Solved Rogue killer found rans.gendarm, no kill

[Kevin Hill]

Need help removing it

RogueKiller V10.5.0.0 [Mar 2 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : kjh71leo [Administrator]
Mode : Delete -- Date : 06/28/2018 16:09:31

¤¤¤ Processes : 1 ¤¤¤
[Rans.Gendarm] svchost.exe(1848) -- C:\Windows\System32\svchost.exe[x] -> [NoKill]

¤¤¤ Registry : 3 ¤¤¤
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\catchme -> Deleted
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme -> Deleted
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\catchme -> Deleted

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD2500AAKX-083CA1 ATA Device +++++
--- User ---
[MBR] 99438a717546a65862709e2f36a524d8
[BSP] 08f35a9db37727783cff54f9e4f6a7c8 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 238373 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic- SD/MMC USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive2: Generic- Compact Flash USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive3: Generic- SM/xD-Picture USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive4: Generic- MS/MS-Pro USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )


============================================
RKreport_DEL_06252018_191209.log - RKreport_DEL_06262018_103318.log - RKreport_DEL_06272018_080334.log - RKreport_SCN_06252018_191024.log
RKreport_SCN_06252018_191340.log - RKreport_SCN_06252018_191514.log - RKreport_SCN_06262018_102228.log - RKreport_SCN_06262018_102905.log
RKreport_SCN_06262018_104013.log - RKreport_SCN_06272018_075158.log - RKreport_SCN_06272018_080207.log - RKreport_SCN_06272018_081137.log
RKreport_SCN_06272018_081635.log - RKreport_SCN_06282018_090227.log - RKreport_SCN_06282018_160858.log

 

[Broni]

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

======================================

Reboot, re-run RK and post fresh log.

 

[Kevin Hill]

RogueKiller V10.5.0.0 [Mar 2 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : kjh71leo [Administrator]
Mode : Scan -- Date : 06/28/2018 19:21:43

¤¤¤ Processes : 1 ¤¤¤
[Rans.Gendarm] svchost.exe(624) -- C:\Windows\System32\svchost.exe[x] -> [NoKill]

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD2500AAKX-083CA1 ATA Device +++++
--- User ---
[MBR] 99438a717546a65862709e2f36a524d8
[BSP] 08f35a9db37727783cff54f9e4f6a7c8 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 238373 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic- SD/MMC USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive2: Generic- Compact Flash USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive3: Generic- SM/xD-Picture USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive4: Generic- MS/MS-Pro USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )


============================================
RKreport_DEL_06252018_191209.log - RKreport_DEL_06262018_103318.log - RKreport_DEL_06272018_080334.log - RKreport_DEL_06282018_160931.log
RKreport_SCN_06252018_191024.log - RKreport_SCN_06252018_191340.log - RKreport_SCN_06252018_191514.log - RKreport_SCN_06262018_102228.log
RKreport_SCN_06262018_102905.log - RKreport_SCN_06262018_104013.log - RKreport_SCN_06272018_075158.log - RKreport_SCN_06272018_080207.log
RKreport_SCN_06272018_081137.log - RKreport_SCN_06272018_081635.log - RKreport_SCN_06282018_090227.log - RKreport_SCN_06282018_160858.log
RKreport_SCN_06282018_163927.log - RKreport_SCN_06282018_164129.log

 

[Broni]

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

 

[Kevin Hill]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20.06.2018
Ran by kjh71leo (administrator) on KJH71LEO-PC (29-06-2018 19:50:48)
Running from C:\Users\kjh71leo\Downloads
Loaded Profiles: kjh71leo (Available Profiles: kjh71leo)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
() C:\Program Files\SpeedFan\speedfan.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

 

[Kevin Hill]

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-2561137282-779158263-157331328-1000\...\MountPoints2: {30bb44c1-7b82-11e8-b3a8-806e6f6e6963} - D:\Bin\ASSETUP.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5EFC777B-202A-48AC-B59B-7E22E0F29C33}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2561137282-779158263-157331328-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-ca/?ocid=iehp
BHO: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL [2011-03-30] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2561137282-779158263-157331328-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\IPSFFPlgn
FF Extension: (Symantec IPS) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\IPSFFPlgn [2018-06-29] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\coFFPlgn_2011_7_12_1
FF Extension: (Norton Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\coFFPlgn_2011_7_12_1 [2018-06-29] [Legacy] [not signed]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-29] (Google Inc.)

Chrome:
=======
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default [2018-06-29]
CHR Extension: (Slides) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-29]
CHR Extension: (Docs) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-29]
CHR Extension: (Google Drive) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-29]
CHR Extension: (YouTube) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-29]
CHR Extension: (Sheets) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-29]
CHR Extension: (AddToAny: Share Anywhere) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpgijchhhkhnokafdeklpllijgnbche [2018-06-29]
CHR Extension: (Google Docs Offline) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-06-29]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-06-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-29]
CHR Extension: (Gmail) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-29]
CHR Extension: (Chrome Media Router) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-29]

==================== Services (Whitelisted) ====================

 

[Kevin Hill]

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 NIS; C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-16] (Symantec Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
S2 PEVSystemStart; "C:\ComboFix\pev.3XE" EXEC /I PEV -rtd C:\* -output:"C:\ComboFix\temp2401" <==== ATTENTION

===================== Drivers (Whitelisted) ======================

 

[Kevin Hill]

If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\BASHDefs\20180627.006\BHDrvx86.sys [1409616 2018-06-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [392784 2018-06-29] (Symantec Corporation)
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\IPSDefs\20180628.061\IDSvix86.sys [1087064 2018-06-28] (Symantec Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-15] ()
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\VirusDefs\20180628.025\NAVENG.SYS [104832 2018-06-29] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\VirusDefs\20180628.025\NAVEX15.SYS [1648512 2018-06-29] (Symantec Corporation)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 SRTSP; C:\Windows\System32\Drivers\NIS\1207020.003\SRTSP.SYS [516216 2011-03-30] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1207020.003\SRTSPX.SYS [50168 2011-03-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1207020.003\SYMDS.SYS [340088 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1207020.003\SYMEFA.SYS [744568 2011-03-14] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [126584 2018-06-29] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1207020.003\Ironx86.SYS [136312 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NIS\1207020.003\SYMNETS.SYS [299640 2011-04-20] (Symantec Corporation)
S3 catchme; \??\C:\Users\kjh71leo\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

 

[Kevin Hill]

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-29 19:50 - 2018-06-29 19:51 - 000009538 _____ C:\Users\kjh71leo\Downloads\FRST.txt
2018-06-29 19:50 - 2018-06-29 19:50 - 001773056 _____ (Farbar) C:\Users\kjh71leo\Downloads\FRST.exe
2018-06-29 19:50 - 2018-06-29 19:50 - 000000000 ____D C:\Users\kjh71leo\Downloads\FRST-OlderVersion
2018-06-29 19:50 - 2018-06-29 19:50 - 000000000 ____D C:\FRST
2018-06-29 14:33 - 2018-06-29 14:33 - 000000000 ____D C:\Users\kjh71leo\AppData\Local\ElevatedDiagnostics
2018-06-29 12:58 - 2018-06-29 12:58 - 000003545 _____ C:\Users\kjh71leo\Desktop\JRT.txt
2018-06-29 12:56 - 2018-06-29 12:56 - 001790024 _____ (Malwarebytes) C:\Users\kjh71leo\Downloads\JRT.exe
2018-06-29 12:03 - 2018-06-29 12:03 - 130354992 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-06-29 12:03 - 2018-06-29 12:03 - 000000000 ____D C:\Windows\system32\MRT
2018-06-29 12:02 - 2018-06-29 12:02 - 130354992 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-06-29 11:57 - 2018-06-29 11:57 - 000000000 _____ C:\Windows\ativpsrm.bin
2018-06-29 11:48 - 2018-06-29 11:48 - 000000000 __SHD C:\found.000
2018-06-29 09:18 - 2017-04-27 18:50 - 003550208 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2018-06-29 06:52 - 2018-06-29 02:58 - 000000000 ____D C:\Windows\Panther
2018-06-29 06:29 - 2018-06-29 06:29 - 022696520 _____ (Adlice Software) C:\Users\kjh71leo\Downloads\RogueKiller_portable32 (5).exe
2018-06-29 06:27 - 2018-06-29 06:27 - 000000000 ____D C:\_OTL
2018-06-29 06:21 - 2018-06-29 06:21 - 000064080 _____ C:\Users\kjh71leo\Downloads\OTL.Txt
2018-06-29 06:21 - 2018-06-29 06:21 - 000028818 _____ C:\Users\kjh71leo\Downloads\Extras.Txt
2018-06-29 06:12 - 2018-06-29 06:13 - 022696520 _____ (Adlice Software) C:\Users\kjh71leo\Downloads\RogueKiller_portable32 (4).exe
2018-06-29 06:09 - 2018-06-29 06:09 - 022696520 _____ (Adlice Software) C:\Users\kjh71leo\Downloads\RogueKiller_portable32 (3).exe
2018-06-29 06:07 - 2018-06-29 06:07 - 022696520 _____ (Adlice Software) C:\Users\kjh71leo\Downloads\RogueKiller_portable32 (2).exe
2018-06-29 06:02 - 2018-06-29 06:02 - 022696520 _____ (Adlice Software) C:\Users\kjh71leo\Downloads\RogueKiller_portable32 (1).exe
2018-06-29 05:56 - 2018-06-29 12:53 - 000000000 ____D C:\ProgramData\RogueKiller
2018-06-29 05:56 - 2018-06-29 12:25 - 000024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2018-06-29 05:56 - 2018-06-29 05:56 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2018-06-29 05:56 - 2018-06-29 05:56 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2018-06-29 05:55 - 2018-06-29 05:56 - 022696520 _____ (Adlice Software) C:\Users\kjh71leo\Downloads\RogueKiller_portable32.exe
2018-06-29 05:54 - 2018-06-29 05:54 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2018-06-29 05:47 - 2018-06-29 09:07 - 000000000 ____D C:\Users\kjh71leo\AppData\Local\CrashDumps
2018-06-29 05:39 - 2011-04-09 01:56 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2018-06-29 05:35 - 2018-06-29 05:35 - 005198336 _____ (AVAST Software) C:\Users\kjh71leo\Downloads\aswMBR.exe
2018-06-29 05:32 - 2018-06-29 05:32 - 000602112 _____ (OldTimer Tools) C:\Users\kjh71leo\Downloads\OTL.exe
2018-06-29 05:29 - 2018-06-29 05:29 - 000001152 _____ C:\Users\Public\Desktop\Install Microsoft LifeCam.lnk
2018-06-29 05:24 - 2018-06-29 05:28 - 000000000 ___SD C:\ComboFix
2018-06-29 05:23 - 2018-06-29 05:23 - 000000000 ____D C:\def394338b7512135aaf961049ed6e
2018-06-29 05:21 - 2018-06-29 05:21 - 000000000 ____D C:\76f935be44b1d9836d8c03575b3feb
2018-06-29 05:15 - 2018-06-29 05:15 - 000000000 __RSH C:\MSDOS.SYS
2018-06-29 05:15 - 2018-06-29 05:15 - 000000000 __RSH C:\IO.SYS
2018-06-29 05:14 - 2018-06-29 05:14 - 000000000 ____D C:\255d07ea59cf289c3fd42b19c776
2018-06-29 05:11 - 2018-06-29 05:11 - 000000000 ____D C:\2031e9a89637de7fc9
2018-06-29 05:06 - 2018-06-29 05:06 - 000000000 ____D C:\a1656f6806fb704fba4c
2018-06-29 05:02 - 2018-06-29 05:03 - 000000000 ____D C:\8f18266f4d0489d168931934e49b3140
2018-06-29 05:00 - 2018-06-29 05:00 - 000000000 ____D C:\Qoobox
2018-06-29 05:00 - 2011-06-26 02:45 - 000256000 _____ C:\Windows\PEV.exe
2018-06-29 05:00 - 2010-11-07 13:20 - 000208896 _____ C:\Windows\MBR.exe
2018-06-29 05:00 - 2009-04-20 00:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2018-06-29 05:00 - 2000-08-30 20:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2018-06-29 05:00 - 2000-08-30 20:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2018-06-29 05:00 - 2000-08-30 20:00 - 000098816 _____ C:\Windows\sed.exe
2018-06-29 05:00 - 2000-08-30 20:00 - 000080412 _____ C:\Windows\grep.exe
2018-06-29 05:00 - 2000-08-30 20:00 - 000068096 _____ C:\Windows\zip.exe
2018-06-29 04:59 - 2018-06-29 04:59 - 000000000 ____D C:\Windows\erdnt
2018-06-29 04:58 - 2018-06-29 04:59 - 000000000 ____D C:\35ea76281e3a553f625fd02d4d03
2018-06-29 04:58 - 2018-06-29 04:58 - 005660124 ____R (Swearware) C:\Users\kjh71leo\Downloads\ComboFix.exe
2018-06-29 04:53 - 2012-07-25 23:39 - 000526952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2018-06-29 04:53 - 2012-07-25 23:39 - 000047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2018-06-29 04:53 - 2012-07-25 22:46 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2018-06-29 04:53 - 2012-06-02 10:34 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2018-06-29 04:52 - 2012-07-25 23:21 - 000196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2018-06-29 04:52 - 2012-07-25 23:20 - 000613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2018-06-29 04:52 - 2012-07-25 23:20 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2018-06-29 04:52 - 2012-07-25 23:20 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2018-06-29 04:52 - 2012-07-25 23:20 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2018-06-29 04:52 - 2012-07-25 22:33 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2018-06-29 04:52 - 2012-07-25 22:32 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2018-06-29 04:52 - 2012-06-02 10:57 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2018-06-29 04:50 - 2017-11-17 00:15 - 002402816 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-06-29 04:50 - 2017-11-07 12:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-06-29 04:50 - 2017-11-04 11:10 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-06-29 04:50 - 2017-11-04 11:10 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-06-29 04:50 - 2017-11-02 11:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2018-06-29 04:50 - 2017-11-02 11:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2018-06-29 04:50 - 2017-11-02 11:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2018-06-29 04:50 - 2017-11-02 10:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2018-06-29 04:50 - 2017-10-17 21:55 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-06-29 04:50 - 2017-10-17 21:55 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-06-29 04:50 - 2017-10-16 18:49 - 001213672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-06-29 04:50 - 2017-10-16 18:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2018-06-29 04:50 - 2017-10-16 17:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2018-06-29 04:50 - 2017-10-11 20:40 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2018-06-29 04:50 - 2017-10-11 20:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-06-29 04:50 - 2017-10-11 20:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-06-29 04:50 - 2017-10-11 20:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-06-29 04:50 - 2017-10-11 20:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost

 

[Kevin Hill]

2018-06-29 04:50 - 2017-10-11 20:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2018-06-29 04:50 - 2017-10-11 20:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2018-06-29 04:50 - 2017-10-11 20:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2018-06-29 04:50 - 2017-10-11 20:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2018-06-29 04:50 - 2017-10-11 20:16 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-06-29 04:50 - 2017-10-11 20:14 - 000247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2018-06-29 04:50 - 2017-10-11 20:14 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2018-06-29 04:50 - 2017-09-13 11:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2018-06-29 04:50 - 2017-09-13 11:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-06-29 04:50 - 2017-09-13 11:13 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-06-29 04:50 - 2017-09-13 11:13 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-06-29 04:50 - 2017-09-13 11:10 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-06-29 04:50 - 2017-09-13 11:08 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-06-29 04:50 - 2017-09-13 11:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-06-29 04:50 - 2017-09-13 11:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-06-29 04:50 - 2017-09-13 11:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-06-29 04:50 - 2017-09-13 11:08 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-06-29 04:50 - 2017-09-13 11:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-06-29 04:50 - 2017-09-13 11:08 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-06-29 04:50 - 2017-09-13 11:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-06-29 04:50 - 2017-09-13 11:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-06-29 04:50 - 2017-09-13 10:53 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2018-06-29 04:50 - 2017-09-13 10:50 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-06-29 04:50 - 2017-09-13 10:50 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-06-29 04:50 - 2017-09-13 10:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-06-29 04:50 - 2017-09-13 10:50 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-06-29 04:50 - 2017-09-13 10:50 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-06-29 04:50 - 2017-09-13 10:48 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-06-29 04:50 - 2017-09-13 10:46 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-06-29 04:50 - 2017-09-13 10:46 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-06-29 04:50 - 2017-09-13 10:46 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-06-29 04:50 - 2017-09-13 10:46 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-06-29 04:50 - 2017-09-13 10:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-06-29 04:50 - 2017-09-13 10:46 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-06-29 04:50 - 2017-09-13 10:46 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-06-29 04:50 - 2017-09-08 11:09 - 000306688 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-06-29 04:50 - 2017-09-08 10:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2018-06-29 04:50 - 2017-09-08 10:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2018-06-29 04:50 - 2017-09-07 11:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2018-06-29 04:50 - 2017-09-07 10:48 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-06-29 04:50 - 2017-09-07 10:48 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-06-29 04:50 - 2017-09-07 10:48 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-06-29 04:50 - 2017-09-07 09:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-06-29 04:50 - 2017-08-19 11:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-06-29 04:50 - 2017-08-19 11:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2018-06-29 04:50 - 2017-08-19 11:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-06-29 04:50 - 2017-08-19 11:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-06-29 04:50 - 2017-08-19 10:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-06-29 04:50 - 2017-08-19 10:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-06-29 04:50 - 2017-08-16 11:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2018-06-29 04:50 - 2017-08-15 11:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-06-29 04:50 - 2017-08-15 11:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-06-29 04:50 - 2017-08-14 13:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2018-06-29 04:50 - 2017-08-14 13:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2018-06-29 04:50 - 2017-08-14 13:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2018-06-29 04:50 - 2017-08-14 13:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2018-06-29 04:50 - 2017-08-14 13:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2018-06-29 04:50 - 2017-08-14 13:35 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2018-06-29 04:50 - 2017-08-13 17:35 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2018-06-29 04:50 - 2017-08-13 17:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe

 

[Kevin Hill]

2018-06-29 04:50 - 2017-08-11 02:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000781824 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000377344 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:10 - 000066048 _____ C:\Windows\system32\PrintBrmUi.exe
2018-06-29 04:50 - 2017-08-11 02:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2018-06-29 04:50 - 2017-08-11 02:09 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2018-06-29 04:50 - 2017-08-11 02:09 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2018-06-29 04:50 - 2017-08-11 02:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2018-06-29 04:50 - 2017-08-11 02:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-06-29 04:50 - 2017-08-11 01:58 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-06-29 04:50 - 2017-08-11 01:55 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2018-06-29 04:50 - 2017-08-11 01:55 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2018-06-29 04:50 - 2017-08-11 01:55 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 01:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 01:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 01:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-06-29 04:50 - 2017-07-29 10:50 - 000074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2018-06-29 04:50 - 2017-07-21 10:26 - 000518144 _____ C:\Windows\system32\msjetoledb40.dll
2018-06-29 04:50 - 2017-07-21 10:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll
2018-06-29 04:50 - 2017-07-21 10:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2018-06-29 04:50 - 2017-07-21 10:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2018-06-29 04:50 - 2017-07-14 11:10 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2018-06-29 04:50 - 2017-07-14 10:50 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2018-06-29 04:50 - 2017-07-14 10:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2018-06-29 04:50 - 2017-07-08 11:19 - 000250600 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-06-29 04:50 - 2017-07-07 11:15 - 000296680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2018-06-29 04:50 - 2017-07-07 11:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2018-06-29 04:50 - 2017-07-01 09:05 - 001311744 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2018-06-29 04:50 - 2017-07-01 09:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2018-06-29 04:50 - 2017-07-01 09:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2018-06-29 04:50 - 2017-07-01 09:05 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2018-06-29 04:50 - 2017-07-01 09:05 - 000375808 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2018-06-29 04:50 - 2017-07-01 09:05 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2018-06-29 04:50 - 2017-07-01 09:05 - 000310272 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2018-06-29 04:50 - 2017-07-01 09:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2018-06-29 04:50 - 2017-07-01 09:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2018-06-29 04:50 - 2017-06-15 16:18 - 000514048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-06-29 04:50 - 2017-06-12 18:29 - 001227264 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2018-06-29 04:50 - 2017-06-12 18:29 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2018-06-29 04:50 - 2017-06-12 18:29 - 000390144 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2018-06-29 04:50 - 2017-06-12 18:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2018-06-29 04:50 - 2017-06-12 18:06 - 000303616 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2018-06-29 04:50 - 2017-06-12 18:06 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2018-06-29 04:50 - 2017-06-12 18:06 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2018-06-29 04:50 - 2017-06-02 03:57 - 000497152 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2018-06-29 04:50 - 2017-05-30 00:39 - 001309928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-06-29 04:50 - 2017-05-30 00:39 - 000240872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-06-29 04:50 - 2017-05-30 00:39 - 000187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-06-29 04:50 - 2017-05-16 11:16 - 000730856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-06-29 04:50 - 2017-05-16 11:16 - 000218856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-06-29 04:50 - 2017-05-16 11:12 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2018-06-29 04:50 - 2017-05-12 14:03 - 001082368 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2018-06-29 04:50 - 2017-05-12 14:03 - 000813056 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2018-06-29 04:50 - 2017-05-10 11:16 - 000091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2018-06-29 04:50 - 2017-05-10 11:12 - 002953216 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-06-29 04:50 - 2017-05-10 11:12 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-06-29 04:50 - 2017-05-10 11:10 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2018-06-29 04:50 - 2017-05-10 11:01 - 002092032 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-06-29 04:50 - 2017-05-10 11:00 - 000573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-06-29 04:50 - 2017-05-10 11:00 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-06-29 04:50 - 2017-05-10 11:00 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-06-29 04:50 - 2017-05-10 11:00 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-06-29 04:50 - 2017-05-10 11:00 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-06-29 04:50 - 2017-05-10 11:00 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-06-29 04:50 - 2017-05-10 11:00 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-06-29 04:50 - 2017-05-07 11:14 - 000078568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2018-06-29 04:50 - 2017-05-07 10:53 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2018-06-29 04:50 - 2017-04-21 11:15 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2018-06-29 04:50 - 2017-04-17 11:12 - 000581632 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-06-29 04:50 - 2017-04-12 11:26 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-06-29 04:50 - 2017-04-12 11:25 - 001176064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2018-06-29 04:50 - 2017-04-12 11:25 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2018-06-29 04:50 - 2017-04-12 11:25 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2018-06-29 04:50 - 2017-04-04 10:52 - 000338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2018-06-29 04:50 - 2017-03-30 10:58 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
2018-06-29 04:50 - 2017-03-10 12:20 - 001508352 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2018-06-29 04:50 - 2017-03-10 12:20 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2018-06-29 04:50 - 2017-03-10 11:52 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2018-06-29 04:50 - 2017-03-10 11:51 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2018-06-29 04:50 - 2017-03-10 11:51 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2018-06-29 04:50 - 2017-03-07 12:17 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2018-06-29 04:50 - 2017-03-03 21:14 - 001329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2018-06-29 04:50 - 2017-03-03 21:14 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2018-06-29 04:50 - 2017-02-09 12:14 - 000575488 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2018-06-29 04:50 - 2017-02-09 12:14 - 000481792 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-06-29 04:50 - 2017-02-09 12:14 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-06-29 04:50 - 2017-02-09 12:14 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2018-06-29 04:50 - 2017-02-09 11:51 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-06-29 04:50 - 2017-01-13 13:45 - 000741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-06-29 04:50 - 2017-01-13 13:45 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-06-29 04:50 - 2017-01-11 13:43 - 001241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-06-29 04:50 - 2017-01-11 13:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-06-29 04:50 - 2016-11-20 12:19 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-06-29 04:50 - 2016-11-20 10:07 - 000373896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-06-29 04:50 - 2016-11-10 12:19 - 000811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2018-06-29 04:50 - 2016-11-09 12:24 - 000105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-06-29 04:50 - 2016-11-09 12:17 - 002365440 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-06-29 04:50 - 2016-11-09 12:17 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-06-29 04:50 - 2016-11-09 12:17 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-06-29 04:50 - 2016-11-09 12:17 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

 

[Kevin Hill]

2018-06-29 04:50 - 2016-11-09 12:17 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-06-29 04:50 - 2016-11-09 11:55 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-06-29 04:50 - 2016-10-11 11:18 - 001027584 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2018-06-29 04:50 - 2016-10-11 11:18 - 000701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2018-06-29 04:50 - 2016-10-11 11:18 - 000430080 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2018-06-29 04:50 - 2016-10-11 11:18 - 000202240 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2018-06-29 04:50 - 2016-10-11 11:18 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2018-06-29 04:50 - 2016-10-11 11:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2018-06-29 04:50 - 2016-10-11 11:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2018-06-29 04:50 - 2016-10-11 11:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2018-06-29 04:50 - 2016-10-11 11:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2018-06-29 04:50 - 2016-10-11 11:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2018-06-29 04:50 - 2016-10-11 11:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2018-06-29 04:50 - 2016-10-11 11:18 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2018-06-29 04:50 - 2016-10-11 10:53 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2018-06-29 04:50 - 2016-10-11 10:51 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2018-06-29 04:50 - 2016-10-11 09:18 - 000419648 _____ C:\Windows\system32\locale.nls
2018-06-29 04:50 - 2016-10-08 09:05 - 000534600 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-06-29 04:50 - 2016-10-07 11:12 - 002291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-06-29 04:50 - 2016-10-07 11:12 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2018-06-29 04:50 - 2016-10-05 10:50 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2018-06-29 04:50 - 2016-09-15 10:51 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2018-06-29 04:50 - 2016-09-12 16:49 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2018-06-29 04:50 - 2016-09-08 16:34 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2018-06-29 04:50 - 2016-09-08 16:34 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2018-06-29 04:50 - 2016-09-08 10:49 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2018-06-29 04:50 - 2016-09-08 10:49 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-06-29 04:50 - 2016-08-21 09:05 - 000935424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2018-06-29 04:50 - 2016-08-12 12:21 - 000437248 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2018-06-29 04:50 - 2016-08-06 11:15 - 001178112 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2018-06-29 04:50 - 2016-08-06 11:15 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2018-06-29 04:50 - 2016-08-06 11:15 - 000214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2018-06-29 04:50 - 2016-08-06 11:15 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2018-06-29 04:50 - 2016-08-06 11:15 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2018-06-29 04:50 - 2016-08-06 10:53 - 000199168 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2018-06-29 04:50 - 2016-08-06 10:53 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2018-06-29 04:50 - 2016-08-06 10:53 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2018-06-29 04:50 - 2016-06-14 11:17 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2018-06-29 04:50 - 2016-06-14 11:05 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2018-06-29 04:50 - 2016-06-14 10:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2018-06-29 04:50 - 2016-06-14 10:55 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2018-06-29 04:50 - 2016-06-14 10:54 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2018-06-29 04:50 - 2016-05-12 09:04 - 000249352 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2018-06-29 04:50 - 2016-03-23 18:42 - 000409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-06-29 04:50 - 2016-03-23 18:39 - 000470704 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-06-29 04:43 - 2016-08-29 10:55 - 002972672 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2018-06-29 04:41 - 2016-07-07 10:57 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2018-06-29 03:50 - 2010-12-23 01:54 - 000850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2018-06-29 03:50 - 2010-12-23 01:54 - 000642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2018-06-29 03:50 - 2010-12-23 01:54 - 000534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2018-06-29 03:50 - 2010-12-23 01:50 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2018-06-29 03:49 - 2015-12-10 14:30 - 000981504 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 011033088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 006035968 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 002088960 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 001267712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 000717312 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 000627712 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 000624640 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 000389120 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 000186368 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 000153088 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-06-29 03:49 - 2015-12-10 14:29 - 000132096 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2018-06-29 03:49 - 2015-12-10 14:29 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2018-06-29 03:49 - 2015-12-10 14:29 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2018-06-29 03:49 - 2015-12-10 14:28 - 001466368 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-06-29 03:49 - 2015-12-10 14:00 - 000386560 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-06-29 03:49 - 2015-12-10 13:45 - 001638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-06-29 03:30 - 2018-06-29 18:45 - 000000000 ____D C:\Program Files\SpeedFan
2018-06-29 03:30 - 2018-06-29 03:30 - 000000965 _____ C:\Users\kjh71leo\Desktop\SpeedFan.lnk
2018-06-29 03:30 - 2018-06-29 03:30 - 000000045 _____ C:\Windows\system32\initdebug.nfo
2018-06-29 03:30 - 2018-06-29 03:30 - 000000000 ____D C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2018-06-29 03:29 - 2018-06-29 03:29 - 003086696 _____ C:\Users\kjh71leo\Downloads\instspeedfan452.exe
2018-06-29 03:05 - 2018-06-29 03:05 - 000002242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-29 03:05 - 2018-06-29 03:05 - 000002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-29 03:04 - 2018-06-29 05:46 - 000000000 ____D C:\Users\kjh71leo\AppData\Local\Google
2018-06-29 03:04 - 2018-06-29 03:05 - 000000000 ____D C:\Program Files\Google
2018-06-29 03:04 - 2018-06-29 03:04 - 000057560 _____ C:\Users\kjh71leo\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-29 03:04 - 2018-06-29 03:04 - 000000000 ____D C:\Users\kjh71leo\AppData\Local\Deployment
2018-06-29 03:04 - 2018-06-29 03:04 - 000000000 ____D C:\Users\kjh71leo\AppData\Local\Apps\2.0
2018-06-29 03:03 - 2018-06-29 03:03 - 000000000 ____D C:\ProgramData\Symantec
2018-06-29 03:02 - 2018-06-29 08:51 - 000002414 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2018-06-29 03:02 - 2018-06-29 08:51 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2018-06-29 03:02 - 2018-06-29 08:51 - 000000000 ____D C:\Windows\system32\Drivers\NIS
2018-06-29 03:02 - 2018-06-29 03:06 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
2018-06-29 03:02 - 2018-06-29 03:03 - 000000000 ____D C:\ProgramData\Norton
2018-06-29 03:02 - 2018-06-29 03:03 - 000000000 ____D C:\Program Files\Symantec
2018-06-29 03:02 - 2018-06-29 03:02 - 000126584 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2018-06-29 03:02 - 2018-06-29 03:02 - 000007468 _____ C:\Windows\system32\Drivers\SYMEVENT.CAT
2018-06-29 03:02 - 2018-06-29 03:02 - 000000000 ____D C:\Program Files\Norton Internet Security
2018-06-29 03:01 - 2018-06-29 03:01 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2018-06-29 03:01 - 2018-06-29 03:01 - 000000000 ____D C:\Program Files\Realtek
2018-06-29 03:01 - 2011-06-10 02:34 - 000394856 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2018-06-29 03:01 - 2011-06-10 02:34 - 000100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2018-06-29 03:01 - 2011-06-10 02:34 - 000080416 _____ C:\Windows\system32\RtNicProp32.dll
2018-06-29 03:00 - 2018-06-29 03:01 - 000001769 _____ C:\Windows\Language_trs.ini
2018-06-29 03:00 - 2018-06-29 03:00 - 000032682 _____ C:\Windows\Ascd_tmp.ini
2018-06-29 03:00 - 2018-06-29 03:00 - 000000000 ____D C:\ProgramData\NortonInstaller
2018-06-29 03:00 - 2018-06-29 03:00 - 000000000 ____D C:\Program Files\NortonInstaller
2018-06-29 02:59 - 2018-06-29 02:59 - 000001413 _____ C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-06-29 02:58 - 2018-06-29 02:59 - 000000000 ____D C:\Users\kjh71leo
2018-06-29 02:58 - 2018-06-29 02:58 - 000000020 ___SH C:\Users\kjh71leo\ntuser.ini
2018-06-29 02:58 - 2018-06-29 02:58 - 000000000 ____D C:\Users\kjh71leo\AppData\Local\VirtualStore
2018-06-29 02:58 - 2011-04-11 22:24 - 000000000 ____D C:\Users\kjh71leo\AppData\Roaming\Media Center Programs

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-29 19:25 - 2009-07-14 00:34 - 000016848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-06-29 19:25 - 2009-07-14 00:34 - 000016848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-06-29 18:33 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\rescache
2018-06-29 17:31 - 2010-11-20 17:01 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-29 17:31 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\inf
2018-06-29 17:25 - 2009-07-14 00:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-29 11:57 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-06-29 11:50 - 2009-07-14 00:33 - 000266320 _____ C:\Windows\system32\FNTCACHE.DAT
2018-06-29 11:45 - 2009-07-14 00:52 - 000000000 ____D C:\Program Files\DVD Maker
2018-06-29 11:45 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\Setup
2018-06-29 11:45 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\migwiz
2018-06-29 11:45 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\Dism
2018-06-29 06:52 - 2009-07-14 00:52 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2018-06-29 05:56 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\sysprep
2018-06-29 05:53 - 2011-04-11 22:24 - 000000000 ____D C:\Windows\CSC
2018-06-29 03:04 - 2009-07-13 22:37 - 000000000 __RHD C:\Users\Public\Libraries
2018-06-29 03:03 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\NDF
2018-06-29 03:01 - 2009-07-13 22:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

Some files in TEMP:
====================
2018-06-29 08:34 - 2017-09-13 11:10 - 001310528 _____ (Microsoft Corporation) C:\Users\kjh71leo\AppData\Local\Temp\dllnt_dump.dll
2018-06-29 08:28 - 2018-06-29 18:45 - 000192512 _____ () C:\Users\kjh71leo\AppData\Local\Temp\sfamcc00001.dll
2018-06-29 18:45 - 2018-06-29 18:45 - 000158720 _____ () C:\Users\kjh71leo\AppData\Local\Temp\sfareca00001.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-29 09:54

==================== End of FRST.txt ============================

 

[Kevin Hill]

Users shortcut scan result (x86) Version: 20.06.2018
Ran by kjh71leo (29-06-2018 19:51:39)
Running from C:\Users\kjh71leo\Downloads
Boot Mode: Normal

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Norton Internet Security.lnk -> C:\Program Files\Norton Internet Security\Engine\18.7.2.3\uistub.exe (Symantec Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Norton Recovery Tools.LNK -> C:\Program Files\Norton Internet Security\MUI\18.7.2.3\images\cssbase.dll (Symantec Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\GameExplorer.lnk -> C:\Windows\System32\gameux.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\kjh71leo\Links\Desktop.lnk -> C:\Users\kjh71leo\Desktop ()
Shortcut: C:\Users\kjh71leo\Links\Downloads.lnk -> C:\Users\kjh71leo\Downloads ()
Shortcut: C:\Users\kjh71leo\Links\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\kjh71leo\Desktop\SpeedFan.lnk -> C:\Program Files\SpeedFan\speedfan.exe ()
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\Help and HOW-TO.lnk -> C:\Program Files\SpeedFan\speedfan.chm ()
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\Release info.lnk -> C:\Program Files\SpeedFan\speedfan.txt ()
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\SpeedFan.lnk -> C:\Program Files\SpeedFan\speedfan.exe ()
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan\Uninstall SpeedFan.lnk -> C:\Program Files\SpeedFan\uninstall.exe ()
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Install Microsoft LifeCam.lnk -> C:\Windows\System32\LCCoin36.dll (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Norton Internet Security.lnk -> C:\Program Files\Norton Internet Security\Engine\18.7.2.3\uistub.exe (Symantec Corporation)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\LiveUpdate.lnk -> C:\Program Files\Norton Internet Security\Engine\18.7.2.3\uistub.exe (Symantec Corporation) -> /lu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Support.lnk -> C:\Program Files\Norton Internet Security\Engine\18.7.2.3\uistub.exe (Symantec Corporation) -> /ocs
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security\Uninstall Norton Internet Security.lnk -> C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\18.7.2.3\inststub.exe (Symantec Corporation) -> /X /shortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\kjh71leo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1


InternetURL: C:\Users\kjh71leo\Favorites\Windows Live\Get Windows Live.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\kjh71leo\Favorites\Windows Live\Windows Live Gallery.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\kjh71leo\Favorites\Windows Live\Windows Live Mail.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\kjh71leo\Favorites\Windows Live\Windows Live Spaces.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\kjh71leo\Favorites\MSN Websites\MSN Autos.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\kjh71leo\Favorites\MSN Websites\MSN Entertainment.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\kjh71leo\Favorites\MSN Websites\MSN Money.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\kjh71leo\Favorites\MSN Websites\MSN Sports.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\kjh71leo\Favorites\MSN Websites\MSN.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\kjh71leo\Favorites\MSN Websites\MSNBC News.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\kjh71leo\Favorites\Microsoft Websites\IE Add-on site.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\kjh71leo\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\kjh71leo\Favorites\Microsoft Websites\Microsoft At Home.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Users\kjh71leo\Favorites\Microsoft Websites\Microsoft At Work.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Users\kjh71leo\Favorites\Microsoft Websites\Microsoft Store.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\kjh71leo\Favorites\Links for United States\GobiernoUSA.gov.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129792
InternetURL: C:\Users\kjh71leo\Favorites\Links for United States\USA.gov.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129791
InternetURL: C:\Users\kjh71leo\Favorites\Links\Suggested Sites.url -> URL: hxxps://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\kjh71leo\Favorites\Links\Web Slice Gallery.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=121315

==================== End of Shortcut.txt =============================

 

[Broni]

FRST creates two logs: FRST.txt and Addition.txt.
The second log is missing.

 

[Kevin Hill]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20.06.2018
Ran by kjh71leo (administrator) on KJH71LEO-PC (30-06-2018 05:57:20)
Running from C:\Users\kjh71leo\Downloads
Loaded Profiles: kjh71leo (Available Profiles: kjh71leo)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==========================

 

[Kevin Hill]

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-2561137282-779158263-157331328-1000\...\MountPoints2: {30bb44c1-7b82-11e8-b3a8-806e6f6e6963} - D:\Bin\ASSETUP.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5EFC777B-202A-48AC-B59B-7E22E0F29C33}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2561137282-779158263-157331328-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-ca/?ocid=iehp
BHO: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
BHO: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL [2011-03-30] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2561137282-779158263-157331328-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07] (Symantec Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\IPSFFPlgn
FF Extension: (Symantec IPS) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\IPSFFPlgn [2018-06-29] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\coFFPlgn_2011_7_13_2
FF Extension: (Norton Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\coFFPlgn_2011_7_13_2 [2018-06-30] [Legacy] [not signed]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-29] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-29] (Google Inc.)

Chrome:
=======
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default [2018-06-30]
CHR Extension: (Slides) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-29]
CHR Extension: (Docs) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-29]
CHR Extension: (Google Drive) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-29]
CHR Extension: (YouTube) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-29]
CHR Extension: (Sheets) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-29]
CHR Extension: (AddToAny: Share Anywhere) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpgijchhhkhnokafdeklpllijgnbche [2018-06-29]
CHR Extension: (Google Docs Offline) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-06-29]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-06-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-29]
CHR Extension: (Gmail) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-29]
CHR Extension: (Chrome Media Router) - C:\Users\kjh71leo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-29]

==================== Services (Whitelisted) ====================

 

[Kevin Hill]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 NIS; C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-16] (Symantec Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 PEVSystemStart; "C:\ComboFix\pev.3XE" EXEC /I PEV -rtd C:\* -output:"C:\ComboFix\temp2401" <==== ATTENTION

===================== Drivers (Whitelisted) ======================

 

[Kevin Hill]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\BASHDefs\20180627.006\BHDrvx86.sys [1409616 2018-06-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [392784 2018-06-29] (Symantec Corporation)
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\IPSDefs\20180628.061\IDSvix86.sys [1087064 2018-06-28] (Symantec Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-15] ()
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\VirusDefs\20180628.025\NAVENG.SYS [104832 2018-06-29] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.6.0.29\Definitions\VirusDefs\20180628.025\NAVEX15.SYS [1648512 2018-06-29] (Symantec Corporation)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 SRTSP; C:\Windows\System32\Drivers\NIS\1207020.003\SRTSP.SYS [516216 2011-03-30] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1207020.003\SRTSPX.SYS [50168 2011-03-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1207020.003\SYMDS.SYS [340088 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1207020.003\SYMEFA.SYS [744568 2011-03-14] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [126584 2018-06-29] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1207020.003\Ironx86.SYS [136312 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NIS\1207020.003\SYMNETS.SYS [299640 2011-04-20] (Symantec Corporation)
S3 catchme; \??\C:\Users\kjh71leo\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
U3 aswMBR; \??\C:\Users\kjh71leo\AppData\Local\Temp\aswMBR.sys [X] <==== ATTENTION
U3 aswVmm; \??\C:\Users\kjh71leo\AppData\Local\Temp\aswVmm.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

 

[Kevin Hill]

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-30 04:41 - 2018-06-30 04:41 - 000000000 ____D C:\Program Files\Common Files\AV
2018-06-30 04:40 - 2018-06-30 04:40 - 000000000 ____D C:\Users\kjh71leo\AppData\Roaming\Adobe
2018-06-30 04:35 - 2018-06-30 04:35 - 000000000 ___SD C:\Windows\system32\CompatTel
2018-06-30 04:35 - 2018-06-30 04:35 - 000000000 ____D C:\Windows\system32\appraiser
2018-06-30 03:23 - 2014-06-30 18:14 - 000008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2018-06-30 03:23 - 2014-06-06 02:16 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2018-06-30 03:23 - 2014-03-09 17:47 - 000619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2018-06-30 03:23 - 2014-03-09 17:47 - 000099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2018-06-30 03:23 - 2012-03-01 01:46 - 000019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2018-06-30 03:23 - 2012-03-01 01:29 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 019607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 012829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 004305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-06-30 03:06 - 2018-06-30 03:06 - 002278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 002052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-06-30 03:06 - 2018-06-30 03:06 - 001950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-06-30 03:06 - 2018-06-30 03:06 - 000664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-06-30 03:06 - 2018-06-30 03:06 - 000645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2018-06-30 03:06 - 2018-06-30 03:06 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-06-30 03:06 - 2018-06-30 03:06 - 000285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2018-06-30 03:06 - 2018-06-30 03:06 - 000139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2018-06-30 03:06 - 2018-06-30 03:06 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-06-30 03:06 - 2018-06-30 03:06 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-06-30 03:06 - 2018-06-30 03:06 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2018-06-30 03:06 - 2018-06-30 03:06 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2018-06-30 03:06 - 2018-06-30 03:06 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-06-30 03:06 - 2018-06-30 03:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2018-06-30 03:06 - 2018-06-30 03:06 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2018-06-30 03:06 - 2018-06-30 03:06 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2018-06-30 03:06 - 2018-06-30 03:06 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2018-06-30 03:06 - 2018-06-30 03:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 003419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 002284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 001988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 001247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 001230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 001158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 001080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 000906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 000604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 000364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 000220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 000207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 000187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 000161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 000010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 000009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 000005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 000005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2018-06-30 03:05 - 2018-06-30 03:05 - 000002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2018-06-30 03:04 - 2018-06-30 03:04 - 001505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2018-06-30 03:03 - 2015-07-30 09:13 - 000103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2018-06-29 21:18 - 2018-03-14 13:18 - 000116928 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-06-29 21:18 - 2018-03-14 13:14 - 000535040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-06-29 21:18 - 2018-03-14 09:04 - 001893376 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-06-29 21:18 - 2018-03-14 09:04 - 001319424 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-06-29 21:18 - 2018-03-14 09:04 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-06-29 21:18 - 2018-03-14 09:04 - 000507392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-06-29 21:18 - 2018-03-14 09:04 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-06-29 21:18 - 2018-03-14 09:04 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-06-29 21:18 - 2018-03-14 09:04 - 000238592 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-06-29 21:18 - 2018-03-14 09:04 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-06-29 21:18 - 2014-12-11 13:47 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2018-06-29 21:18 - 2014-10-24 21:32 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2018-06-29 21:18 - 2014-07-08 21:29 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2018-06-29 21:18 - 2014-07-08 21:29 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2018-06-29 21:18 - 2014-07-08 21:29 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2018-06-29 21:18 - 2014-07-08 21:29 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2018-06-29 21:18 - 2014-07-08 21:29 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2018-06-29 19:51 - 2018-06-29 19:51 - 000021797 _____ C:\Users\kjh71leo\Downloads\Shortcut.txt
2018-06-29 19:51 - 2018-06-29 19:51 - 000014630 _____ C:\Users\kjh71leo\Downloads\Addition.txt
2018-06-29 19:50 - 2018-06-30 05:57 - 000010687 _____ C:\Users\kjh71leo\Downloads\FRST.txt
2018-06-29 19:50 - 2018-06-30 05:57 - 000000000 ____D C:\FRST
2018-06-29 19:50 - 2018-06-29 19:50 - 001773056 _____ (Farbar) C:\Users\kjh71leo\Downloads\FRST.exe
2018-06-29 19:50 - 2018-06-29 19:50 - 000000000 ____D C:\Users\kjh71leo\Downloads\FRST-OlderVersion
2018-06-29 14:33 - 2018-06-29 14:33 - 000000000 ____D C:\Users\kjh71leo\AppData\Local\ElevatedDiagnostics
2018-06-29 12:58 - 2018-06-29 12:58 - 000003545 _____ C:\Users\kjh71leo\Desktop\JRT.txt
2018-06-29 12:56 - 2018-06-29 12:56 - 001790024 _____ (Malwarebytes) C:\Users\kjh71leo\Downloads\JRT.exe
2018-06-29 12:03 - 2018-06-29 12:03 - 130354992 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-06-29 12:03 - 2018-06-29 12:03 - 000000000 ____D C:\Windows\system32\MRT
2018-06-29 12:02 - 2018-06-29 12:02 - 130354992 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-06-29 11:57 - 2018-06-29 11:57 - 000000000 _____ C:\Windows\ativpsrm.bin
2018-06-29 11:48 - 2018-06-29 11:48 - 000000000 __SHD C:\found.000
2018-06-29 09:18 - 2017-04-27 18:50 - 003550208 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2018-06-29 06:52 - 2018-06-29 02:58 - 000000000 ____D C:\Windows\Panther
2018-06-29 06:29 - 2018-06-29 06:29 - 022696520 _____ (Adlice Software) C:\Users\kjh71leo\Downloads\RogueKiller_portable32 (5).exe
2018-06-29 06:27 - 2018-06-29 06:27 - 000000000 ____D C:\_OTL
2018-06-29 06:21 - 2018-06-29 06:21 - 000064080 _____ C:\Users\kjh71leo\Downloads\OTL.Txt
2018-06-29 06:21 - 2018-06-29 06:21 - 000028818 _____ C:\Users\kjh71leo\Downloads\Extras.Txt
2018-06-29 06:12 - 2018-06-29 06:13 - 022696520 _____ (Adlice Software) C:\Users\kjh71leo\Downloads\RogueKiller_portable32 (4).exe
2018-06-29 06:09 - 2018-06-29 06:09 - 022696520 _____ (Adlice Software) C:\Users\kjh71leo\Downloads\RogueKiller_portable32 (3).exe
2018-06-29 06:07 - 2018-06-29 06:07 - 022696520 _____ (Adlice Software) C:\Users\kjh71leo\Downloads\RogueKiller_portable32 (2).exe
2018-06-29 06:02 - 2018-06-29 06:02 - 022696520 _____ (Adlice Software) C:\Users\kjh71leo\Downloads\RogueKiller_portable32 (1).exe
2018-06-29 05:56 - 2018-06-29 12:53 - 000000000 ____D C:\ProgramData\RogueKiller
2018-06-29 05:56 - 2018-06-29 12:25 - 000024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2018-06-29 05:56 - 2018-06-29 05:56 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2018-06-29 05:56 - 2018-06-29 05:56 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2018-06-29 05:55 - 2018-06-29 05:56 - 022696520 _____ (Adlice Software) C:\Users\kjh71leo\Downloads\RogueKiller_portable32.exe
2018-06-29 05:54 - 2018-06-29 05:54 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2018-06-29 05:47 - 2018-06-29 09:07 - 000000000 ____D C:\Users\kjh71leo\AppData\Local\CrashDumps
2018-06-29 05:39 - 2011-04-09 01:56 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2018-06-29 05:35 - 2018-06-29 05:35 - 005198336 _____ (AVAST Software) C:\Users\kjh71leo\Downloads\aswMBR.exe
2018-06-29 05:32 - 2018-06-29 05:32 - 000602112 _____ (OldTimer Tools) C:\Users\kjh71leo\Downloads\OTL.exe
2018-06-29 05:29 - 2018-06-29 05:29 - 000001152 _____ C:\Users\Public\Desktop\Install Microsoft LifeCam.lnk
2018-06-29 05:24 - 2018-06-29 05:28 - 000000000 ___SD C:\ComboFix
2018-06-29 05:23 - 2018-06-29 05:23 - 000000000 ____D C:\def394338b7512135aaf961049ed6e
2018-06-29 05:21 - 2018-06-29 05:21 - 000000000 ____D C:\76f935be44b1d9836d8c03575b3feb
2018-06-29 05:15 - 2018-06-29 05:15 - 000000000 __RSH C:\MSDOS.SYS
2018-06-29 05:15 - 2018-06-29 05:15 - 000000000 __RSH C:\IO.SYS
2018-06-29 05:14 - 2018-06-29 05:14 - 000000000 ____D C:\255d07ea59cf289c3fd42b19c776
2018-06-29 05:11 - 2018-06-29 05:11 - 000000000 ____D C:\2031e9a89637de7fc9
2018-06-29 05:06 - 2018-06-29 05:06 - 000000000 ____D C:\a1656f6806fb704fba4c
2018-06-29 05:02 - 2018-06-29 05:03 - 000000000 ____D C:\8f18266f4d0489d168931934e49b3140
2018-06-29 05:00 - 2018-06-29 05:00 - 000000000 ____D C:\Qoobox
2018-06-29 05:00 - 2011-06-26 02:45 - 000256000 _____ C:\Windows\PEV.exe
2018-06-29 05:00 - 2010-11-07 13:20 - 000208896 _____ C:\Windows\MBR.exe
2018-06-29 05:00 - 2009-04-20 00:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2018-06-29 05:00 - 2000-08-30 20:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2018-06-29 05:00 - 2000-08-30 20:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2018-06-29 05:00 - 2000-08-30 20:00 - 000098816 _____ C:\Windows\sed.exe
2018-06-29 05:00 - 2000-08-30 20:00 - 000080412 _____ C:\Windows\grep.exe
2018-06-29 05:00 - 2000-08-30 20:00 - 000068096 _____ C:\Windows\zip.exe
2018-06-29 04:59 - 2018-06-29 04:59 - 000000000 ____D C:\Windows\erdnt
2018-06-29 04:58 - 2018-06-29 04:59 - 000000000 ____D C:\35ea76281e3a553f625fd02d4d03
2018-06-29 04:58 - 2018-06-29 04:58 - 005660124 ____R (Swearware) C:\Users\kjh71leo\Downloads\ComboFix.exe
2018-06-29 04:53 - 2012-07-25 23:39 - 000047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2018-06-29 04:53 - 2012-07-25 22:46 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2018-06-29 04:53 - 2012-06-02 10:34 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2018-06-29 04:52 - 2015-08-05 13:41 - 000751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-06-29 04:52 - 2012-07-25 23:21 - 000196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2018-06-29 04:52 - 2012-07-25 23:20 - 000613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2018-06-29 04:52 - 2012-07-25 23:20 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2018-06-29 04:52 - 2012-07-25 23:20 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2018-06-29 04:52 - 2012-07-25 23:20 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2018-06-29 04:52 - 2012-07-25 22:33 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2018-06-29 04:52 - 2012-07-25 22:32 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2018-06-29 04:52 - 2012-06-02 10:57 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2018-06-29 04:51 - 2014-11-10 22:44 - 000186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2018-06-29 04:50 - 2017-11-17 00:15 - 002402816 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-06-29 04:50 - 2017-11-07 12:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-06-29 04:50 - 2017-11-04 11:10 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-06-29 04:50 - 2017-11-04 11:10 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-06-29 04:50 - 2017-11-02 11:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2018-06-29 04:50 - 2017-11-02 11:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2018-06-29 04:50 - 2017-11-02 11:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2018-06-29 04:50 - 2017-11-02 10:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2018-06-29 04:50 - 2017-10-17 21:55 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-06-29 04:50 - 2017-10-17 21:55 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-06-29 04:50 - 2017-10-16 18:49 - 001213672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-06-29 04:50 - 2017-10-16 18:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2018-06-29 04:50 - 2017-10-16 17:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2018-06-29 04:50 - 2017-10-11 20:40 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2018-06-29 04:50 - 2017-10-11 20:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-06-29 04:50 - 2017-10-11 20:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-06-29 04:50 - 2017-10-11 20:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-06-29 04:50 - 2017-10-11 20:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-06-29 04:50 - 2017-10-11 20:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2018-06-29 04:50 - 2017-10-11 20:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2018-06-29 04:50 - 2017-10-11 20:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2018-06-29 04:50 - 2017-10-11 20:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2018-06-29 04:50 - 2017-10-11 20:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2018-06-29 04:50 - 2017-10-11 20:16 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-06-29 04:50 - 2017-10-11 20:14 - 000247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2018-06-29 04:50 - 2017-10-11 20:14 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2018-06-29 04:50 - 2017-09-13 11:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2018-06-29 04:50 - 2017-09-13 11:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-06-29 04:50 - 2017-09-13 11:13 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-06-29 04:50 - 2017-09-13 11:13 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-06-29 04:50 - 2017-09-13 11:10 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-06-29 04:50 - 2017-09-13 11:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-06-29 04:50 - 2017-09-13 11:08 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-06-29 04:50 - 2017-09-13 11:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-06-29 04:50 - 2017-09-13 11:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-06-29 04:50 - 2017-09-13 11:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-06-29 04:50 - 2017-09-13 11:08 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-06-29 04:50 - 2017-09-13 11:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-06-29 04:50 - 2017-09-13 11:08 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-06-29 04:50 - 2017-09-13 11:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-06-29 04:50 - 2017-09-13 11:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-06-29 04:50 - 2017-09-13 10:53 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys

 

[Kevin Hill]

2018-06-29 04:50 - 2017-09-13 10:50 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-06-29 04:50 - 2017-09-13 10:50 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-06-29 04:50 - 2017-09-13 10:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-06-29 04:50 - 2017-09-13 10:50 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-06-29 04:50 - 2017-09-13 10:50 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-06-29 04:50 - 2017-09-13 10:48 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-06-29 04:50 - 2017-09-13 10:46 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-06-29 04:50 - 2017-09-13 10:46 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-06-29 04:50 - 2017-09-13 10:46 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-06-29 04:50 - 2017-09-13 10:46 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-06-29 04:50 - 2017-09-13 10:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-06-29 04:50 - 2017-09-13 10:46 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-06-29 04:50 - 2017-09-13 10:46 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-06-29 04:50 - 2017-09-08 11:09 - 000306688 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-06-29 04:50 - 2017-09-08 10:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2018-06-29 04:50 - 2017-09-08 10:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2018-06-29 04:50 - 2017-09-07 11:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2018-06-29 04:50 - 2017-09-07 10:48 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-06-29 04:50 - 2017-09-07 10:48 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-06-29 04:50 - 2017-09-07 10:48 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-06-29 04:50 - 2017-09-07 09:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-06-29 04:50 - 2017-09-07 09:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-06-29 04:50 - 2017-08-19 11:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-06-29 04:50 - 2017-08-19 11:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2018-06-29 04:50 - 2017-08-19 11:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-06-29 04:50 - 2017-08-19 11:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-06-29 04:50 - 2017-08-19 10:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-06-29 04:50 - 2017-08-19 10:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-06-29 04:50 - 2017-08-16 11:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2018-06-29 04:50 - 2017-08-15 11:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-06-29 04:50 - 2017-08-15 11:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-06-29 04:50 - 2017-08-14 13:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2018-06-29 04:50 - 2017-08-14 13:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2018-06-29 04:50 - 2017-08-14 13:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2018-06-29 04:50 - 2017-08-14 13:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2018-06-29 04:50 - 2017-08-14 13:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2018-06-29 04:50 - 2017-08-14 13:35 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2018-06-29 04:50 - 2017-08-13 17:35 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2018-06-29 04:50 - 2017-08-13 17:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2018-06-29 04:50 - 2017-08-11 02:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000781824 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000377344 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 02:10 - 000066048 _____ C:\Windows\system32\PrintBrmUi.exe

 

[Kevin Hill]

2018-06-29 04:50 - 2017-08-11 02:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2018-06-29 04:50 - 2017-08-11 02:09 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2018-06-29 04:50 - 2017-08-11 02:09 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2018-06-29 04:50 - 2017-08-11 02:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2018-06-29 04:50 - 2017-08-11 02:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-06-29 04:50 - 2017-08-11 01:58 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-06-29 04:50 - 2017-08-11 01:55 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2018-06-29 04:50 - 2017-08-11 01:55 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2018-06-29 04:50 - 2017-08-11 01:55 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 01:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 01:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-06-29 04:50 - 2017-08-11 01:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-06-29 04:50 - 2017-07-29 10:50 - 000074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2018-06-29 04:50 - 2017-07-21 10:26 - 000518144 _____ C:\Windows\system32\msjetoledb40.dll
2018-06-29 04:50 - 2017-07-21 10:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll
2018-06-29 04:50 - 2017-07-21 10:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2018-06-29 04:50 - 2017-07-21 10:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2018-06-29 04:50 - 2017-07-14 11:10 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2018-06-29 04:50 - 2017-07-14 10:50 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2018-06-29 04:50 - 2017-07-14 10:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2018-06-29 04:50 - 2017-07-08 11:19 - 000250600 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-06-29 04:50 - 2017-07-07 11:15 - 000296680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2018-06-29 04:50 - 2017-07-07 11:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2018-06-29 04:50 - 2017-07-01 09:05 - 001311744 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2018-06-29 04:50 - 2017-07-01 09:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2018-06-29 04:50 - 2017-07-01 09:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2018-06-29 04:50 - 2017-07-01 09:05 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2018-06-29 04:50 - 2017-07-01 09:05 - 000375808 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2018-06-29 04:50 - 2017-07-01 09:05 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2018-06-29 04:50 - 2017-07-01 09:05 - 000310272 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2018-06-29 04:50 - 2017-07-01 09:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2018-06-29 04:50 - 2017-07-01 09:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2018-06-29 04:50 - 2017-06-15 16:18 - 000514048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-06-29 04:50 - 2017-06-12 18:29 - 001227264 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2018-06-29 04:50 - 2017-06-12 18:29 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2018-06-29 04:50 - 2017-06-12 18:29 - 000390144 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2018-06-29 04:50 - 2017-06-12 18:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2018-06-29 04:50 - 2017-06-12 18:06 - 000303616 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2018-06-29 04:50 - 2017-06-12 18:06 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2018-06-29 04:50 - 2017-06-12 18:06 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2018-06-29 04:50 - 2017-06-02 03:57 - 000497152 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2018-06-29 04:50 - 2017-05-30 00:39 - 001309928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-06-29 04:50 - 2017-05-30 00:39 - 000240872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-06-29 04:50 - 2017-05-30 00:39 - 000187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-06-29 04:50 - 2017-05-16 11:16 - 000730856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-06-29 04:50 - 2017-05-16 11:16 - 000218856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-06-29 04:50 - 2017-05-16 11:12 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2018-06-29 04:50 - 2017-05-10 11:16 - 000091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2018-06-29 04:50 - 2017-05-10 11:12 - 002953216 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-06-29 04:50 - 2017-05-10 11:12 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-06-29 04:50 - 2017-05-10 11:10 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2018-06-29 04:50 - 2017-05-10 11:01 - 002092032 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-06-29 04:50 - 2017-05-10 11:00 - 000573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-06-29 04:50 - 2017-05-10 11:00 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-06-29 04:50 - 2017-05-10 11:00 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-06-29 04:50 - 2017-05-10 11:00 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-06-29 04:50 - 2017-05-10 11:00 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-06-29 04:50 - 2017-05-10 11:00 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-06-29 04:50 - 2017-05-10 11:00 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-06-29 04:50 - 2017-05-07 11:14 - 000078568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2018-06-29 04:50 - 2017-05-07 10:53 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2018-06-29 04:50 - 2017-04-21 11:15 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2018-06-29 04:50 - 2017-04-17 11:12 - 000581632 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-06-29 04:50 - 2017-04-12 11:26 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2018-06-29 04:50 - 2017-04-12 11:25 - 001176064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2018-06-29 04:50 - 2017-04-12 11:25 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2018-06-29 04:50 - 2017-04-12 11:25 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2018-06-29 04:50 - 2017-04-04 10:52 - 000338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2018-06-29 04:50 - 2017-03-30 10:58 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
2018-06-29 04:50 - 2017-03-10 12:20 - 001508352 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2018-06-29 04:50 - 2017-03-10 12:20 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2018-06-29 04:50 - 2017-03-10 11:52 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2018-06-29 04:50 - 2017-03-10 11:51 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2018-06-29 04:50 - 2017-03-10 11:51 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2018-06-29 04:50 - 2017-03-07 12:17 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2018-06-29 04:50 - 2017-03-03 21:14 - 001329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2018-06-29 04:50 - 2017-03-03 21:14 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2018-06-29 04:50 - 2017-02-09 12:14 - 000575488 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2018-06-29 04:50 - 2017-02-09 12:14 - 000481792 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2018-06-29 04:50 - 2017-02-09 12:14 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2018-06-29 04:50 - 2017-02-09 12:14 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2018-06-29 04:50 - 2017-02-09 11:51 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2018-06-29 04:50 - 2017-01-13 13:45 - 000741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-06-29 04:50 - 2017-01-13 13:45 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-06-29 04:50 - 2017-01-11 13:43 - 001241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-06-29 04:50 - 2017-01-11 13:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-06-29 04:50 - 2016-11-20 12:19 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-06-29 04:50 - 2016-11-20 10:07 - 000373896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-06-29 04:50 - 2016-11-10 12:19 - 000811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2018-06-29 04:50 - 2016-11-09 12:24 - 000105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-06-29 04:50 - 2016-11-09 12:17 - 002365440 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-06-29 04:50 - 2016-11-09 12:17 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-06-29 04:50 - 2016-11-09 12:17 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-06-29 04:50 - 2016-11-09 12:17 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-06-29 04:50 - 2016-11-09 12:17 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-06-29 04:50 - 2016-11-09 11:55 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-06-29 04:50 - 2016-10-11 11:18 - 001027584 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2018-06-29 04:50 - 2016-10-11 11:18 - 000701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2018-06-29 04:50 - 2016-10-11 11:18 - 000430080 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2018-06-29 04:50 - 2016-10-11 11:18 - 000202240 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2018-06-29 04:50 - 2016-10-11 11:18 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2018-06-29 04:50 - 2016-10-11 11:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2018-06-29 04:50 - 2016-10-11 11:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2018-06-29 04:50 - 2016-10-11 11:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2018-06-29 04:50 - 2016-10-11 11:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2018-06-29 04:50 - 2016-10-11 11:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2018-06-29 04:50 - 2016-10-11 11:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2018-06-29 04:50 - 2016-10-11 11:18 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2018-06-29 04:50 - 2016-10-11 10:51 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe

 

[Kevin Hill]

2018-06-29 04:50 - 2016-10-11 09:18 - 000419648 _____ C:\Windows\system32\locale.nls
2018-06-29 04:50 - 2016-10-08 09:05 - 000534600 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-06-29 04:50 - 2016-10-07 11:12 - 002291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-06-29 04:50 - 2016-10-07 11:12 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2018-06-29 04:50 - 2016-10-05 10:50 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2018-06-29 04:50 - 2016-09-15 10:51 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2018-06-29 04:50 - 2016-09-12 16:49 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2018-06-29 04:50 - 2016-09-08 16:34 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2018-06-29 04:50 - 2016-09-08 16:34 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2018-06-29 04:50 - 2016-09-08 10:49 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2018-06-29 04:50 - 2016-09-08 10:49 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-06-29 04:50 - 2016-08-21 09:05 - 000935424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2018-06-29 04:50 - 2016-08-12 12:21 - 000437248 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2018-06-29 04:50 - 2016-08-06 11:15 - 001178112 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2018-06-29 04:50 - 2016-08-06 11:15 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2018-06-29 04:50 - 2016-08-06 11:15 - 000214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2018-06-29 04:50 - 2016-08-06 11:15 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2018-06-29 04:50 - 2016-08-06 11:15 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2018-06-29 04:50 - 2016-08-06 10:53 - 000199168 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2018-06-29 04:50 - 2016-08-06 10:53 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2018-06-29 04:50 - 2016-08-06 10:53 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2018-06-29 04:50 - 2016-06-14 11:21 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2018-06-29 04:50 - 2016-06-14 11:17 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2018-06-29 04:50 - 2016-06-14 11:05 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2018-06-29 04:50 - 2016-06-14 10:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2018-06-29 04:50 - 2016-06-14 10:55 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2018-06-29 04:50 - 2016-06-14 10:54 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2018-06-29 04:50 - 2016-05-12 09:04 - 000249352 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2018-06-29 04:50 - 2016-03-23 18:42 - 000409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-06-29 04:50 - 2016-03-23 18:39 - 000470704 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-06-29 04:46 - 2011-03-03 01:38 - 000270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-06-29 04:46 - 2011-03-03 01:38 - 000132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-06-29 04:46 - 2011-03-03 01:36 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2018-06-29 04:45 - 2016-05-12 11:18 - 000606720 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2018-06-29 04:45 - 2016-05-12 11:18 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2018-06-29 04:45 - 2016-05-12 11:18 - 000351744 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2018-06-29 04:45 - 2016-05-12 11:18 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2018-06-29 04:45 - 2016-05-12 11:18 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2018-06-29 04:45 - 2016-05-12 11:18 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2018-06-29 04:45 - 2016-05-12 11:18 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2018-06-29 04:45 - 2016-05-12 10:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2018-06-29 04:45 - 2016-05-12 10:57 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2018-06-29 04:45 - 2015-10-29 13:50 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2018-06-29 04:45 - 2015-10-29 13:49 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2018-06-29 04:45 - 2015-10-29 13:49 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2018-06-29 04:45 - 2015-10-29 13:49 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2018-06-29 04:45 - 2015-07-15 13:55 - 001159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-06-29 04:45 - 2014-03-04 05:17 - 000538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2018-06-29 04:45 - 2014-03-04 05:17 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2018-06-29 04:45 - 2014-03-04 05:17 - 000049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2018-06-29 04:45 - 2014-03-04 05:17 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2018-06-29 04:45 - 2014-03-04 05:17 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2018-06-29 04:45 - 2014-03-04 05:17 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2018-06-29 04:45 - 2014-03-04 05:17 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2018-06-29 04:45 - 2013-10-18 21:36 - 000159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2018-06-29 04:45 - 2013-10-11 22:04 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2018-06-29 04:45 - 2013-10-11 22:03 - 000163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2018-06-29 04:45 - 2013-10-11 21:15 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2018-06-29 04:45 - 2013-10-11 21:15 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2018-06-29 04:45 - 2012-08-21 16:12 - 000245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2018-06-29 04:45 - 2011-08-17 00:24 - 000465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2018-06-29 04:45 - 2011-08-17 00:19 - 000075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2018-06-29 04:45 - 2011-05-24 06:44 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2018-06-29 04:44 - 2016-03-09 14:34 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2018-06-29 04:44 - 2015-11-03 14:55 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2018-06-29 04:44 - 2015-10-13 00:50 - 000712640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-06-29 04:44 - 2015-03-04 00:10 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2018-06-29 04:44 - 2014-09-04 01:04 - 000372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2018-06-29 04:44 - 2014-01-27 22:07 - 000185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2018-06-29 04:44 - 2013-05-09 23:20 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2018-06-29 04:44 - 2013-03-18 23:33 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2018-06-29 04:44 - 2011-12-30 01:27 - 000478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2018-06-29 04:44 - 2011-08-27 00:26 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2018-06-29 04:43 - 2016-08-29 10:55 - 002972672 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2018-06-29 04:43 - 2015-07-22 13:53 - 000635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2018-06-29 04:43 - 2015-04-10 23:07 - 000054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2018-06-29 04:43 - 2014-02-03 22:07 - 000234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-06-29 04:43 - 2014-02-03 22:07 - 000149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2018-06-29 04:43 - 2014-02-03 22:07 - 000027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2018-06-29 04:43 - 2014-02-03 22:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2018-06-29 04:43 - 2013-05-12 23:08 - 000903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2018-06-29 04:43 - 2013-05-12 23:08 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2018-06-29 04:43 - 2012-10-03 12:42 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2018-06-29 04:43 - 2012-10-03 12:42 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2018-06-29 04:43 - 2012-10-03 12:40 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2018-06-29 04:42 - 2015-07-09 13:42 - 001372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2018-06-29 04:42 - 2015-07-09 13:42 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2018-06-29 04:42 - 2014-06-17 21:51 - 000646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2018-06-29 04:42 - 2012-07-04 17:16 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll

 

[Kevin Hill]

2018-06-29 04:42 - 2012-07-04 17:14 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2018-06-29 04:42 - 2012-07-04 17:14 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2018-06-29 04:42 - 2011-02-12 01:35 - 000191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2018-06-29 04:41 - 2016-07-07 10:57 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2018-06-29 04:41 - 2015-05-25 14:01 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2018-06-29 04:41 - 2015-05-25 14:00 - 000364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2018-06-29 04:41 - 2015-05-25 14:00 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2018-06-29 04:41 - 2015-05-25 14:00 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2018-06-29 04:41 - 2015-05-25 14:00 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2018-06-29 04:41 - 2015-05-25 14:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2018-06-29 03:50 - 2015-04-17 22:56 - 000342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-06-29 03:50 - 2010-12-23 01:54 - 000850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2018-06-29 03:50 - 2010-12-23 01:54 - 000642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2018-06-29 03:50 - 2010-12-23 01:54 - 000534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2018-06-29 03:50 - 2010-12-23 01:50 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2018-06-29 03:49 - 2015-12-08 17:53 - 000509952 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2018-06-29 03:49 - 2015-11-05 15:02 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2018-06-29 03:49 - 2015-11-05 05:48 - 000117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2018-06-29 03:49 - 2015-04-12 23:19 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2018-06-29 03:49 - 2014-12-18 22:43 - 000164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2018-06-29 03:49 - 2014-08-01 07:35 - 000793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2018-06-29 03:49 - 2014-06-18 18:23 - 001131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2018-06-29 03:49 - 2014-06-18 18:23 - 000156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2018-06-29 03:49 - 2014-06-18 18:23 - 000081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2018-06-29 03:49 - 2012-12-07 08:26 - 000308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2018-06-29 03:49 - 2012-12-07 08:20 - 002576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2018-06-29 03:49 - 2012-12-07 06:46 - 000055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2018-06-29 03:49 - 2012-12-07 06:46 - 000051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2018-06-29 03:49 - 2012-12-07 06:46 - 000046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2018-06-29 03:49 - 2012-12-07 06:46 - 000045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2018-06-29 03:49 - 2012-12-07 06:46 - 000044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2018-06-29 03:49 - 2012-12-07 06:46 - 000043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2018-06-29 03:49 - 2012-12-07 06:46 - 000040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2018-06-29 03:49 - 2012-12-07 06:46 - 000030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2018-06-29 03:49 - 2012-12-07 06:46 - 000023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2018-06-29 03:49 - 2012-12-07 06:46 - 000021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2018-06-29 03:49 - 2012-12-07 06:46 - 000020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2018-06-29 03:49 - 2012-12-07 06:46 - 000020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2018-06-29 03:49 - 2012-12-07 06:46 - 000020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2018-06-29 03:49 - 2012-12-07 06:46 - 000015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2018-06-29 03:49 - 2011-11-17 01:35 - 000314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2018-06-29 03:36 - 2016-02-05 14:44 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2018-06-29 03:36 - 2016-02-05 13:33 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2018-06-29 03:36 - 2015-11-13 18:50 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2018-06-29 03:36 - 2015-11-13 18:50 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2018-06-29 03:36 - 2015-11-13 18:49 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2018-06-29 03:36 - 2015-06-03 16:22 - 000355456 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2018-06-29 03:36 - 2015-02-02 23:12 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2018-06-29 03:36 - 2014-10-29 21:45 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2018-06-29 03:36 - 2014-07-16 21:40 - 000157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2018-06-29 03:36 - 2014-07-16 21:39 - 003221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-06-29 03:36 - 2014-07-16 21:39 - 001051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2018-06-29 03:36 - 2014-07-16 21:39 - 000304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-06-29 03:36 - 2014-07-16 21:39 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2018-06-29 03:36 - 2014-07-16 21:39 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2018-06-29 03:36 - 2014-07-16 21:03 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2018-06-29 03:36 - 2013-10-11 22:03 - 000656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-06-29 03:36 - 2013-10-11 22:01 - 000679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-06-29 03:36 - 2013-10-11 22:01 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2018-06-29 03:36 - 2013-08-04 21:56 - 000133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2018-06-29 03:36 - 2013-02-14 23:25 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2018-06-29 03:36 - 2012-09-25 18:47 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2018-06-29 03:36 - 2012-04-26 00:45 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2018-06-29 03:36 - 2012-04-26 00:41 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2018-06-29 03:36 - 2012-03-17 03:27 - 000056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2018-06-29 03:36 - 2012-01-04 04:58 - 000442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2018-06-29 03:36 - 2011-12-16 03:52 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2018-06-29 03:35 - 2016-05-11 11:19 - 000351744 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-06-29 03:35 - 2016-05-11 11:19 - 000231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2018-06-29 03:35 - 2016-05-11 11:19 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2018-06-29 03:35 - 2015-12-08 17:54 - 001620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2018-06-29 03:35 - 2015-12-08 17:54 - 001568768 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2018-06-29 03:35 - 2015-12-08 17:54 - 001325056 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2018-06-29 03:35 - 2015-12-08 17:54 - 001202688 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2018-06-29 03:35 - 2015-12-08 17:54 - 000902144 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2018-06-29 03:35 - 2015-12-08 17:54 - 000815616 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2018-06-29 03:35 - 2015-12-08 17:54 - 000740352 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2018-06-29 03:35 - 2015-12-08 17:54 - 000739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2018-06-29 03:35 - 2015-12-08 17:54 - 000665088 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2018-06-29 03:35 - 2015-12-08 17:54 - 000541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2018-06-29 03:35 - 2015-12-08 17:54 - 000358400 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2018-06-29 03:35 - 2015-12-08 17:54 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2018-06-29 03:35 - 2015-12-08 17:53 - 000970240 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2018-06-29 03:35 - 2015-12-08 17:53 - 000829952 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2018-06-29 03:35 - 2015-12-08 17:53 - 000728576 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2018-06-29 03:35 - 2015-12-08 17:53 - 000609280 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2018-06-29 03:35 - 2015-12-08 17:53 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2018-06-29 03:35 - 2015-12-08 17:53 - 000338944 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2018-06-29 03:35 - 2015-12-08 17:53 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2018-06-29 03:35 - 2015-12-08 17:53 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2018-06-29 03:35 - 2015-12-08 17:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2018-06-29 03:35 - 2015-12-08 17:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2018-06-29 03:35 - 2015-12-08 17:53 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2018-06-29 03:35 - 2015-12-08 17:53 - 000153600 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2018-06-29 03:35 - 2015-12-08 17:53 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2018-06-29 03:35 - 2015-12-08 17:53 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2018-06-29 03:35 - 2015-12-08 17:53 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2018-06-29 03:35 - 2015-12-08 17:53 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2018-06-29 03:35 - 2015-12-08 17:43 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2018-06-29 03:35 - 2015-12-08 17:11 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2018-06-29 03:35 - 2015-12-08 17:11 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2018-06-29 03:35 - 2015-07-14 22:55 - 001390592 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-06-29 03:35 - 2015-07-14 22:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2018-06-29 03:35 - 2015-07-14 22:51 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-06-29 03:35 - 2015-06-01 19:47 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2018-06-29 03:35 - 2014-12-05 23:50 - 000242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-06-29 03:35 - 2013-12-03 22:03 - 000428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2018-06-29 03:35 - 2013-12-03 22:03 - 000423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2018-06-29 03:35 - 2013-12-03 22:03 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2018-06-29 03:35 - 2013-12-03 22:03 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2018-06-29 03:35 - 2013-12-03 22:02 - 000390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2018-06-29 03:35 - 2013-12-03 21:54 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2018-06-29 03:35 - 2013-12-03 21:54 - 000572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2018-06-29 03:35 - 2013-12-03 21:54 - 000510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2018-06-29 03:35 - 2013-12-03 21:54 - 000508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2018-06-29 03:35 - 2013-07-12 06:08 - 000146816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2018-06-29 03:35 - 2013-07-12 06:07 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2018-06-29 03:35 - 2013-07-12 06:07 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2018-06-29 03:35 - 2013-06-25 18:56 - 000527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2018-06-29 03:35 - 2012-10-09 13:40 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2018-06-29 03:35 - 2012-10-09 13:40 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2018-06-29 03:35 - 2012-10-03 12:42 - 000156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-06-29 03:35 - 2012-10-03 12:42 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-06-29 03:35 - 2011-03-11 01:33 - 001164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2018-06-29 03:35 - 2011-03-11 01:33 - 001137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2018-06-29 03:34 - 2015-04-24 13:56 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2018-06-29 03:34 - 2014-12-07 22:46 - 000308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2018-06-29 03:34 - 2014-10-13 21:50 - 000523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2018-06-29 03:30 - 2018-06-29 18:45 - 000000000 ____D C:\Program Files\SpeedFan
2018-06-29 03:30 - 2018-06-29 03:30 - 000000965 _____ C:\Users\kjh71leo\Desktop\SpeedFan.lnk
2018-06-29 03:30 - 2018-06-29 03:30 - 000000045 _____ C:\Windows\system32\initdebug.nfo
2018-06-29 03:30 - 2018-06-29 03:30 - 000000000 ____D C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2018-06-29 03:29 - 2018-06-29 03:29 - 003086696 _____ C:\Users\kjh71leo\Downloads\instspeedfan452.exe
2018-06-29 03:21 - 2012-02-17 00:13 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2018-06-29 03:05 - 2018-06-29 03:05 - 000002242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-29 03:05 - 2018-06-29 03:05 - 000002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-29 03:04 - 2018-06-29 05:46 - 000000000 ____D C:\Users\kjh71leo\AppData\Local\Google
2018-06-29 03:04 - 2018-06-29 03:05 - 000000000 ____D C:\Program Files\Google
2018-06-29 03:04 - 2018-06-29 03:04 - 000057560 _____ C:\Users\kjh71leo\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-29 03:04 - 2018-06-29 03:04 - 000000000 ____D C:\Users\kjh71leo\AppData\Local\Deployment
2018-06-29 03:04 - 2018-06-29 03:04 - 000000000 ____D C:\Users\kjh71leo\AppData\Local\Apps\2.0
2018-06-29 03:03 - 2018-06-29 03:03 - 000000000 ____D C:\ProgramData\Symantec
2018-06-29 03:02 - 2018-06-29 08:51 - 000002414 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2018-06-29 03:02 - 2018-06-29 08:51 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2018-06-29 03:02 - 2018-06-29 08:51 - 000000000 ____D C:\Windows\system32\Drivers\NIS
2018-06-29 03:02 - 2018-06-29 03:06 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
2018-06-29 03:02 - 2018-06-29 03:03 - 000000000 ____D C:\ProgramData\Norton
2018-06-29 03:02 - 2018-06-29 03:03 - 000000000 ____D C:\Program Files\Symantec
2018-06-29 03:02 - 2018-06-29 03:02 - 000126584 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2018-06-29 03:02 - 2018-06-29 03:02 - 000007468 _____ C:\Windows\system32\Drivers\SYMEVENT.CAT
2018-06-29 03:02 - 2018-06-29 03:02 - 000000000 ____D C:\Program Files\Norton Internet Security
2018-06-29 03:01 - 2018-06-29 03:01 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2018-06-29 03:01 - 2018-06-29 03:01 - 000000000 ____D C:\Program Files\Realtek
2018-06-29 03:01 - 2011-06-10 02:34 - 000394856 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2018-06-29 03:01 - 2011-06-10 02:34 - 000100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2018-06-29 03:01 - 2011-06-10 02:34 - 000080416 _____ C:\Windows\system32\RtNicProp32.dll
2018-06-29 03:00 - 2018-06-29 03:01 - 000001769 _____ C:\Windows\Language_trs.ini
2018-06-29 03:00 - 2018-06-29 03:00 - 000032682 _____ C:\Windows\Ascd_tmp.ini
2018-06-29 03:00 - 2018-06-29 03:00 - 000000000 ____D C:\ProgramData\NortonInstaller
2018-06-29 03:00 - 2018-06-29 03:00 - 000000000 ____D C:\Program Files\NortonInstaller
2018-06-29 02:59 - 2018-06-29 02:59 - 000001413 _____ C:\Users\kjh71leo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-06-29 02:58 - 2018-06-29 02:59 - 000000000 ____D C:\Users\kjh71leo
2018-06-29 02:58 - 2018-06-29 02:58 - 000000020 ___SH C:\Users\kjh71leo\ntuser.ini
2018-06-29 02:58 - 2018-06-29 02:58 - 000000000 ____D C:\Users\kjh71leo\AppData\Local\VirtualStore
2018-06-29 02:58 - 2011-04-11 22:24 - 000000000 ____D C:\Users\kjh71leo\AppData\Roaming\Media Center Programs

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-30 05:16 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\rescache
2018-06-30 04:44 - 2010-11-20 17:01 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-30 04:44 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\inf
2018-06-30 04:39 - 2009-07-14 00:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-30 04:39 - 2009-07-14 00:34 - 000016848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-06-30 04:39 - 2009-07-14 00:34 - 000016848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-06-30 04:39 - 2009-07-14 00:33 - 000267016 _____ C:\Windows\system32\FNTCACHE.DAT
2018-06-30 04:35 - 2009-07-14 00:52 - 000000000 ____D C:\Program Files\Windows Defender
2018-06-30 04:35 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\Dism
2018-06-30 04:35 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2018-06-30 04:35 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-06-30 04:35 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\AppCompat
2018-06-30 04:35 - 2009-07-13 22:37 - 000000000 ____D C:\Program Files\Common Files\System
2018-06-29 11:45 - 2009-07-14 00:52 - 000000000 ____D C:\Program Files\DVD Maker
2018-06-29 11:45 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\Setup
2018-06-29 11:45 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\migwiz
2018-06-29 06:52 - 2009-07-14 00:52 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2018-06-29 05:56 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\sysprep
2018-06-29 05:53 - 2011-04-11 22:24 - 000000000 ____D C:\Windows\CSC
2018-06-29 03:04 - 2009-07-13 22:37 - 000000000 __RHD C:\Users\Public\Libraries
2018-06-29 03:03 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\NDF
2018-06-29 03:01 - 2009-07-13 22:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

Some files in TEMP:
====================
2018-06-29 08:34 - 2017-09-13 11:10 - 001310528 _____ (Microsoft Corporation) C:\Users\kjh71leo\AppData\Local\Temp\dllnt_dump.dll
2018-06-29 08:28 - 2018-06-29 18:45 - 000192512 _____ () C:\Users\kjh71leo\AppData\Local\Temp\sfamcc00001.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-29 09:54

==================== End of FRST.txt ============================

 

[Kevin Hill]

New rogue killer scan rootkit unknown location, hook

 

[Broni]

You posted FRST.txt again.
I need the other log - Addition.txt