, Inc.)
    S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
    S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-02-13] ()
    R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1043864 2017-07-31] (Intel Security, Inc.)
    S2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [80208 2016-05-26] (Dell)
    R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2015-09-02] (CyberLink)
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-02-05] (Realtek Semiconductor)
    S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-18] (Microsoft Corporation)
    S2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [53208 2017-08-04] (Dell Inc.)
    R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [613296 2015-12-22] (Waves Audio Ltd.)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
    R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3743648 2017-02-13] (Intel® Corporation)
    R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77800 2017-06-26] (McAfee, Inc.)
    R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
    R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-04-11] (Dell Inc.)
    R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-04-11] (Dell Computer Corporation)
    R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (OSR Open Systems Resources, Inc.)
    R3 fl2000; C:\WINDOWS\System32\drivers\fl2000.sys [157312 2016-12-23] (FrescoLogic)
    S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [209616 2017-07-26] (McAfee, Inc.)
    R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
    R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\igdkmd64.sys [11060192 2017-02-20] (Intel Corporation)
    R0 lci_proxykmd; C:\WINDOWS\System32\drivers\lci_proxykmd.sys [100992 2016-12-22] (FrescoLogic)
    R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [487408 2017-06-26] (McAfee, Inc.)
    R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [355312 2017-06-26] (McAfee, Inc.)
    U3 mfeavfk01; no ImagePath
    S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84544 2017-06-26] (McAfee, Inc.)
    R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [506352 2017-06-26] (McAfee, Inc.)
    R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [933360 2017-06-26] (McAfee, Inc.)
    R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [504760 2017-05-31] (McAfee LLC.)
    S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108472 2017-05-31] (McAfee LLC.)
    R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116208 2017-06-26] (McAfee, Inc.)
    R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [253424 2017-06-26] (McAfee, Inc.)
    R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3526400 2017-03-09] (Intel Corporation)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [936192 2016-03-22] (Realtek )
    R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
    S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
    S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
    R2 {41E8078B-96D9-42DC-8789-A1CF102CD880}; C:\Program Files (x86)\CyberLink\PowerDVD16\Common\NavFilter\000.fcl [29624 2016-03-28] (CyberLink Corp.)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Three Months Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-08-31 19:14 - 2017-08-31 19:15 - 000028717 _____ C:\Users\Rabigalo\Desktop\FRST.txt
    2017-08-31 19:12 - 2017-08-31 19:12 - 002395648 _____ (Farbar) C:\Users\Rabigalo\Desktop\FRST64.exe
    2017-08-31 19:11 - 2017-08-31 19:11 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-BIGGIE-Windows-10-Pro-(64-bit).dat
    2017-08-31 19:10 - 2017-08-31 19:11 - 000016813 _____ C:\WINDOWS\Tweaking.com - Registry Backup Setup Log.txt
    2017-08-31 19:10 - 2017-08-31 19:10 - 000002314 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
    2017-08-31 19:10 - 2017-08-31 19:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2017-08-31 19:03 - 2017-08-31 19:03 - 005766144 _____ (Tweaking.com) C:\Users\Rabigalo\Desktop\tweaking.com_registry_backup_setup.exe
    2017-08-31 18:50 - 2017-08-31 18:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
    2017-08-31 16:19 - 2017-08-31 16:20 - 000059500 _____ C:\Users\Rabigalo\Desktop\Addition.txt
    2017-08-31 16:17 - 2017-08-31 19:14 - 000000000 ____D C:\FRST
    2017-08-31 16:10 - 2017-08-31 16:10 - 000000000 ____D C:\RegBackup
    2017-08-31 16:09 - 2017-08-31 16:09 - 000000000 ____D C:\Program Files (x86)\Tweaking.com
    2017-08-29 14:35 - 2017-08-29 14:35 - 000194414 _____ C:\Users\Rabigalo\Desktop\FEMA.pdf
    2017-08-24 16:09 - 2017-08-24 16:09 - 000147203 _____ C:\Users\Rabigalo\Desktop\Tracking Receipt for Cruise Line Class Action Settlement Form.pdf
    2017-08-23 23:56 - 2017-08-23 23:56 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
    2017-08-23 23:25 - 2017-08-23 23:45 - 000208183 _____ C:\Users\Rabigalo\Desktop\Voter Registration Form.pdf
    2017-08-23 22:39 - 2017-08-23 22:39 - 000953847 _____ C:\Users\Rabigalo\Desktop\Cruise Line Class Action Settlement Form.pdf
    2017-08-23 22:10 - 2017-08-23 22:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
    2017-08-23 18:17 - 2017-08-23 18:17 - 000058760 _____ C:\Users\Rabigalo\Desktop\Corporate Investigator - Job Details.pdf
    2017-08-22 12:55 - 2017-08-22 12:55 - 000049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
    2017-08-22 12:55 - 2017-08-22 12:55 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
    2017-08-22 12:55 - 2017-08-22 12:55 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
    2017-08-22 12:55 - 2017-08-22 12:55 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
    2017-08-20 20:27 - 2017-08-20 20:27 - 000003934 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AnonymousRegistration
    2017-08-10 14:18 - 2017-08-10 14:18 - 002795709 _____ C:\Users\Rabigalo\Desktop\M452nw User Guide.pdf
    2017-08-10 14:17 - 2017-08-10 14:17 - 002795561 _____ C:\Users\Rabigalo\Downloads\document.pdf
    2017-08-09 01:11 - 2017-08-09 01:11 - 005763072 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
    2017-08-08 14:26 - 2017-07-31 22:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
    2017-08-08 14:26 - 2017-07-31 22:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2017-08-08 14:26 - 2017-07-31 22:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
    2017-08-08 14:26 - 2017-07-31 22:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
    2017-08-08 14:26 - 2017-07-31 22:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
    2017-08-08 14:26 - 2017-07-31 22:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
    2017-08-08 14:26 - 2017-07-31 22:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2017-08-08 14:26 - 2017-07-31 22:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
    2017-08-08 14:26 - 2017-07-31 22:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2017-08-08 14:26 - 2017-07-31 22:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
    2017-08-08 14:26 - 2017-07-31 22:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2017-08-08 14:26 - 2017-07-31 22:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
    2017-08-08 14:26 - 2017-07-31 22:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2017-08-08 14:26 - 2017-07-31 22:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
    2017-08-08 14:26 - 2017-07-31 22:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
    2017-08-08 14:26 - 2017-07-31 22:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2017-08-08 14:26 - 2017-07-31 22:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
    2017-08-08 14:26 - 2017-07-31 22:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
    2017-08-08 14:26 - 2017-07-31 22:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
    2017-08-08 14:26 - 2017-07-31 22:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2017-08-08 14:26 - 2017-07-31 22:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
    2017-08-08 14:26 - 2017-07-31 22:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
    2017-08-08 14:26 - 2017-07-31 22:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2017-08-08 14:26 - 2017-07-31 22:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
    2017-08-08 14:26 - 2017-07-31 22:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2017-08-08 14:26 - 2017-07-31 22:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
    2017-08-08 14:26 - 2017-07-31 22:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
    2017-08-08 14:26 - 2017-07-31 22:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2017-08-08 14:26 - 2017-07-31 22:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
    2017-08-08 14:26 - 2017-07-31 22:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
    2017-08-08 14:26 - 2017-07-31 22:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2017-08-08 14:26 - 2017-07-31 22:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2017-08-08 14:26 - 2017-07-31 22:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2017-08-08 14:26 - 2017-07-31 21:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2017-08-08 14:26 - 2017-07-31 21:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2017-08-08 14:26 - 2017-07-31 21:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2017-08-08 14:26 - 2017-07-31 21:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2017-08-08 14:26 - 2017-07-31 21:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2017-08-08 14:26 - 2017-07-31 21:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2017-08-08 14:26 - 2017-07-31 21:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
    2017-08-08 14:26 - 2017-07-31 21:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2017-08-08 14:26 - 2017-07-31 21:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2017-08-08 14:26 - 2017-07-31 18:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
    2017-08-08 14:26 - 2017-07-31 18:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
    2017-08-08 14:26 - 2017-07-31 18:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
    2017-08-08 14:26 - 2017-07-31 18:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
    2017-08-08 14:26 - 2017-07-31 18:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
    2017-08-08 14:26 - 2017-07-31 18:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
    2017-08-08 14:26 - 2017-07-31 18:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
    2017-08-08 14:26 - 2017-07-31 18:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
    2017-08-08 14:26 - 2017-07-31 18:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
    2017-08-08 14:26 - 2017-07-31 18:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
    2017-08-08 14:26 - 2017-07-31 18:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
    2017-08-08 14:26 - 2017-07-31 18:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
    2017-08-08 14:26 - 2017-07-31 18:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
    2017-08-08 14:26 - 2017-07-31 18:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
    2017-08-08 14:26 - 2017-07-31 18:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
    2017-08-08 14:26 - 2017-07-28 01:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2017-08-08 14:26 - 2017-07-28 01:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
    2017-08-08 14:26 - 2017-07-28 01:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
    2017-08-08 14:26 - 2017-07-28 01:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
    2017-08-08 14:26 - 2017-07-28 01:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
    2017-08-08 14:26 - 2017-07-28 01:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
    2017-08-08 14:26 - 2017-07-28 01:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2017-08-08 14:26 - 2017-07-28 01:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
    2017-08-08 14:26 - 2017-07-28 01:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
    2017-08-08 14:26 - 2017-07-28 00:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2017-08-08 14:26 - 2017-07-28 00:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
    2017-08-08 14:26 - 2017-07-28 00:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
    2017-08-08 14:26 - 2017-07-28 00:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2017-08-08 14:26 - 2017-07-28 00:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
    2017-08-08 14:26 - 2017-07-28 00:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
    2017-08-08 14:26 - 2017-07-28 00:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
    2017-08-08 14:26 - 2017-07-28 00:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2017-08-08 14:26 - 2017-07-28 00:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2017-08-08 14:26 - 2017-07-28 00:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
    2017-08-08 14:26 - 2017-07-28 00:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
    2017-08-08 14:26 - 2017-07-28 00:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2017-08-08 14:26 - 2017-07-28 00:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
    2017-08-08 14:26 - 2017-07-28 00:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2017-08-08 14:26 - 2017-07-28 00:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
    2017-08-08 14:26 - 2017-07-28 00:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
    2017-08-08 14:26 - 2017-07-28 00:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2017-08-08 14:26 - 2017-07-28 00:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
    2017-08-08 14:26 - 2017-07-28 00:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
    2017-08-08 14:26 - 2017-07-28 00:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
    2017-08-08 14:26 - 2017-07-28 00:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
    2017-08-08 14:26 - 2017-07-28 00:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
    2017-08-08 14:26 - 2017-07-28 00:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
    2017-08-08 14:26 - 2017-07-28 00:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
    2017-08-08 14:26 - 2017-07-28 00:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
    2017-08-08 14:26 - 2017-07-28 00:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2017-08-08 14:26 - 2017-07-28 00:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
    2017-08-08 14:26 - 2017-07-28 00:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
    2017-08-08 14:26 - 2017-07-28 00:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
    2017-08-08 14:26 - 2017-07-28 00:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
    2017-08-08 14:26 - 2017-07-28 00:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
    2017-08-08 14:26 - 2017-07-28 00:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
    2017-08-08 14:26 - 2017-07-28 00:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
    2017-08-08 14:26 - 2017-07-28 00:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
    2017-08-08 14:26 - 2017-07-28 00:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
    2017-08-08 14:26 - 2017-07-28 00:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2017-08-08 14:26 - 2017-07-28 00:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
    2017-08-08 14:26 - 2017-07-28 00:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
    2017-08-08 14:26 - 2017-07-28 00:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2017-08-08 14:26 - 2017-07-28 00:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
    2017-08-08 14:26 - 2017-07-28 00:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
    2017-08-08 14:26 - 2017-07-28 00:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
    2017-08-08 14:26 - 2017-07-28 00:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
    2017-08-08 14:26 - 2017-07-28 00:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
    2017-08-08 14:26 - 2017-07-28 00:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
    2017-08-08 14:26 - 2017-07-28 00:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2017-08-08 14:26 - 2017-07-28 00:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
    2017-08-08 14:26 - 2017-07-28 00:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
    2017-08-08 14:26 - 2017-07-28 00:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
    2017-08-08 14:26 - 2017-07-28 00:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
    2017-08-08 14:26 - 2017-07-28 00:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
    2017-08-08 14:26 - 2017-07-28 00:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
    2017-08-08 14:26 - 2017-07-28 00:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
    2017-08-08 14:26 - 2017-07-28 00:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
    2017-08-08 14:26 - 2017-07-28 00:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
    2017-08-08 14:26 - 2017-07-28 00:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
    2017-08-08 14:26 - 2017-07-28 00:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
    2017-08-08 14:26 - 2017-07-28 00:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2017-08-08 14:26 - 2017-07-28 00:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
    2017-08-08 14:26 - 2017-07-28 00:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
    2017-08-08 14:26 - 2017-07-28 00:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
    2017-08-08 14:26 - 2017-07-28 00:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
    2017-08-08 14:26 - 2017-07-28 00:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2017-08-08 14:26 - 2017-07-28 00:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
    2017-08-08 14:26 - 2017-07-28 00:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
    2017-08-08 14:26 - 2017-07-28 00:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
    2017-08-08 14:26 - 2017-07-28 00:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
    2017-08-08 14:26 - 2017-07-28 00:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
    2017-08-08 14:26 - 2017-07-28 00:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
    2017-08-08 14:26 - 2017-07-28 00:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
    2017-08-08 14:26 - 2017-07-28 00:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
    2017-08-08 14:26 - 2017-07-28 00:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
    2017-08-08 14:25 - 2017-07-31 22:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2017-08-08 14:25 - 2017-07-31 22:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
    2017-08-08 14:25 - 2017-07-31 22:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
    2017-08-08 14:25 - 2017-07-31 22:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2017-08-08 14:25 - 2017-07-31 22:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2017-08-08 14:25 - 2017-07-31 22:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
    2017-08-08 14:25 - 2017-07-31 22:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2017-08-08 14:25 - 2017-07-31 22:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2017-08-08 14:25 - 2017-07-31 22:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2017-08-08 14:25 - 2017-07-31 22:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2017-08-08 14:25 - 2017-07-31 22:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
    2017-08-08 14:25 - 2017-07-31 22:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
    2017-08-08 14:25 - 2017-07-31 22:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
    2017-08-08 14:25 - 2017-07-31 22:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
    2017-08-08 14:25 - 2017-07-31 22:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
    2017-08-08 14:25 - 2017-07-31 22:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
    2017-08-08 14:25 - 2017-07-31 22:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
    2017-08-08 14:25 - 2017-07-31 22:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2017-08-08 14:25 - 2017-07-31 21:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2017-08-08 14:25 - 2017-07-31 21:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
    2017-08-08 14:25 - 2017-07-31 21:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
    2017-08-08 14:25 - 2017-07-31 21:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
    2017-08-08 14:25 - 2017-07-31 21:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
    2017-08-08 14:25 - 2017-07-31 21:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
    2017-08-08 14:25 - 2017-07-31 21:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
    2017-08-08 14:25 - 2017-07-31 21:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
    2017-08-08 14:25 - 2017-07-31 21:41 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
    2017-08-08 14:25 - 2017-07-31 21:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
    2017-08-08 14:25 - 2017-07-31 21:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
    2017-08-08 14:25 - 2017-07-31 21:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2017-08-08 14:25 - 2017-07-31 21:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
    2017-08-08 14:25 - 2017-07-31 21:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
    2017-08-08 14:25 - 2017-07-31 21:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
    2017-08-08 14:25 - 2017-07-31 21:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
    2017-08-08 14:25 - 2017-07-31 21:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
    2017-08-08 14:25 - 2017-07-31 21:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
    2017-08-08 14:25 - 2017-07-31 21:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
    2017-08-08 14:25 - 2017-07-31 21:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2017-08-08 14:25 - 2017-07-31 21:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
    2017-08-08 14:25 - 2017-07-31 21:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2017-08-08 14:25 - 2017-07-31 21:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
    2017-08-08 14:25 - 2017-07-31 21:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2017-08-08 14:25 - 2017-07-31 21:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2017-08-08 14:25 - 2017-07-31 21:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
    2017-08-08 14:25 - 2017-07-31 21:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2017-08-08 14:25 - 2017-07-31 21:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
    2017-08-08 14:25 - 2017-07-31 21:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
    2017-08-08 14:25 - 2017-07-31 21:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2017-08-08 14:25 - 2017-07-31 21:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
    2017-08-08 14:25 - 2017-07-31 21:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2017-08-08 14:25 - 2017-07-31 21:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
    2017-08-08 14:25 - 2017-07-31 21:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
    2017-08-08 14:25 - 2017-07-31 21:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
    2017-08-08 14:25 - 2017-07-31 21:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
    2017-08-08 14:25 - 2017-07-28 01:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
    2017-08-08 14:25 - 2017-07-28 01:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2017-08-08 14:25 - 2017-07-28 01:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2017-08-08 14:25 - 2017-07-28 01:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
    2017-08-08 14:25 - 2017-07-28 01:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
    2017-08-08 14:25 - 2017-07-28 01:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
    2017-08-08 14:25 - 2017-07-28 01:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
    2017-08-08 14:25 - 2017-07-28 01:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
    2017-08-08 14:25 - 2017-07-28 01:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2017-08-08 14:25 - 2017-07-28 01:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
    2017-08-08 14:25 - 2017-07-28 01:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
    2017-08-08 14:25 - 2017-07-28 01:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
    2017-08-08 14:25 - 2017-07-28 01:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
    2017-08-08 14:25 - 2017-07-28 01:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
    2017-08-08 14:25 - 2017-07-28 01:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
    2017-08-08 14:25 - 2017-07-28 01:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2017-08-08 14:25 - 2017-07-28 01:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2017-08-08 14:25 - 2017-07-28 01:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
    2017-08-08 14:25 - 2017-07-28 01:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
    2017-08-08 14:25 - 2017-07-28 01:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
    2017-08-08 14:25 - 2017-07-28 01:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2017-08-08 14:25 - 2017-07-28 01:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2017-08-08 14:25 - 2017-07-28 01:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2017-08-08 14:25 - 2017-07-28 01:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
    2017-08-08 14:25 - 2017-07-28 01:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
    2017-08-08 14:25 - 2017-07-28 01:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
    2017-08-08 14:25 - 2017-07-28 01:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
    2017-08-08 14:25 - 2017-07-28 00:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
    2017-08-08 14:25 - 2017-07-28 00:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
    2017-08-08 14:25 - 2017-07-28 00:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
    2017-08-08 14:25 - 2017-07-28 00:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
    2017-08-08 14:25 - 2017-07-28 00:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
    2017-08-08 14:25 - 2017-07-28 00:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
    2017-08-08 14:25 - 2017-07-28 00:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
    2017-08-08 14:25 - 2017-07-28 00:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
    2017-08-08 14:25 - 2017-07-28 00:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
    2017-08-08 14:25 - 2017-07-28 00:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
    2017-08-08 14:25 - 2017-07-28 00:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
    2017-08-08 14:25 - 2017-07-28 00:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
    2017-08-08 14:25 - 2017-07-28 00:25 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
    2017-08-08 14:25 - 2017-07-28 00:25 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
    2017-08-08 14:25 - 2017-07-28 00:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
    2017-08-08 14:25 - 2017-07-28 00:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
    2017-08-08 14:25 - 2017-07-28 00:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
    2017-08-08 14:25 - 2017-07-28 00:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
    2017-08-08 14:25 - 2017-07-28 00:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2017-08-08 14:25 - 2017-07-28 00:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
    2017-08-08 14:25 - 2017-07-28 00:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
    2017-08-08 14:25 - 2017-07-28 00:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
    2017-08-08 14:25 - 2017-07-28 00:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
    2017-08-08 14:25 - 2017-07-28 00:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
    2017-08-08 14:25 - 2017-07-28 00:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
    2017-08-08 14:25 - 2017-07-28 00:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
    2017-08-08 14:25 - 2017-07-28 00:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
    2017-08-08 14:25 - 2017-07-28 00:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
    2017-08-08 14:25 - 2017-07-28 00:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
    2017-08-08 14:25 - 2017-07-28 00:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
    2017-08-08 14:25 - 2017-07-28 00:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
    2017-08-08 14:25 - 2017-07-28 00:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
    2017-08-08 14:25 - 2017-07-28 00:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
    2017-08-08 14:25 - 2017-07-28 00:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
    2017-08-08 14:25 - 2017-07-28 00:20 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2017-08-08 14:25 - 2017-07-28 00:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
    2017-08-08 14:25 - 2017-07-28 00:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
    2017-08-08 14:25 - 2017-07-28 00:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2017-08-08 14:25 - 2017-07-28 00:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
    2017-08-08 14:25 - 2017-07-28 00:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
    2017-08-08 14:25 - 2017-07-28 00:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
    2017-08-08 14:25 - 2017-07-28 00:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
    2017-08-08 14:25 - 2017-07-28 00:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
    2017-08-08 14:25 - 2017-07-28 00:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
    2017-08-08 14:25 - 2017-07-28 00:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2017-08-08 14:25 - 2017-07-28 00:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
    2017-08-08 14:25 - 2017-07-28 00:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
    2017-08-08 14:25 - 2017-07-28 00:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
    2017-08-08 14:25 - 2017-07-28 00:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
    2017-08-08 14:25 - 2017-07-28 00:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
    2017-08-08 14:25 - 2017-07-28 00:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2017-08-08 14:25 - 2017-07-28 00:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2017-08-08 14:25 - 2017-07-28 00:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2017-08-08 14:25 - 2017-07-28 00:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
    2017-08-08 14:25 - 2017-07-28 00:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
    2017-08-08 14:25 - 2017-07-28 00:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
    2017-08-08 14:25 - 2017-07-28 00:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
    2017-08-08 14:25 - 2017-07-28 00:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
    2017-08-08 14:25 - 2017-07-28 00:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2017-08-08 14:25 - 2017-07-28 00:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
    2017-08-08 14:25 - 2017-07-28 00:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
    2017-08-08 14:25 - 2017-07-28 00:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
    2017-08-08 14:25 - 2017-07-28 00:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
    2017-08-08 14:25 - 2017-07-28 00:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
    2017-08-08 14:25 - 2017-07-28 00:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
    2017-08-08 14:25 - 2017-07-28 00:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
    2017-08-08 14:25 - 2017-07-28 00:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
    2017-08-08 14:25 - 2017-07-28 00:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2017-08-08 14:25 - 2017-07-28 00:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2017-08-08 14:25 - 2017-07-28 00:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2017-08-08 14:25 - 2017-07-28 00:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2017-08-08 14:25 - 2017-07-28 00:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2017-08-08 14:25 - 2017-07-28 00:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
    2017-08-08 14:25 - 2017-07-28 00:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
    2017-08-08 14:25 - 2017-07-28 00:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
    2017-08-08 14:25 - 2017-07-28 00:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
    2017-08-08 14:25 - 2017-07-28 00:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
    2017-08-08 14:25 - 2017-07-28 00:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
    2017-08-08 14:25 - 2017-07-28 00:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
    2017-08-08 14:25 - 2017-07-28 00:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
    2017-08-08 14:25 - 2017-07-28 00:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
    2017-08-08 14:25 - 2017-07-28 00:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
    2017-08-08 14:25 - 2017-07-28 00:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
    2017-08-08 14:25 - 2017-07-28 00:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
    2017-08-08 14:25 - 2017-07-28 00:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
    2017-08-08 14:25 - 2017-07-28 00:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
    2017-08-08 14:25 - 2017-07-28 00:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
    2017-07-19 22:32 - 2017-07-19 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
    2017-07-19 22:30 - 2017-07-19 22:30 - 000001824 _____ C:\Users\Public\Desktop\iTunes.lnk
    2017-07-19 22:30 - 2017-07-19 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2017-07-19 22:29 - 2017-07-19 22:30 - 000000000 ____D C:\Program Files\iTunes
    2017-07-19 22:29 - 2017-07-19 22:29 - 000000000 ____D C:\Program Files\iPod
    2017-07-18 14:34 - 2017-08-29 13:33 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3267101396-1119176653-3220088351-1001
    2017-07-12 12:44 - 2017-07-12 12:49 - 000333671 _____ C:\Users\Rabigalo\Desktop\CMS Change of Address - Alexandria.pdf
    2017-07-12 12:35 - 2017-07-12 12:49 - 000539878 _____ C:\Users\Rabigalo\Documents\CMS Change of Address - McKenzie.pdf
    2017-07-12 12:31 - 2017-07-12 12:40 - 000464439 _____ C:\Users\Rabigalo\Documents\CMS Change of Address - Alexandria.pdf
    2017-07-12 12:28 - 2017-07-12 12:28 - 000207932 _____ C:\Users\Rabigalo\Desktop\CMS Change of Address.pdf
    2017-07-11 14:35 - 2017-07-07 03:24 - 000117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
    2017-07-11 14:35 - 2017-07-07 03:20 - 002021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
    2017-07-11 14:35 - 2017-07-07 03:13 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
    2017-07-11 14:35 - 2017-07-07 03:11 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
    2017-07-11 14:35 - 2017-07-07 03:10 - 001670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
    2017-07-11 14:35 - 2017-07-07 03:10 - 000254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2017-07-11 14:35 - 2017-07-07 02:57 - 000626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2017-07-11 14:35 - 2017-07-07 02:57 - 000125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
    2017-07-11 14:35 - 2017-07-07 02:37 - 001339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
    2017-07-11 14:35 - 2017-07-07 02:31 - 001518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
    2017-07-11 14:35 - 2017-07-07 02:31 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
    2017-07-11 14:35 - 2017-07-07 02:30 - 000949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
    2017-07-11 14:35 - 2017-07-07 02:29 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
    2017-07-11 14:35 - 2017-07-07 02:26 - 001529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
    2017-07-11 14:35 - 2017-07-07 02:25 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll
    2017-07-11 14:35 - 2017-07-07 02:24 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
    2017-07-11 14:35 - 2017-07-07 02:22 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
    2017-07-11 14:35 - 2017-07-07 02:18 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
    2017-07-11 14:35 - 2017-07-07 02:16 - 000545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
    2017-07-11 14:35 - 2017-07-07 02:14 - 008211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
    2017-07-11 14:35 - 2017-07-07 02:14 - 003784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
    2017-07-11 14:35 - 2017-07-07 02:14 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
    2017-07-11 14:35 - 2017-07-07 02:12 - 001142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
    2017-07-11 14:35 - 2017-07-07 02:10 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll
    2017-07-11 14:35 - 2017-07-07 02:09 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
    2017-07-11 14:35 - 2017-07-07 02:08 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
    2017-07-11 14:35 - 2017-07-07 02:07 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
    2017-07-11 14:35 - 2017-07-07 02:07 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
    2017-07-11 14:35 - 2017-07-07 02:06 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
    2017-07-11 14:35 - 2017-07-07 02:05 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
    2017-07-11 14:35 - 2017-07-07 02:05 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
    2017-07-11 14:35 - 2017-07-07 02:04 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2017-07-11 14:35 - 2017-07-07 02:04 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2017-07-11 14:35 - 2017-07-07 02:03 - 006123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
    2017-07-11 14:35 - 2017-07-07 02:01 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2017-07-11 14:35 - 2017-07-07 02:00 - 007596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
    2017-07-11 14:35 - 2017-07-07 02:00 - 002588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
    2017-07-11 14:35 - 2017-07-07 02:00 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
    2017-07-11 14:35 - 2017-07-07 01:59 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
    2017-07-11 14:35 - 2017-07-07 01:59 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
    2017-07-11 14:35 - 2017-07-07 01:58 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
    2017-07-11 14:35 - 2017-07-07 01:58 - 002298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
    2017-07-11 14:35 - 2017-07-07 01:58 - 001237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
    2017-07-11 14:35 - 2017-07-07 01:55 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
    2017-07-11 14:35 - 2017-07-07 01:55 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
    2017-07-11 14:35 - 2017-07-07 01:53 - 001301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
    2017-07-11 14:35 - 2017-07-07 01:53 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
    2017-07-11 14:35 - 2017-06-20 02:02 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
    2017-07-11 14:35 - 2017-06-20 01:59 - 001220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
    2017-07-11 14:35 - 2017-06-20 01:34 - 000192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
    2017-07-11 14:35 - 2017-06-20 01:15 - 000455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
    2017-07-11 14:35 - 2017-06-20 01:13 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
    2017-07-11 14:35 - 2017-06-20 01:13 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
    2017-07-11 14:35 - 2017-06-20 01:12 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2017-07-11 14:35 - 2017-06-20 01:12 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
    2017-07-11 14:35 - 2017-06-20 01:12 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
    2017-07-11 14:35 - 2017-06-20 01:10 - 000722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2017-07-11 14:35 - 2017-06-20 01:09 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
    2017-07-11 14:35 - 2017-06-20 01:09 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
    2017-07-11 14:35 - 2017-06-20 01:08 - 004469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2017-07-11 14:35 - 2017-06-20 01:08 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2017-07-11 14:35 - 2017-06-20 01:08 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
    2017-07-11 14:35 - 2017-06-20 01:08 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
    2017-07-11 14:35 - 2017-06-20 01:07 - 002475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
    2017-07-11 14:35 - 2017-06-20 01:07 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
    2017-07-11 14:35 - 2017-06-20 01:07 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
    2017-07-11 14:35 - 2017-06-20 01:07 - 000346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
    2017-07-11 14:35 - 2017-06-20 01:07 - 000138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
    2017-07-11 14:35 - 2017-06-20 01:06 - 000754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
    2017-07-11 14:35 - 2017-06-20 01:06 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2017-07-11 14:35 - 2017-06-20 01:06 - 000278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
    2017-07-11 14:35 - 2017-06-20 01:05 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
    2017-07-11 14:35 - 2017-06-20 01:05 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
    2017-07-11 14:35 - 2017-06-20 01:04 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
    2017-07-11 14:35 - 2017-06-20 01:04 - 001178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
    2017-07-11 14:35 - 2017-06-20 01:04 - 001177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
    2017-07-11 14:35 - 2017-06-20 01:04 - 001077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
    2017-07-11 14:35 - 2017-06-20 01:04 - 000181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
    2017-07-11 14:35 - 2017-06-20 01:04 - 000049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll
    2017-07-11 14:35 - 2017-06-20 01:03 - 002077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2017-07-11 14:35 - 2017-06-20 01:03 - 000443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
    2017-07-11 14:35 - 2017-06-20 01:02 - 001121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
    2017-07-11 14:35 - 2017-06-20 01:02 - 000354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
    2017-07-11 14:35 - 2017-06-20 01:00 - 002597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
    2017-07-11 14:35 - 2017-06-20 00:59 - 001674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
    2017-07-11 14:35 - 2017-06-20 00:56 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
    2017-07-11 14:35 - 2017-06-20 00:49 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
    2017-07-11 14:35 - 2017-06-20 00:49 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
    2017-07-11 14:35 - 2017-06-20 00:46 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
    2017-07-11 14:35 - 2017-06-20 00:45 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
    2017-07-11 14:35 - 2017-06-20 00:43 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
    2017-07-11 14:35 - 2017-06-20 00:43 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
    2017-07-11 14:35 - 2017-06-20 00:43 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
    2017-07-11 14:35 - 2017-06-20 00:43 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
    2017-07-11 14:35 - 2017-06-20 00:43 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
    2017-07-11 14:35 - 2017-06-20 00:43 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
    2017-07-11 14:35 - 2017-06-20 00:42 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
    2017-07-11 14:35 - 2017-06-20 00:42 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
    2017-07-11 14:35 - 2017-06-20 00:42 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2017-07-11 14:35 - 2017-06-20 00:42 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
    2017-07-11 14:35 - 2017-06-20 00:42 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
    2017-07-11 14:35 - 2017-06-20 00:41 - 000734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
    2017-07-11 14:35 - 2017-06-20 00:41 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
    2017-07-11 14:35 - 2017-06-20 00:41 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
    2017-07-11 14:35 - 2017-06-20 00:41 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
    2017-07-11 14:35 - 2017-06-20 00:41 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
    2017-07-11 14:35 - 2017-06-20 00:40 - 000342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
    2017-07-11 14:35 - 2017-06-20 00:40 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
    2017-07-11 14:35 - 2017-06-20 00:40 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
    2017-07-11 14:35 - 2017-06-20 00:40 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
    2017-07-11 14:35 - 2017-06-20 00:39 - 002814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
    2017-07-11 14:35 - 2017-06-20 00:39 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
    2017-07-11 14:35 - 2017-06-20 00:39 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
    2017-07-11 14:35 - 2017-06-20 00:39 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
    2017-07-11 14:35 - 2017-06-20 00:39 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
    2017-07-11 14:35 - 2017-06-20 00:38 - 001451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
    2017-07-11 14:35 - 2017-06-20 00:38 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
    2017-07-11 14:35 - 2017-06-20 00:38 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
    2017-07-11 14:35 - 2017-06-20 00:38 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2017-07-11 14:35 - 2017-06-20 00:38 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
    2017-07-11 14:35 - 2017-06-20 00:37 - 002008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2017-07-11 14:35 - 2017-06-20 00:35 - 002679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
    2017-07-11 14:35 - 2017-06-20 00:35 - 002132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
    2017-07-11 14:35 - 2017-06-20 00:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
    2017-07-11 14:35 - 2017-06-20 00:34 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
    2017-07-11 14:35 - 2017-06-20 00:34 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
    2017-07-11 14:35 - 2017-06-20 00:31 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
    2017-07-11 14:35 - 2017-06-20 00:30 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv
    2017-07-11 14:35 - 2017-06-20 00:30 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
    2017-07-11 14:35 - 2017-06-20 00:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
    2017-07-11 14:35 - 2017-06-20 00:28 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
    2017-07-11 14:34 - 2017-07-07 10:00 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
    2017-07-11 14:34 - 2017-07-07 03:27 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2017-07-11 14:34 - 2017-07-07 03:27 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2017-07-11 14:34 - 2017-07-07 03:27 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
    2017-07-11 14:34 - 2017-07-07 03:27 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
    2017-07-11 14:34 - 2017-07-07 03:27 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2017-07-11 14:34 - 2017-07-07 03:26 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2017-07-11 14:34 - 2017-07-07 03:25 - 000899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2017-07-11 14:34 - 2017-07-07 03:22 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2017-07-11 14:34 - 2017-07-07 03:21 - 032688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
    2017-07-11 14:34 - 2017-07-07 03:20 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
    2017-07-11 14:34 - 2017-07-07 03:17 - 001017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2017-07-11 14:34 - 2017-07-07 03:14 - 001760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
    2017-07-11 14:34 - 2017-07-07 03:14 - 001171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
    2017-07-11 14:34 - 2017-07-07 03:13 - 000147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
    2017-07-11 14:34 - 2017-07-07 03:12 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2017-07-11 14:34 - 2017-07-07 03:10 - 000372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
    2017-07-11 14:34 - 2017-07-07 03:09 - 000041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll
    2017-07-11 14:34 - 2017-07-07 03:08 - 002229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
    2017-07-11 14:34 - 2017-07-07 03:08 - 001854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
    2017-07-11 14:34 - 2017-07-07 03:08 - 001693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
    2017-07-11 14:34 - 2017-07-07 03:08 - 001458584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
    2017-07-11 14:34 - 2017-07-07 03:08 - 001100704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
    2017-07-11 14:34 - 2017-07-07 03:08 - 000992672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
    2017-07-11 14:34 - 2017-07-07 03:08 - 000848280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
    2017-07-11 14:34 - 2017-07-07 03:08 - 000846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
    2017-07-11 14:34 - 2017-07-07 03:08 - 000844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
    2017-07-11 14:34 - 2017-07-07 03:08 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
    2017-07-11 14:34 - 2017-07-07 03:08 - 000699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
    2017-07-11 14:34 - 2017-07-07 03:08 - 000672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
    2017-07-11 14:34 - 2017-07-07 03:08 - 000506776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
    2017-07-11 14:34 - 2017-07-07 03:08 - 000399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
    2017-07-11 14:34 - 2017-07-07 03:07 - 001106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
    2017-07-11 14:34 - 2017-07-07 03:07 - 000058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
    2017-07-11 14:34 - 2017-07-07 02:37 - 031652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
    2017-07-11 14:34 - 2017-07-07 02:27 - 001640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2017-07-11 14:34 - 2017-07-07 02:27 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
    2017-07-11 14:34 - 2017-07-07 02:27 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
    2017-07-11 14:34 - 2017-07-07 02:27 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
    2017-07-11 14:34 - 2017-07-07 02:27 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
    2017-07-11 14:34 - 2017-07-07 02:27 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
    2017-07-11 14:34 - 2017-07-07 02:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll
    2017-07-11 14:34 - 2017-07-07 02:22 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
    2017-07-11 14:34 - 2017-07-07 02:21 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
    2017-07-11 14:34 - 2017-07-07 02:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
    2017-07-11 14:34 - 2017-07-07 02:19 - 007149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2017-07-11 14:34 - 2017-07-07 02:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
    2017-07-11 14:34 - 2017-07-07 02:19 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
    2017-07-11 14:34 - 2017-07-07 02:18 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
    2017-07-11 14:34 - 2017-07-07 02:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
    2017-07-11 14:34 - 2017-07-07 02:18 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
    2017-07-11 14:34 - 2017-07-07 02:17 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2017-07-11 14:34 - 2017-07-07 02:17 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
    2017-07-11 14:34 - 2017-07-07 02:15 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2017-07-11 14:34 - 2017-07-07 02:14 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
    2017-07-11 14:34 - 2017-07-07 02:13 - 005892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
    2017-07-11 14:34 - 2017-07-07 02:13 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2017-07-11 14:34 - 2017-07-07 02:12 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2017-07-11 14:34 - 2017-07-07 02:12 - 002499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
    2017-07-11 14:34 - 2017-07-07 02:12 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
    2017-07-11 14:34 - 2017-07-07 02:12 - 001420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
    2017-07-11 14:34 - 2017-07-07 02:12 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
    2017-07-11 14:34 - 2017-07-07 02:11 - 003139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
    2017-07-11 14:34 - 2017-07-07 02:11 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2017-07-11 14:34 - 2017-07-07 02:11 - 002649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
    2017-07-11 14:34 - 2017-07-07 02:11 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
    2017-07-11 14:34 - 2017-07-07 02:11 - 001888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
    2017-07-11 14:34 - 2017-07-07 02:11 - 001812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
    2017-07-11 14:34 - 2017-07-07 02:07 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
    2017-07-11 14:34 - 2017-07-07 02:07 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
    2017-07-11 14:34 - 2017-07-07 02:06 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
    2017-07-11 14:34 - 2017-07-07 02:06 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
    2017-07-11 14:34 - 2017-07-07 02:05 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
    2017-07-11 14:34 - 2017-07-07 02:04 - 001703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
    2017-07-11 14:34 - 2017-07-07 02:04 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
    2017-07-11 14:34 - 2017-07-07 02:04 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
    2017-07-11 14:34 - 2017-07-07 02:02 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
    2017-07-11 14:34 - 2017-07-01 18:52 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
    2017-07-11 14:34 - 2017-06-20 02:18 - 001564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2017-07-11 14:34 - 2017-06-20 02:18 - 000096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2017-07-11 14:34 - 2017-06-20 02:17 - 000629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2017-07-11 14:34 - 2017-06-20 02:17 - 000544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2017-07-11 14:34 - 2017-06-20 02:17 - 000334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2017-07-11 14:34 - 2017-06-20 02:17 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2017-07-11 14:34 - 2017-06-20 02:17 - 000034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
    2017-07-11 14:34 - 2017-06-20 02:16 - 001214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2017-07-11 14:34 - 2017-06-20 02:16 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
    2017-07-11 14:34 - 2017-06-20 02:15 - 000233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2017-07-11 14:34 - 2017-06-20 02:11 - 001395152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2017-07-11 14:34 - 2017-06-20 02:11 - 000411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
    2017-07-11 14:34 - 2017-06-20 02:10 - 001930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2017-07-11 14:34 - 2017-06-20 02:08 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
    2017-07-11 14:34 - 2017-06-20 02:05 - 001057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
    2017-07-11 14:34 - 2017-06-20 02:04 - 004847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2017-07-11 14:34 - 2017-06-20 02:03 - 000179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
    2017-07-11 14:34 - 2017-06-20 02:03 - 000102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe
    2017-07-11 14:34 - 2017-06-20 02:02 - 000426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
    2017-07-11 14:34 - 2017-06-20 02:00 - 000558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
    2017-07-11 14:34 - 2017-06-20 02:00 - 000255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
    2017-07-11 14:34 - 2017-06-20 02:00 - 000142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
    2017-07-11 14:34 - 2017-06-20 01:59 - 000583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2017-07-11 14:34 - 2017-06-20 01:59 - 000467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
    2017-07-11 14:34 - 2017-06-20 01:58 - 000833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
    2017-07-11 14:34 - 2017-06-20 01:58 - 000406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
    2017-07-11 14:34 - 2017-06-20 01:58 - 000203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
    2017-07-11 14:34 - 2017-06-20 01:16 - 000970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
    2017-07-11 14:34 - 2017-06-20 01:16 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
    2017-07-11 14:34 - 2017-06-20 01:15 - 001620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2017-07-11 14:34 - 2017-06-20 01:14 - 001150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
    2017-07-11 14:34 - 2017-06-20 01:14 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
    2017-07-11 14:34 - 2017-06-20 01:13 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
    2017-07-11 14:34 - 2017-06-20 01:13 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
    2017-07-11 14:34 - 2017-06-20 01:13 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
    2017-07-11 14:34 - 2017-06-20 01:12 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
    2017-07-11 14:34 - 2017-06-20 01:11 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
    2017-07-11 14:34 - 2017-06-20 01:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
    2017-07-11 14:34 - 2017-06-20 01:10 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
    2017-07-11 14:34 - 2017-06-20 01:10 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
    2017-07-11 14:34 - 2017-06-20 01:10 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
    2017-07-11 14:34 - 2017-06-20 01:09 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
    2017-07-11 14:34 - 2017-06-20 01:09 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
    2017-07-11 14:34 - 2017-06-20 01:09 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
    2017-07-11 14:34 - 2017-06-20 01:09 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
    2017-07-11 14:34 - 2017-06-20 01:09 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
    2017-07-11 14:34 - 2017-06-20 01:09 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
    2017-07-11 14:34 - 2017-06-20 01:09 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
    2017-07-11 14:34 - 2017-06-20 01:09 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
    2017-07-11 14:34 - 2017-06-20 01:08 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
    2017-07-11 14:34 - 2017-06-20 01:08 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
    2017-07-11 14:34 - 2017-06-20 01:08 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
    2017-07-11 14:34 - 2017-06-20 01:07 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
    2017-07-11 14:34 - 2017-06-20 01:07 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
    2017-07-11 14:34 - 2017-06-20 01:07 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
    2017-07-11 14:34 - 2017-06-20 01:07 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
    2017-07-11 14:34 - 2017-06-20 01:07 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
    2017-07-11 14:34 - 2017-06-20 01:07 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2017-07-11 14:34 - 2017-06-20 01:06 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
    2017-07-11 14:34 - 2017-06-20 01:06 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
    2017-07-11 14:34 - 2017-06-20 01:06 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
    2017-07-11 14:34 - 2017-06-20 01:06 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
    2017-07-11 14:34 - 2017-06-20 01:06 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
    2017-07-11 14:34 - 2017-06-20 01:05 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
    2017-07-11 14:34 - 2017-06-20 01:05 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
    2017-07-11 14:34 - 2017-06-20 01:05 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
    2017-07-11 14:34 - 2017-06-20 01:05 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
    2017-07-11 14:34 - 2017-06-20 01:05 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
    2017-07-11 14:34 - 2017-06-20 01:04 - 001818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
    2017-07-11 14:34 - 2017-06-20 01:04 - 001425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
    2017-07-11 14:34 - 2017-06-20 01:04 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
    2017-07-11 14:34 - 2017-06-20 01:04 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
    2017-07-11 14:34 - 2017-06-20 01:04 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
    2017-07-11 14:34 - 2017-06-20 01:04 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
    2017-07-11 14:34 - 2017-06-20 01:02 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2017-07-11 14:34 - 2017-06-20 01:02 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
    2017-07-11 14:34 - 2017-06-20 01:01 - 003803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
    2017-07-11 14:34 - 2017-06-20 01:01 - 003332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
    2017-07-11 14:34 - 2017-06-20 01:01 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2017-07-11 14:34 - 2017-06-20 01:01 - 001076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
    2017-07-11 14:34 - 2017-06-20 01:01 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
    2017-07-11 14:34 - 2017-06-20 01:00 - 003057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
    2017-07-11 14:34 - 2017-06-20 01:00 - 002171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
    2017-07-11 14:34 - 2017-06-20 00:57 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
    2017-07-11 14:34 - 2017-06-20 00:57 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
    2017-07-11 14:34 - 2017-06-20 00:56 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv
    2017-07-11 14:34 - 2017-06-20 00:45 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
    2017-07-10 21:02 - 2017-07-10 21:21 - 000000000 ____D C:\Users\Rabigalo\AppData\Local\LogMeIn Rescue Applet
    2017-07-10 21:01 - 2017-07-10 21:01 - 001650728 _____ (LogMeIn, Inc.) C:\Users\Rabigalo\Downloads\Support-LogMeInRescue.exe
    2017-07-07 21:48 - 2017-08-28 17:54 - 000002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2017-07-07 21:48 - 2017-08-28 17:54 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2017-07-07 21:48 - 2017-07-07 21:48 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2017-07-07 21:48 - 2017-07-07 21:48 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2017-07-07 21:48 - 2017-07-07 21:48 - 000000000 ____D C:\Program Files (x86)\Google
    2017-07-07 21:46 - 2017-07-07 22:02 - 000000000 ____D C:\Users\Rabigalo\AppData\Local\Google
    2017-07-07 21:45 - 2017-07-07 21:45 - 001130328 _____ (Google Inc.) C:\Users\Rabigalo\Downloads\ChromeSetup(1).exe
    2017-07-06 13:06 - 2017-07-06 13:06 - 000003900 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
    2017-07-06 13:05 - 2017-08-20 20:26 - 000000000 ____D C:\ProgramData\SupportAssist
    2017-07-06 13:05 - 2017-07-06 13:05 - 000000000 ____D C:\ProgramData\SupportAssistAgent
    2017-07-01 20:59 - 2017-07-01 20:59 - 000000000 ____D C:\Program Files\Fresco Logic
    2017-07-01 20:59 - 2017-07-01 20:59 - 000000000 ____D C:\Program Files\DIFX
    2017-07-01 20:55 - 2017-07-01 20:55 - 000000000 ____D C:\Users\Rabigalo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
    2017-07-01 20:55 - 2017-07-01 20:55 - 000000000 ____D C:\Users\Rabigalo\AppData\Local\Deployment
    2017-07-01 20:53 - 2017-07-01 20:53 - 000000000 ____D C:\ProgramData\Citrix
    2017-07-01 20:52 - 2017-07-01 20:52 - 000000000 ____D C:\Program Files (x86)\Citrix
    2017-06-28 14:54 - 2017-06-28 14:54 - 000000000 ____D C:\Program Files (x86)\Dell Update
    2017-06-27 23:10 - 2017-07-08 21:41 - 000065436 _____ C:\Users\Rabigalo\Desktop\10507 Royal Winchester Drive Move in Check list.pdf
    2017-06-26 17:26 - 2017-08-10 13:53 - 000000000 ____D C:\Users\Rabigalo\AppData\Local\ElevatedDiagnostics
    2017-06-26 17:19 - 2017-07-06 22:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
    2017-06-26 17:19 - 2017-07-06 22:20 - 000000000 ____D C:\Users\Rabigalo\Desktop\HP
    2017-06-26 17:19 - 2017-06-26 17:19 - 000001331 _____ C:\Users\Public\Desktop\HP CLJM477 Scan.lnk
    2017-06-26 17:19 - 2017-06-26 17:19 - 000000986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
    2017-06-26 17:18 - 2017-07-06 22:21 - 000000000 ____D C:\Program Files (x86)\HP
    2017-06-26 17:17 - 2017-06-26 17:23 - 000000000 ____D C:\Users\Rabigalo\AppData\Local\HP
    2017-06-26 17:17 - 2017-06-26 17:17 - 000000000 ____D C:\HP_Color_LaserJet_Pro_MFP_M477
    2017-06-26 17:17 - 2015-03-26 05:38 - 001022984 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpptsplj477_x64.dll
    2017-06-26 17:17 - 2015-03-26 05:38 - 000828936 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\hpptsplj477.dll
    2017-06-26 17:17 - 2015-03-26 05:38 - 000580616 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpwia2_lj477.dll
    2017-06-26 17:17 - 2015-03-26 05:38 - 000217656 _____ (Hewlett Packard) C:\WINDOWS\system32\hppscancoins64.dll
    2017-06-26 17:17 - 2014-06-18 18:34 - 000555296 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzjcd01scan.dll
    2017-06-26 17:16 - 2017-06-26 17:17 - 138198824 _____ C:\Users\Rabigalo\Downloads\HP_Color_LJ_Pro_MFP_M477-PCL-6_v4_Print_Driver_17062.exe
    2017-06-26 17:10 - 2017-06-26 17:17 - 000000000 ____D C:\Users\Rabigalo\AppData\Roaming\HP_Easy_Start
    2017-06-26 17:10 - 2017-06-26 17:17 - 000000000 ____D C:\ProgramData\HP
    2017-06-26 17:08 - 2017-06-26 17:08 - 005873288 _____ C:\Users\Rabigalo\Downloads\HPEasyStart_5_5_3253_26.exe
    2017-06-21 14:27 - 2017-06-21 14:27 - 000025160 _____ C:\Users\Rabigalo\Downloads\TSP Tracking - 2017.xlsx
    2017-06-17 17:05 - 2017-06-16 12:04 - 004788136 _____ C:\Users\Rabigalo\Desktop\don't mean a thing - 9_30_16, 8.10 AM.m4a
    2017-06-17 17:04 - 2017-06-17 17:04 - 000000000 ____D C:\Users\Rabigalo\AppData\Local\DBG
    2017-06-14 21:58 - 2017-06-14 22:11 - 000000000 ____D C:\Users\Rabigalo\Documents\OPM Personnel File
    2017-06-13 15:08 - 2017-06-03 06:15 - 001596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2017-06-13 15:08 - 2017-06-03 06:15 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2017-06-13 15:08 - 2017-06-03 06:09 - 001003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
    2017-06-13 15:08 - 2017-06-03 06:00 - 000219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
    2017-06-13 15:08 - 2017-06-03 05:59 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2017-06-13 15:08 - 2017-06-03 05:59 - 000311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
    2017-06-13 15:08 - 2017-06-03 05:59 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
    2017-06-13 15:08 - 2017-06-03 05:26 - 000266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
    2017-06-13 15:08 - 2017-06-03 05:23 - 000573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
    2017-06-13 15:08 - 2017-06-03 05:14 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
    2017-06-13 15:08 - 2017-06-03 05:14 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2017-06-13 15:08 - 2017-06-03 05:12 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
    2017-06-13 15:08 - 2017-06-03 05:11 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
    2017-06-13 15:08 - 2017-06-03 05:11 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
    2017-06-13 15:08 - 2017-06-03 05:11 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2017-06-13 15:08 - 2017-06-03 05:11 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
    2017-06-13 15:08 - 2017-06-03 05:11 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
    2017-06-13 15:08 - 2017-06-03 05:10 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2017-06-13 15:08 - 2017-06-03 05:09 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
    2017-06-13 15:08 - 2017-06-03 05:09 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
    2017-06-13 15:08 - 2017-06-03 05:09 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
    2017-06-13 15:08 - 2017-06-03 05:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
    2017-06-13 15:08 - 2017-06-03 05:05 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
    2017-06-13 15:08 - 2017-06-03 05:05 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
    2017-06-13 15:08 - 2017-06-03 05:00 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
    2017-06-13 15:08 - 2017-06-03 04:59 - 000975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
    2017-06-13 15:08 - 2017-06-03 04:58 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
    2017-06-13 15:08 - 2017-06-03 04:58 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
    2017-06-13 15:08 - 2017-06-03 04:57 - 006535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
    2017-06-13 15:08 - 2017-06-03 04:57 - 000797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
    2017-06-13 15:08 - 2017-06-03 04:54 - 002341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
    2017-06-13 15:08 - 2017-06-03 04:54 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
    2017-06-13 15:08 - 2017-06-03 04:51 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
    2017-06-13 15:07 - 2017-06-03 06:10 - 000130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
    2017-06-13 15:07 - 2017-06-03 06:00 - 000321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
    2017-06-13 15:07 - 2017-06-03 05:58 - 000660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
    2017-06-13 15:07 - 2017-06-03 05:10 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
    2017-06-13 15:07 - 2017-06-03 05:01 - 006726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
    2017-06-13 15:07 - 2017-06-03 04:59 - 002625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2017-06-07 19:47 - 2017-08-30 20:01 - 000026467 _____ C:\Users\Rabigalo\Documents\TSP Tracking With Share Prices - 2017.xlsx
    2017-06-07 19:47 - 2017-08-30 20:00 - 000028536 _____ C:\Users\Rabigalo\Documents\TSP Tracking - 2017.xlsx

    ==================== Three Months Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2017-08-31 19:10 - 2017-03-18 17:03 - 000000000 ___HD C:\Program Files\WindowsApps
    2017-08-31 19:10 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\AppReadiness
    2017-08-31 19:05 - 2016-09-08 18:26 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
    2017-08-31 19:05 - 2016-09-08 18:26 - 000002126 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
    2017-08-31 18:51 - 2016-11-16 19:23 - 000000000 ____D C:\Users\Rabigalo\AppData\LocalLow\Mozilla
    2017-08-31 18:47 - 2016-09-08 16:45 - 000000000 __SHD C:\Users\Rabigalo\IntelGraphicsProfiles
    2017-08-31 18:46 - 2017-05-26 15:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2017-08-31 18:46 - 2017-05-26 14:55 - 000400928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2017-08-31 18:45 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2017-08-31 18:45 - 2017-03-18 07:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
    2017-08-31 18:29 - 2017-05-26 15:00 - 000000000 ____D C:\Users\Rabigalo
    2017-08-31 18:26 - 2017-03-18 17:03 - 000000000 ___RD C:\Program Files\Windows Defender
    2017-08-31 18:26 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
    2017-08-31 18:26 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
    2017-08-31 18:26 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2017-08-31 18:26 - 2016-09-02 12:49 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
    2017-08-31 18:16 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\registration
    2017-08-31 17:59 - 2017-05-26 14:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2017-08-31 15:54 - 2017-04-03 00:27 - 000000000 ____D C:\Users\Rabigalo\Documents\Outlook
    2017-08-31 14:32 - 2016-09-11 17:31 - 000000000 ____D C:\Users\Rabigalo\Documents\Outlook Files
    2017-08-31 14:32 - 2016-09-08 16:45 - 000000000 ____D C:\Users\Rabigalo\AppData\Local\Packages
    2017-08-31 14:29 - 2017-02-13 20:41 - 000000000 ____D C:\Users\Rabigalo\AppData\Roaming\Apple Computer
    2017-08-31 13:45 - 2017-01-25 19:31 - 000000000 ____D C:\Users\Rabigalo\Documents\Insurance
    2017-08-29 18:55 - 2017-01-25 19:31 - 000000000 ____D C:\Users\Rabigalo\Documents\Resume
    2017-08-29 13:58 - 2016-09-08 17:11 - 000000000 ____D C:\Program Files (x86)\McAfee
    2017-08-29 13:44 - 2016-09-08 17:09 - 000000000 ____D C:\Program Files\Common Files\McAfee
    2017-08-29 13:37 - 2017-05-26 15:21 - 000004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{ABFA8224-01CC-494C-BCD2-52B1953A36E3}
    2017-08-29 13:33 - 2016-09-08 16:50 - 000002378 _____ C:\Users\Rabigalo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2017-08-29 13:33 - 2016-09-08 16:50 - 000000000 ___RD C:\Users\Rabigalo\OneDrive
    2017-08-27 17:30 - 2017-03-18 17:01 - 000000000 ____D C:\WINDOWS\INF
    2017-08-27 17:10 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\NDF
    2017-08-24 12:57 - 2016-09-08 21:30 - 000000000 ____D C:\Program Files\Microsoft Office
    2017-08-23 23:56 - 2017-03-18 17:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2017-08-23 23:56 - 2017-03-18 17:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
    2017-08-23 22:59 - 2016-09-02 13:00 - 000000000 ____D C:\Program Files (x86)\Dropbox
    2017-08-23 14:34 - 2017-03-05 19:38 - 000000000 ____D C:\Users\Rabigalo\Documents\ASIS
    2017-08-23 10:51 - 2016-09-02 13:07 - 000000000 ____D C:\ProgramData\McAfee
    2017-08-22 20:22 - 2017-05-26 15:21 - 000003446 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
    2017-08-20 22:40 - 2017-05-26 15:21 - 000003126 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
    2017-08-20 22:36 - 2017-05-26 15:21 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
    2017-08-20 22:36 - 2017-03-18 17:03 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2017-08-15 16:10 - 2017-01-25 19:31 - 000000000 ____D C:\Users\Rabigalo\Documents\Receipts
    2017-08-13 20:19 - 2017-05-26 15:16 - 001220848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2017-08-13 17:50 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\rescache
    2017-08-10 23:59 - 2017-05-26 15:21 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2017-08-10 13:34 - 2017-03-18 16:51 - 000000000 ____D C:\WINDOWS\CbsTemp
    2017-08-09 13:37 - 2016-04-25 16:36 - 000000000 __RHD C:\Users\Public\AccountPictures
    2017-08-09 01:44 - 2017-03-18 17:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2017-08-09 01:44 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2017-08-09 01:44 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\oobe
    2017-08-09 01:44 - 2017-03-18 17:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
    2017-08-09 01:44 - 2017-03-18 17:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
    2017-08-09 01:11 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2017-08-09 01:11 - 2017-03-18 17:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
    2017-08-08 14:29 - 2016-09-08 17:59 - 000000000 ____D C:\WINDOWS\system32\MRT
    2017-08-08 14:27 - 2016-09-08 17:59 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2017-08-05 13:44 - 2016-10-09 21:43 - 000000000 ____D C:\Users\Rabigalo\.frostwire5
    2017-08-03 20:07 - 2017-01-25 19:31 - 000000000 ____D C:\Users\Rabigalo\Documents\Personal

    ==================== Files in the root of some directories =======

    2017-05-26 14:58 - 2017-05-26 14:58 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
    2017-01-26 18:18 - 2017-04-20 18:53 - 000000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml
    2016-09-02 13:02 - 2016-09-02 13:03 - 000000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
    2016-09-02 13:06 - 2016-09-02 13:06 - 000000105 _____ () C:\ProgramData\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}.log
    2016-09-02 13:05 - 2016-09-02 13:05 - 000000100 _____ () C:\ProgramData\{6BADCD73-E925-46F7-A295-FF2448632728}.log
    2016-09-02 13:06 - 2016-09-02 13:06 - 000000098 _____ () C:\ProgramData\{CEF5334F-B91A-4327-ACAE-AA50DCE3F995}.log

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2017-08-28 16:38

    ==================== End of FRST.txt ============================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
    Ran by Rabigalo (31-08-2017 19:16:12)
    Running from C:\Users\Rabigalo\Desktop
    Windows 10 Pro Version 1703 (X64) (2017-05-26 19:34:47)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3267101396-1119176653-3220088351-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-3267101396-1119176653-3220088351-503 - Limited - Disabled)
    Guest (S-1-5-21-3267101396-1119176653-3220088351-501 - Limited - Disabled)
    Rabigalo (S-1-5-21-3267101396-1119176653-3220088351-1001 - Administrator - Enabled) => C:\Users\Rabigalo

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
    FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Acrobat DC (2015) (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0E0F06755100}) (Version: 15.006.30355 - Adobe Systems Incorporated)
    Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
    AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
    Apple Application Support (32-bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Catalyst Control Center Next Localization BR (HKLM\...\{2B4D4A54-27CD-ADED-F5E7-CCD374A68770}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHS (HKLM\...\{E194A8D0-8545-C587-67FB-8BF17CCADF03}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CHT (HKLM\...\{B64923B3-EDF7-380F-3EBC-2F6A7E3D5E87}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization CS (HKLM\...\{475A4387-3F3D-1715-ED19-824F719D90DD}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DA (HKLM\...\{D058B795-4274-F96C-389F-CA07D4BA7A03}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization DE (HKLM\...\{50B1E954-1D62-3498-E0E3-B9ED8B9B3763}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization EL (HKLM\...\{C773C108-8674-D32D-D3AD-40D6A868B287}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization ES (HKLM\...\{155190A9-10BB-7072-894C-6ABFF2358FC5}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FI (HKLM\...\{B09ADB72-2248-8E35-EDE4-EE7DDB31F6BD}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization FR (HKLM\...\{CEA9CB90-2DD4-CB83-F2C4-6BB0841BFFA6}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization HU (HKLM\...\{07F29FA8-3C1C-23FB-83BD-A2C84AE3F939}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization IT (HKLM\...\{6EE720CF-577F-5AE6-B2B1-8AED1479E29B}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization JA (HKLM\...\{73C14D01-420D-4806-1BF7-A10B2E7505F1}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization KO (HKLM\...\{C70525D3-B447-74B5-CDAB-5566D4777743}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NL (HKLM\...\{8E36DDAA-6751-AB58-0CD3-DE7004ED4CD8}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization NO (HKLM\...\{E1B43D42-4E65-AAF6-CD16-633A2AA75DF6}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization PL (HKLM\...\{3398C8E5-48DC-99D6-5B50-6AD312CF3756}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization RU (HKLM\...\{A728E928-73FA-5291-33E8-D3A1AF895D6C}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization SV (HKLM\...\{B2524444-E827-10D9-789D-91087707666A}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TH (HKLM\...\{85733995-9FAB-3516-B552-80A9D651B682}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Next Localization TR (HKLM\...\{C5B64E80-0E6F-02F7-CF5D-7A3D90572BB8}) (Version: 2017.0410.1312.21926 - Advanced Micro Devices, Inc.) Hidden
    Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
    CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.)
    CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.1510.60 - CyberLink Corp.)
    Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
    Dell Digital Delivery (HKLM-x32\...\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}) (Version: 3.1.1018.0 - Dell Products, LP)
    Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
    Dell Help & Support (HKLM\...\{E8669F4E-F2BE-48A9-B5A5-0BC12CA4CB4F}) (Version: 2.4.18.0 - Dell Inc.) Hidden
    Dell Help & Support (HKLM-x32\...\InstallShield_{E8669F4E-F2BE-48A9-B5A5-0BC12CA4CB4F}) (Version: 2.4.18.0 - Dell Inc.)
    Dell Product Registration (HKLM-x32\...\InstallShield_{6EC2BBF2-A438-4240-A7C1-748309E77E02}) (Version: 3.0.98.0 - Dell Inc.)
    Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6793.01 - Dell)
    Dell SupportAssist Remediation (HKLM\...\{00A1B449-74C9-4FF4-A854-BFECFDAD97A3}) (Version: 2.0.2.1841 - Dell Inc.) Hidden
    Dell SupportAssist Remediation (HKLM-x32\...\{073ace1c-7a67-4292-a718-f13deb6a1035}) (Version: 2.0.2.1841 - Dell Inc.)
    Dell SupportAssistAgent (HKLM\...\{E1AA62F7-B32A-4090-814E-83BC7C3DF1FB}) (Version: 2.0.2.21 - Dell)
    Dell System Detect (HKU\S-1-5-21-3267101396-1119176653-3220088351-1001\...\d24084d039586cae) (Version: 8.5.0.4 - Dell)
    Dell Update - SupportAssist Update Plugin (HKLM\...\{EEA45885-F3E3-4E7D-8435-E9C21D36C141}) (Version: 3.0.0.2840 - Dell Inc.)
    Dell Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: 1.9.20.0 - Dell Inc.)
    Dropbox (HKLM-x32\...\Dropbox) (Version: 33.4.23 - Dropbox, Inc.)
    Dropbox 20 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)
    Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
    DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.2.6793.01 - PC-Doctor, Inc.) Hidden
    Fresco Logic USB Display Driver (HKLM\...\{469DA1EA-23CD-4C56-84FE-728C438DAE82}) (Version: 2.0.33100.0 - Fresco Logic)
    FrostWire 6.3.6 (HKLM-x32\...\FrostWire 6) (Version: 6.3.6.202 - FrostWire LLC)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
    HP Color LaserJet Pro M452 (HKLM-x32\...\{60cc8319-2c81-4d9b-84ca-88a4faa33aff}) (Version: 16.0.15111.497 - Hewlett-Packard)
    HP Color LaserJet Pro MFP M477 (HKLM-x32\...\{15758d59-89d2-4595-b92f-0145a142f8f7}) (Version: 16.0.17062.686 - Hewlett-Packard)
    HP Dropbox Plugin (HKLM-x32\...\{19EDEC5D-055E-4AD0-88AC-C342608FC47E}) (Version: 36.0.445.57508 - HP)
    HP Google Drive Plugin (HKLM-x32\...\{1B225296-B1F1-40B3-8427-844E97CB2D1B}) (Version: 36.0.445.57508 - HP)
    HPCLJProM452 (HKLM-x32\...\{E7E2297B-B657-470B-9575-1B5ED16581D5}) (Version: 0.05.0000 - Hewlett-Packard) Hidden
    HPCLJProMFPM477 (HKLM-x32\...\{9F4A8FAA-994E-4623-AB4C-D00F51DA189D}) (Version: 0.05.0000 - Hewlett-Packard) Hidden
    HPDXP (HKLM-x32\...\{76D91695-09BD-4006-BDBF-DD68BD27B62C}) (Version: 3.0.26.16 - HP) Hidden
    hppLaserJetService (HKLM-x32\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
    hppM452LaserJetService (HKLM-x32\...\{FD23DEFC-8027-4E25-BDAE-34023B28A384}) (Version: 001.034.00688 - Hewlett-Packard) Hidden
    I.R.I.S. OCR (HKLM-x32\...\{CF10F6BC-C710-4F6F-B7E1-4057699A59AA}) (Version: 12.3.6.10 - HP)
    iCloud (HKLM\...\{C510BB61-AE0B-4420-87AF-9CF646E86364}) (Version: 6.2.3.17 - Apple Inc.)
    Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
    Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4590 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.1.1043 - Intel Corporation)
    Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
    Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
    Intel® PROSet/Wireless Software (HKLM-x32\...\{66614300-cd9b-4a62-8b18-c97e9562dc3e}) (Version: 19.50.0 - Intel Corporation)
    Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
    iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
    LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8006.3 - Waves Audio Ltd.) Hidden
    McAfee All Access – Total Protection (HKLM-x32\...\MSC) (Version: 16.0.2 - McAfee, Inc.)
    Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.8326.2076 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-3267101396-1119176653-3220088351-1001\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation)
    Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.8326.2076 - Microsoft Corporation)
    Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.8326.2076 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
    Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
    NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
    OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
    Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
    proDAD Adorage 3.0 (HKLM-x32\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
    Product Registration (HKLM\...\{6EC2BBF2-A438-4240-A7C1-748309E77E02}) (Version: 3.0.98.0 - Dell Inc.) Hidden
    PX Profile Update (HKLM-x32\...\{0D5E5C9A-84C2-D3E9-30EE-1836BA479E0E}) (Version: 1.00.1. - AMD) Hidden
    PX Profile Update (HKLM-x32\...\{8DC1990E-2E49-BEA6-D083-C26A2BB218F9}) (Version: 1.00.1. - AMD) Hidden
    Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.17.009 - Dell Inc.)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7737 - Realtek Semiconductor Corp.)
    Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
    Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
    Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
    Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
    Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-3) (Version: 1.0.26.0 - LunarG, Inc.)
    Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
    Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
    Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
    Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
    Windows Driver Package - Fresco Logic (fl2000) AVClass (12/16/2016 2.0.33100.0) (HKLM\...\96322B3F016224B322904E25468308CA20728F15) (Version: 12/16/2016 2.0.33100.0 - Fresco Logic)
    Windows Driver Package - Fresco Logic Inc. (lci_proxykmd) System (12/16/2016 2.0.33100.0) (HKLM\...\722A352AC2F5CAC706F1E3E565971D900E170305) (Version: 12/16/2016 2.0.33100.0 - Fresco Logic Inc.)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
    ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-04-27] (Cyberlink)
    ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2017-08-03] (McAfee, Inc.)
    ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-07-14] (Apple Inc.)
    ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-04-27] (Cyberlink)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
    ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-10] (Advanced Micro Devices, Inc.)
    ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.18.0.dll [2017-08-22] (Dropbox, Inc.)
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
    ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\k120836.inf_amd64_ccaf7e7e1e972b78\igfxDTCM.dll [2017-02-20] (Intel Corporation)
    ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 2015\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
    ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2017-08-03] (McAfee, Inc.)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {095A7C66-7DFC-4032-803B-9CBA02E5852A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
    Task: {0AAD160C-314D-44E2-BFED-CC39625DDB3B} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-08-04] (Dell Inc.)
    Task: {10D88E67-5AAA-44A7-9C8E-60FBC2976329} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-08-12] (Microsoft Corporation)
    Task: {1B8805D0-5D61-4CDC-9DC3-F8A9665713DC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-07] (Google Inc.)
    Task: {22CAEE97-A9F0-4B15-84AB-DD509A3DA7A8} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2016-03-24] (PC-Doctor, Inc.)
    Task: {2B11FEA3-36AF-479C-9D1B-B4E2170A112A} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLVDLauncher.exe [2015-01-28] (CyberLink Corp.)
    Task: {37AFB90A-6ABF-4BE7-A3B9-B72B873F1D08} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-08] (Dropbox, Inc.)
    Task: {40A08C36-47CA-4375-8FE6-1670748876B1} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
    Task: {47522EE6-2493-4FCC-8C88-281E18A9A495} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-08-23] ()
    Task: {48D6B7BC-37D7-4FE9-BC02-1E3A798027F3} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe [2016-04-27] (CyberLink)
    Task: {4F2AC31E-3BE0-437A-B3FE-B4A50EACA68C} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2016-03-24] (PC-Doctor, Inc.)
    Task: {5DBC3AD8-B899-4EAA-B5D6-E4BD318226F5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-08-23] (Microsoft Corporation)
    Task: {5E4D7C4F-58AF-46A8-A227-1D7481EFF420} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-11-30] (DropboxOEM)
    Task: {6805AD40-687D-4AEA-99A5-5847B949D496} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-10] (Advanced Micro Devices, Inc.)
    Task: {709B38F6-2C2F-4616-BD71-70E2378F1E94} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
    Task: {78E67234-A7D3-4A57-8CD1-6BB0B1A31D14} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
    Task: {7DDDBD0E-FB27-43BA-97EB-27815D96F2D5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-09] (Adobe Systems Incorporated)
    Task: {875BAF76-74EA-4EAF-AB09-D76F622C57B9} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2017-05-31] (McAfee, Inc.)
    Task: {887219CC-07D9-47A0-A678-3AFB7E9F3E45} - System32\Tasks\Dell SupportAssistAgent AnonymousRegistration => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-08-04] (Dell Inc.)
    Task: {942AD0E5-08B3-4CF5-B701-25329A921796} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-08-12] (Microsoft Corporation)
    Task: {B62C0DFD-18A8-4C8D-9544-135143F3B57B} - System32\Tasks\McAfee\McAfee Idle Detection Task
    Task: {BA846478-2357-4682-BA89-A8BAF1310E51} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2017-08-03] (McAfee, Inc.)
    Task: {D49A19C5-77E8-4E1A-950F-D7C36815C2B9} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
    Task: {D705DF43-7A7C-47D7-9BE7-1160B634F1F3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-08-23] (Microsoft Corporation)
    Task: {DDE5A63D-E952-4889-B961-32BFF8B8D0E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-07] (Google Inc.)
    Task: {E2CDAB75-51DA-4DF6-AD9D-553AB7D3D6BC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-08] (Dropbox, Inc.)
    Task: {F86B1E63-94EE-42E5-BD17-CC35E9062B92} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-02-05] (Realtek Semiconductor)
    Task: {FA287291-4913-4F25-9E57-195FA043EB3F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-08-23] ()
    Task: {FF01FD12-62D0-4FD8-94B0-36A90AE54872} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    Task: C:\WINDOWS\Tasks\RunDLC.job => cmd c sc start Dell Help SupportWORKGROUP BIGGIE

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    Shortcut: C:\Users\Rabigalo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 6\FrostWire 6.3.6-SafeMode.lnk -> C:\Program Files (x86)\FrostWire 6\frostwire.bat ()

    ==================== Loaded Modules (Whitelisted) ==============

    2017-01-13 14:56 - 2017-01-13 14:56 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2017-07-13 20:50 - 2017-07-13 20:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2015-05-19 12:11 - 2015-05-19 12:11 - 000007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
    2017-04-20 19:49 - 2017-08-09 10:37 - 000584184 _____ () C:\Program Files\McAfee\MfeAV\RealProtectAMScanIf.dll
    2017-04-20 19:49 - 2017-08-09 10:37 - 000575376 _____ () C:\Program Files\McAfee\MfeAV\RepairModule.dll
    2017-03-18 16:58 - 2017-03-18 16:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
    2016-09-08 21:42 - 2017-08-23 23:51 - 008929480 _____ () C:\Program Files\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
    2017-03-18 16:59 - 2017-03-18 22:30 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2017-07-14 10:27 - 2017-07-14 10:27 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
    2017-07-14 10:26 - 2017-07-14 10:26 - 001354040 _____ () C:\Program Files\iTunes\libxml2.dll
    2017-07-14 10:26 - 2017-07-14 10:26 - 000236856 _____ () C:\Program Files\iTunes\libxslt.dll
    2016-08-29 18:54 - 2016-08-29 18:54 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
    2016-08-29 18:54 - 2016-08-29 18:54 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
    2016-08-29 18:54 - 2016-08-29 18:54 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
    2016-08-29 18:54 - 2016-08-29 18:54 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
    2016-08-29 18:54 - 2016-08-29 18:54 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
    2016-08-29 18:54 - 2016-08-29 18:54 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
    2016-08-29 18:54 - 2016-08-29 18:54 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
    2016-09-02 13:02 - 2014-12-08 03:28 - 000627672 _____ () C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMediaLibrary.dll
    2014-12-08 18:28 - 2014-12-08 18:28 - 000016856 _____ () C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvcPS.dll
    2017-07-13 20:51 - 2017-07-13 20:51 - 001041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2017-07-13 20:50 - 2017-07-13 20:50 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
    2017-01-13 14:56 - 2017-01-13 14:56 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2017-08-23 22:10 - 2017-08-22 12:55 - 000757568 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
    2017-08-23 22:10 - 2017-08-22 12:55 - 001787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
    2017-08-04 16:34 - 2017-08-22 12:53 - 000100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
    2017-08-04 16:34 - 2017-08-22 12:53 - 000018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
    2017-08-04 16:34 - 2017-08-22 12:57 - 000020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
    2017-08-04 16:34 - 2017-08-22 12:53 - 000035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
    2017-08-23 22:10 - 2017-08-22 12:56 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
    2017-08-04 16:34 - 2017-08-22 12:53 - 000125904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
    2017-08-04 16:34 - 2017-08-22 12:53 - 000694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
    2017-08-23 22:10 - 2017-08-22 12:56 - 001862992 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
    2017-08-23 22:10 - 2017-08-22 12:56 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
    2017-08-23 22:10 - 2017-08-22 12:53 - 000145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
    2017-08-23 22:10 - 2017-08-22 12:55 - 000116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
    2017-08-04 16:34 - 2017-08-22 12:53 - 000105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
    2017-08-04 16:34 - 2017-08-22 12:57 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
    2017-08-23 22:10 - 2017-08-22 12:57 - 000062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
    2017-08-23 22:10 - 2017-08-22 12:57 - 000040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
    2017-08-04 16:34 - 2017-08-22 12:53 - 000024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
    2017-08-23 22:10 - 2017-08-22 12:53 - 000020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
    2017-08-04 16:34 - 2017-08-22 12:53 - 000124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
    2017-08-04 16:34 - 2017-08-22 12:53 - 000116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
    2017-08-23 22:10 - 2017-08-22 12:55 - 000392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
    2017-08-04 16:34 - 2017-08-22 12:57 - 000392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
    2017-08-04 16:34 - 2017-08-22 12:57 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
    2017-08-04 16:34 - 2017-08-22 12:53 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
    2017-08-04 16:34 - 2017-08-22 12:53 - 000175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
    2017-08-04 16:34 - 2017-08-22 12:53 - 000030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
    2017-08-04 16:34 - 2017-08-22 12:53 - 000043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
    2017-08-04 16:34 - 2017-08-22 12:53 - 000048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
    2017-08-04 16:34 - 2017-08-22 12:53 - 000057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
    2017-08-23 22:10 - 2017-08-22 12:56 - 000022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
    2017-08-04 16:34 - 2017-08-22 12:57 - 000082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
    2017-08-04 16:34 - 2017-08-22 12:57 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
    2017-08-23 22:10 - 2017-08-22 12:57 - 003928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
    2017-08-04 16:34 - 2017-08-22 12:53 - 000083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
    2017-08-23 22:10 - 2017-08-22 12:57 - 001826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
    2017-08-23 22:10 - 2017-08-22 12:57 - 001972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
    2017-08-04 16:34 - 2017-08-22 12:53 - 000028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
    2017-08-04 16:34 - 2017-08-22 12:53 - 000024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
    2017-08-23 22:10 - 2017-08-22 12:57 - 000171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
    2017-08-23 22:10 - 2017-08-22 12:57 - 000042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
    2017-08-23 22:10 - 2017-08-22 12:57 - 000531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
    2017-08-23 22:10 - 2017-08-22 12:57 - 000133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
    2017-08-23 22:10 - 2017-08-22 12:57 - 000224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
    2017-08-23 22:10 - 2017-08-22 12:57 - 000207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
    2017-08-04 16:34 - 2017-08-22 12:53 - 000060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
    2017-08-04 16:34 - 2017-08-22 12:57 - 000054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
    2017-08-04 16:34 - 2017-08-22 12:57 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
    2017-08-04 16:34 - 2017-08-22 12:57 - 000069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
    2017-08-04 16:34 - 2017-08-22 12:57 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
    2017-08-04 16:34 - 2017-08-22 12:57 - 000021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
    2017-08-04 16:34 - 2017-08-22 12:57 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
    2017-08-23 22:10 - 2017-08-22 12:56 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
    2017-08-04 16:34 - 2017-08-22 12:53 - 000349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
    2017-08-23 22:10 - 2017-08-22 12:57 - 000103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
    2017-08-04 16:34 - 2017-08-22 12:58 - 000023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
    2017-08-23 22:10 - 2017-08-22 12:57 - 000025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
    2017-08-23 22:10 - 2017-08-22 12:55 - 000036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
    2017-08-23 22:10 - 2017-08-22 12:57 - 000033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
    2017-08-23 22:10 - 2017-08-22 12:55 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
    2017-08-23 22:10 - 2017-08-22 12:56 - 000181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
    2017-08-04 16:34 - 2017-08-22 12:57 - 000030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
    2017-08-23 22:10 - 2017-08-22 12:57 - 000024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
    2017-08-23 22:10 - 2017-08-22 12:57 - 001637688 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
    2017-08-04 16:34 - 2017-08-22 12:57 - 000026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
    2017-08-04 16:34 - 2017-08-22 12:57 - 000023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd
    2016-12-21 11:24 - 2016-12-21 11:24 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
    2017-05-01 15:27 - 2017-05-01 15:27 - 000133992 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
    2015-10-16 09:14 - 2015-10-16 09:14 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\Users\Rabigalo\Documents\2005 Annual Inventory Guidelines.pdf:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Alexandria's 1st Grade Report Card.pdf:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Blackberry Settings.doc:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\CA-16.pdf:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Disqualification Letters.pdf:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Duty Agent roster 2009-2010.doc:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Golf Tournament Quote.jpg:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Legal Service Agreement with Michael Beasley.pdf:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Motor Vehicle Utilization Report for August 2009.doc:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\My Eval Bullets.doc:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\PSN Photo 2006 Conference.JPG:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Redneck 911 Joke.wmv:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Sandisk Titanium 512 MB Quick Start Guide.pdf:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Staff Directory as of 11-16-2009.xls:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Sunny's Pricelist.jpg:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\The Great Black Vote.wmv:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\TSP Tracking - (Shell).xls:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\TSP Tracking With Share Prices - (Shell).xls:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Welcome_to_the_family.wmv:Roxio EMC Stream [38]

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2015-10-30 03:24 - 2016-10-10 21:16 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3267101396-1119176653-3220088351-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\BlueLava_1112000xx_inspiron_wallpaper58095_16x9_72dpi_RGB.jpg
    DNS Servers: 209.18.47.62 - 209.18.47.61
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{9D87C94C-67A7-4540-AA7B-F4AE2B8E6F2A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    FirewallRules: [{8C89E223-2C3C-47D9-BC65-5E0A2829FC36}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{B5EF552E-4BBE-4CE6-81DE-C60CB5FC1C55}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{308A9A98-AD28-4606-B14E-9FBE28D5A0D6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{9718DA4E-EC5C-4C68-BEEE-313E3F8CB107}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{51583130-15AF-4D62-A688-05D73AE8EE3F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
    FirewallRules: [{DDBD06BA-8EB9-4FD5-A59D-6324238B0EEB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
    FirewallRules: [{AE0D8746-EC87-4E1B-8824-B6894C224D4E}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    FirewallRules: [{D2542B10-44C9-45C5-A2F6-D22482A1CC0D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
    FirewallRules: [{43CCEBFB-D1B0-483A-91B6-D2DEC1C1E9C0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
    FirewallRules: [{42EA1005-F13E-415D-B967-CB16C9298FA5}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe
    FirewallRules: [{DE373133-B914-4EFF-AC31-9B383BE44A51}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe
    FirewallRules: [{94254461-7387-447A-8D5F-15EDA8D3D2EC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{56E8359E-46F2-440F-B140-A960492EF178}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{C544D9E1-60E0-41C7-8AB6-30EB5053AAD7}] => (Allow) C:\Users\Rabigalo\AppData\Local\Temp\7zS7FCD\HP.EasyStart.exe
    FirewallRules: [{85473A22-CEB3-4CC8-B719-DA6E985D8C0E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{9EC83C08-4A72-4A40-928C-4F67F1B13CE9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
    FirewallRules: [{0D60C0E9-18A1-4F42-9991-CF220045FB0A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    FirewallRules: [{D0706E82-2AC6-4E33-9516-FD36443F24EF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Restore Points =========================

    21-08-2017 19:31:47 Scheduled Checkpoint
    29-08-2017 16:04:24 Scheduled Checkpoint
    31-08-2017 18:11:20 Restore Operation

    ==================== Faulty Device Manager Devices =============

    Name: FrescoLogic Proxy Display Adapter
    Description: FrescoLogic Proxy Display Adapter
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: Fresco Logic Inc.
    Service: lci_proxykmd
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (08/31/2017 07:13:24 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "c:\program files (x86)\cyberlink\powerdvd16\kernel\dms\CLMSMediaInfoPDVD16.exe".
    Dependent Assembly CLMSMediaInfo.X,type="win32",version="1.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (08/31/2017 07:12:04 PM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "c:\program files\amd\cim\bin64\SetACL64.exe".
    Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (08/31/2017 06:51:34 PM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
    Description: [4] ERROR- ReadEpsaVersion() Exception: Data at the root level is invalid. Line 1, position 1. #StackInfo#

    Error: (08/31/2017 06:50:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: ERROR: handle_resolve_request bad interfaceIndex 11

    Error: (08/31/2017 06:50:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BIGGIE)
    Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (08/31/2017 06:49:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BIGGIE)
    Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

    Error: (08/31/2017 06:46:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Local Hostname Biggie.local already in use; will try Biggie-2.local instead

    Error: (08/31/2017 06:46:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 4 Biggie.local. Addr 192.168.0.6

    Error: (08/31/2017 06:46:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNSCoreReceiveResponse: Received from 192.168.0.6:5353 16 Biggie.local. AAAA 2606:A000:C6CA:0400:0000:0000:0000:0003

    Error: (08/31/2017 06:46:18 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
    Description: ATI EEU Service event error


    System errors:
    =============
    Error: (08/31/2017 07:05:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (08/31/2017 06:59:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Dell SupportAssist Agent service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.

    Error: (08/31/2017 06:59:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Dell SupportAssist Agent service to connect.

    Error: (08/31/2017 06:59:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Product Registration service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.

    Error: (08/31/2017 06:59:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Product Registration service to connect.

    Error: (08/31/2017 06:58:31 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The Downloaded Maps Manager service hung on starting.

    Error: (08/31/2017 06:56:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The Intel(R) Management and Security Application Local Management Service service hung on starting.

    Error: (08/31/2017 06:52:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Dell Digital Delivery Service service failed to start due to the following error:
    The service did not respond to the start or control request in a timely fashion.

    Error: (08/31/2017 06:52:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Dell Digital Delivery Service service to connect.

    Error: (08/31/2017 06:46:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz
    Percentage of memory in use: 28%
    Total physical RAM: 16275.9 MB
    Available physical RAM: 11650.04 MB
    Total Virtual: 18707.9 MB
    Available Virtual: 14017.76 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:1847.42 GB) (Free:1553.06 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 1863 GB) (Disk ID: B1139509)

    Partition: GPT.

    ==================== End of Addition.txt ============================
    Bigalo

  2. #2
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,223

    Default

    I'm getting a message on my computer telling me that I'm affected by malware and to contact a number to have the technician assist me in removing the malware
    That is a scam and typically can show up on any browser you use.
    IF it should happen again, open task manager, locate the browser your using at that time, right click on that and end task.

    ~~~

    Start Farbar Recovery Scan Tool (Please double-click on FRST/FRST64) with Administrator privileges
    or Right click on the FRST icon and select Run as administrator
    Highlight the below information then hit the Ctrl + C keys at the same time
    or
    Right click/highlight on the text below and select Copy.[beginning with
    Start:: and finishing with End::


    Start::
    CloseProcesses:
    CreateRestorePoint:
    FF Homepage: Mozilla\Firefox\Profiles\ma5f8kek.default-1473380576373 -> hxxp://search.heasyspeedtest.co?uid=b59fbfa1-1e06-4137-991e-ff6542bc9874&uc=20170831&ap=appfocus1&source=display-googledisplay-bb8&page=homepage&implementation_id=speedtest_4.0.17
    R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
    C:\ProgramData\{CEF5334F-B91A-4327-ACAE-AA50DCE3F995}.log
    C:\ProgramData\{6BADCD73-E925-46F7-A295-FF2448632728}.log
    C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
    C:\ProgramData\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}.log
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    Task: {095A7C66-7DFC-4032-803B-9CBA02E5852A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
    AlternateDataStreams: C:\Users\Rabigalo\Documents\2005 Annual Inventory Guidelines.pdf:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Alexandria's 1st Grade Report Card.pdf:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Blackberry Settings.doc:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\CA-16.pdf:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Disqualification Letters.pdf:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Duty Agent roster 2009-2010.doc:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Golf Tournament Quote.jpg:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Legal Service Agreement with Michael Beasley.pdf:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Motor Vehicle Utilization Report for August 2009.doc:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\My Eval Bullets.doc:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\PSN Photo 2006 Conference.JPG:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Redneck 911 Joke.wmv:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Sandisk Titanium 512 MB Quick Start Guide.pdf:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Staff Directory as of 11-16-2009.xls:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Sunny's Pricelist.jpg:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\The Great Black Vote.wmv:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\TSP Tracking - (Shell).xls:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\TSP Tracking With Share Prices - (Shell).xls:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Welcome_to_the_family.wmv:Roxio EMC Stream [38]
    Emptytemp:
    End::

    ~~
    Press the Fix button.
    If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

    ~~~~~~~~~~~~~

    Malwarebytes AdwCleaner
    • Please download Malwarebytes AdwCleaner and save the file to your Desktop
    • Right-click AdwCleaner.exe and select Run as administrator to run the programme.
    • Follow the prompts.
    • Click Scan.
    • Upon completion, A log will open. Briefly check the log for anything you know to be legitimate.
    • Return to AdwCleaner. Ensure anything you know to be legitimate does not have a checkmark under the corresponding tab.
    • Click Clean.
    • Follow the prompts and allow your computer to reboot.
    • After the reboot, a log will open. Copy the contents of the log and paste in your next reply.

    -- File, folder and registry backups are made for items removed using this programme. Should a legitimate file, folder or registry item be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the item. Please do not overly concern yourself with the contents of AdwCleaner[S0].txt.


    ~~

    Please download Junkware Removal Tool
    or from here http://downloads.malwarebytes.org/file/jrt
    to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.


    ~~
    please post
    Fixlog.txt
    AdwCleaner[C1].txt
    JRT.txt
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
    Want to help others? Join the ClassRoom and learn how.

  3. #3
    Member
    Join Date
    Oct 2005
    Posts
    71

    Default

    In your reply, you instructed me to copy the text after opening the Farbar tool, but you didn't tell me what to do with it once I copied the material. Can you please provide me the information. Thanks!
    Bigalo

  4. #4
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,223

    Default

    the instructions were at the bottom of the fix
    Press the Fix button.
    If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
    Want to help others? Join the ClassRoom and learn how.

  5. #5
    Member
    Join Date
    Oct 2005
    Posts
    71

    Default

    I did see the instruction, but my question is once I copy the text, what do I do with the copied text. Do I paste it in the search field in the tool and hit "fix?"
    Bigalo

  6. #6
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,223

    Default

    Do I paste it in the search field
    No, by highlighting and selecting copy, it goes then to clip board


    Start Farbar Recovery Scan Tool
    Copy the fix
    beginning with Start:: and finishing with End::

    Then Press the Fix button.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
    Want to help others? Join the ClassRoom and learn how.

  7. #7
    Member
    Join Date
    Oct 2005
    Posts
    71

    Default

    Thanks for the clarification. The logs are as follows:

    Fix result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
    Ran by Rabigalo (01-09-2017 19:51:02) Run:1
    Running from C:\Users\Rabigalo\Desktop
    Loaded Profiles: Rabigalo (Available Profiles: Rabigalo)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************

    CloseProcesses:
    CreateRestorePoint:
    FF Homepage: Mozilla\Firefox\Profiles\ma5f8kek.default-1473380576373 -> hxxp://search.heasyspeedtest.co?uid=b59fbfa1-1e06-4137-991e-ff6542bc9874&uc=20170831&ap=appfocus1&source=display-googledisplay-bb8&page=homepage&implementation_id=speedtest_4.0.17
    R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
    C:\ProgramData\{CEF5334F-B91A-4327-ACAE-AA50DCE3F995}.log
    C:\ProgramData\{6BADCD73-E925-46F7-A295-FF2448632728}.log
    C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
    C:\ProgramData\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}.log
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    Task: {095A7C66-7DFC-4032-803B-9CBA02E5852A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
    AlternateDataStreams: C:\Users\Rabigalo\Documents\2005 Annual Inventory Guidelines.pdf:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Alexandria's 1st Grade Report Card.pdf:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Blackberry Settings.doc:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\CA-16.pdf:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Disqualification Letters.pdf:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Duty Agent roster 2009-2010.doc:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Golf Tournament Quote.jpg:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Legal Service Agreement with Michael Beasley.pdf:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Motor Vehicle Utilization Report for August 2009.doc:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\My Eval Bullets.doc:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\PSN Photo 2006 Conference.JPG:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Redneck 911 Joke.wmv:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Sandisk Titanium 512 MB Quick Start Guide.pdf:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Staff Directory as of 11-16-2009.xls:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Sunny's Pricelist.jpg:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\The Great Black Vote.wmv:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\TSP Tracking - (Shell).xls:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\TSP Tracking With Share Prices - (Shell).xls:Roxio EMC Stream [38]
    AlternateDataStreams: C:\Users\Rabigalo\Documents\Welcome_to_the_family.wmv:Roxio EMC Stream [38]
    Emptytemp:

    *****************

    Processes closed successfully.
    Restore point was successfully created.
    Firefox "homepage" removed successfully
    HKLM\System\CurrentControlSet\Services\ibtsiva => key removed successfully
    ibtsiva => service removed successfully
    C:\ProgramData\{CEF5334F-B91A-4327-ACAE-AA50DCE3F995}.log => moved successfully
    C:\ProgramData\{6BADCD73-E925-46F7-A295-FF2448632728}.log => moved successfully
    C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log => moved successfully
    C:\ProgramData\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}.log => moved successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => key removed successfully
    HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key removed successfully
    HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{095A7C66-7DFC-4032-803B-9CBA02E5852A} => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{095A7C66-7DFC-4032-803B-9CBA02E5852A} => key removed successfully
    C:\WINDOWS\System32\Tasks\AVAST Software\Avast settings backup => moved successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Avast settings backup => key removed successfully
    C:\Users\Rabigalo\Documents\2005 Annual Inventory Guidelines.pdf => ":Roxio EMC Stream" ADS removed successfully.
    C:\Users\Rabigalo\Documents\Alexandria's 1st Grade Report Card.pdf => ":Roxio EMC Stream" ADS removed successfully.
    C:\Users\Rabigalo\Documents\Blackberry Settings.doc => ":Roxio EMC Stream" ADS removed successfully.
    C:\Users\Rabigalo\Documents\CA-16.pdf => ":Roxio EMC Stream" ADS removed successfully.
    C:\Users\Rabigalo\Documents\Disqualification Letters.pdf => ":Roxio EMC Stream" ADS removed successfully.
    C:\Users\Rabigalo\Documents\Duty Agent roster 2009-2010.doc => ":Roxio EMC Stream" ADS removed successfully.
    C:\Users\Rabigalo\Documents\Golf Tournament Quote.jpg => ":Roxio EMC Stream" ADS removed successfully.
    C:\Users\Rabigalo\Documents\Legal Service Agreement with Michael Beasley.pdf => ":Roxio EMC Stream" ADS removed successfully.
    C:\Users\Rabigalo\Documents\Motor Vehicle Utilization Report for August 2009.doc => ":Roxio EMC Stream" ADS removed successfully.
    C:\Users\Rabigalo\Documents\My Eval Bullets.doc => ":Roxio EMC Stream" ADS removed successfully.
    C:\Users\Rabigalo\Documents\PSN Photo 2006 Conference.JPG => ":Roxio EMC Stream" ADS removed successfully.
    C:\Users\Rabigalo\Documents\Redneck 911 Joke.wmv => ":Roxio EMC Stream" ADS removed successfully.
    C:\Users\Rabigalo\Documents\Sandisk Titanium 512 MB Quick Start Guide.pdf => ":Roxio EMC Stream" ADS removed successfully.
    C:\Users\Rabigalo\Documents\Staff Directory as of 11-16-2009.xls => ":Roxio EMC Stream" ADS removed successfully.
    C:\Users\Rabigalo\Documents\Sunny's Pricelist.jpg => ":Roxio EMC Stream" ADS removed successfully.
    C:\Users\Rabigalo\Documents\The Great Black Vote.wmv => ":Roxio EMC Stream" ADS removed successfully.
    C:\Users\Rabigalo\Documents\TSP Tracking - (Shell).xls => ":Roxio EMC Stream" ADS removed successfully.
    C:\Users\Rabigalo\Documents\TSP Tracking With Share Prices - (Shell).xls => ":Roxio EMC Stream" ADS removed successfully.
    C:\Users\Rabigalo\Documents\Welcome_to_the_family.wmv => ":Roxio EMC Stream" ADS removed successfully.

    =========== EmptyTemp: ==========

    BITS transfer queue => 6578176 B
    DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 65964264 B
    Java, Flash, Steam htmlcache => 93545 B
    Windows/system/drivers => 293645260 B
    Edge => 34590197 B
    Chrome => 591072125 B
    Firefox => 387113647 B
    Opera => 0 B

    Temp, IE cache, history, cookies, recent:
    Default => 6656 B
    Users => 0 B
    ProgramData => 0 B
    Public => 0 B
    systemprofile => 383521 B
    systemprofile32 => 0 B
    LocalService => 69812 B
    NetworkService => 171610 B
    Rabigalo => 593431037 B

    RecycleBin => 4544261078 B
    EmptyTemp: => 6.1 GB temporary data Removed.

    ================================


    The system needed a reboot.

    ==== End of Fixlog 19:53:26 ====

    # AdwCleaner 7.0.2.1 - Logfile created on Sat Sep 02 00:14:37 2017
    # Updated on 2017/29/08 by Malwarebytes
    # Database: 09-01-2017.2
    # Running on Windows 10 Pro (X64)
    # Mode: scan
    # Support: https://www.malwarebytes.com/support

    ***** [ Services ] *****

    No malicious services found.

    ***** [ Folders ] *****

    PUP.Optional.ByteFence, C:\Program Files\ByteFence
    PUP.Optional.ByteFence, C:\Users\Rabigalo\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence


    ***** [ Files ] *****

    No malicious files found.

    ***** [ DLL ] *****

    No malicious DLLs found.

    ***** [ WMI ] *****

    No malicious WMI found.

    ***** [ Shortcuts ] *****

    No malicious shortcuts found.

    ***** [ Tasks ] *****

    No malicious tasks found.

    ***** [ Registry ] *****

    PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d10lpsik1i8c69.cloudfront.net
    PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d10lpsik1i8c69.cloudfront.net
    PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d10lpsik1i8c69.cloudfront.net
    PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d10lpsik1i8c69.cloudfront.net


    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries.

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries.

    *************************



    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.1.4 (07.09.2017)
    Operating System: Windows 10 Pro x64
    Ran by Rabigalo (Administrator) on Fri 09/01/2017 at 20:26:28.78
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    File System: 3

    Successfully deleted: C:\WINDOWS\system32\Tasks\PCDEventLauncherTask (Task)
    Successfully deleted: C:\WINDOWS\system32\Tasks\PCDoctorBackgroundMonitorTask (Task)
    Successfully deleted: C:\WINDOWS\wininit.ini (File)



    Registry: 0





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Fri 09/01/2017 at 20:29:11.53
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Bigalo

  8. #8
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,223

    Default

    For older outdated MBAM version 2

    You have an older version of Malwarebytes Anti-Malware (version 2.2.1)
    Developers are not planning to release any more software updates (For this version). Users may choose not to upgrade and continue to use older versions after the End of Life date if they wish, but they do so at their own risk, since we cant guarantee that ongoing protection updates will be available.

    https://www.bleepingcomputer.com/for...alwarebytes-3/
    Please see malwarebytes.com/support/lifecycle for more details.

    You can download Malwarebytes 3.0 from either Bleeping Computer or Malwarebytes.

    But before you install, please uninstall MBAM 2.0 from Programs and Features and afterwards optionally run the new Malwarebytes Clean Uninstall Tool from either Bleeping Computer or Malwarebytes.

    Note: It is recommended that you backup or obtain the licensing information before running the tool in order to restore the paid (Premium) version.

    ~~

    It would be in your best interest to download and install Malwarebytes 3.0
    You can allow the trail Premium version or, just the Free version, your choice.

    ~~~~~~~~~~~~~~~~~~
    Please download the Malwarebytes Anti-Malware setup file to your Desktop.

    OR from this location Here

    • After the installation IS complete let it update if it asks.
    • Under SETTINGS.....APPLICATIONS leave everything at default
    • Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
    • Under PUP and PUM make sure both are set to show Treat Detections as Malware
    • Then on the Dashboard click on Scan
    • Make sure to select THREAT SCAN
    • Then click on Scan
    • Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards.
    • If threats are detected, click Remove Selected. If you are prompted to reboot, click Yes.
      Upon completion of the scan (or after the reboot), click the Reports tab.
      Double-click the Scan Log.
      At the bottom click Export and choose Text file.

    Save the file to your desktop and include its content in your next reply.

    You can access the logs by going in the "Reports" tab, clicking on the latest "Scan" entry (the one with detections), then clicking on the "Export" button in the bottom-left corner and select "Copy to clipboard". After that, all you have to do is paste it here
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~``

    Emsisoft Emergency Kit

    Please download Emsisoft Emergency Kit and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\).
    1. After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.
    2. The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates.
    3. When update is complete, click Malware Scan. When asked if you want the scanner to scan for Potentially Unwanted Programs, click Yes. Emsisoft Emergency Kit will start scanning.
    4. When the scan is completed click Quarantine selected objects. Note, this option is only available if malicious objects were detected during the scan.
    5. When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.
    6. Please save the log in Notepad on your desktop and post the contents in your next reply.
    7. When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.


    Please post these 2 logs when finished.

    How is the computer now?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
    Want to help others? Join the ClassRoom and learn how.

  9. #9
    Member
    Join Date
    Oct 2005
    Posts
    71

    Default

    The computer appear to be running fine. the logs are as follows:

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 9/1/17
    Scan Time: 9:46 PM
    Log File: 8b309736-8f80-11e7-b112-28f10e4af884.json
    Administrator: Yes

    -Software Information-
    Version: 3.2.2.2018
    Components Version: 1.0.188
    Update Package Version: 1.0.2707
    License: Trial

    -System Information-
    OS: Windows 10 (Build 15063.540)
    CPU: x64
    File System: NTFS
    User: BIGGIE\Rabigalo

    -Scan Summary-
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 373157
    Threats Detected: 0
    (No malicious items detected)
    Threats Quarantined: 0
    (No malicious items detected)
    Time Elapsed: 2 min, 56 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Detect
    PUM: Detect

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 0
    (No malicious items detected)

    Registry Value: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 0
    (No malicious items detected)

    File: 0
    (No malicious items detected)

    Physical Sector: 0
    (No malicious items detected)


    (end)

    Emsisoft Emergency Kit - Version 2017.8
    Last update: 9/1/2017 9:57:57 PM
    User account: BIGGIE\Rabigalo
    Computer name: BIGGIE
    OS version: Windows 10x64

    Scan settings:

    Scan type: Malware Scan
    Objects: Rootkits, Memory, Traces, Files

    Detect PUPs: On
    Scan archives: Off
    Scan mail archives: Off
    ADS Scan: On
    File extension filter: Off
    Direct disk access: Off

    Scan start: 9/1/2017 9:58:32 PM

    Scanned 77491
    Found 0

    Scan end: 9/1/2017 10:02:23 PM
    Scan time: 0:03:51
    Bigalo

  10. #10
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,223

    Default

    Good deal

    I think we can go ahead and remove tools and quarantine folders.

    DelFix

    • Please download DelFix or from Here and save the file to your Desktop.
    • Double-click DelFix.exe to run the programme.
    • Place a checkmark next to the following items:
    • Activate UAC
    • Remove disinfection tools
    • Click the Run button.
    • -- This will remove the specialized tools we used to disinfect your system.
      Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete
      ).

    *******************
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
    Want to help others? Join the ClassRoom and learn how.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •