Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by M (administrator) on M (31-01-2018 09:46:38)
Running from C:\Users\M\Downloads
Loaded Profiles: M (Available Profiles: M)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.7\EMP_UDSA.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\Temp\irstrtsv\scrncap.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Akamai Technologies, Inc.) C:\Users\M\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Akamai Technologies, Inc.) C:\Users\M\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe
(PFU LIMITED) C:\Program Files (x86)\PFU\ScanSnap\Driver\SSDriver\fi5110\SsWiaChecker.exe
(PFU Limited) C:\Program Files (x86)\PFU\ScanSnap\Update\SsUWatcher.exe
(PFU LIMITED) C:\Program Files (x86)\PFU\ScanSnap\SSFolder\SSFolderTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8721656 2016-03-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MA3Firmware] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-03-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-03-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-03-09] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-10-28] (Intel Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5773640 2013-08-22] (Dell Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-10-28] (Apple Inc.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-08-03] (Intel Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-11-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2017-11-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [EPSON_UD_START] => C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.7\EMP_UD.exe [538728 2014-04-23] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ScanSnap WIA Service Checker] => C:\Program Files (x86)\PFU\ScanSnap\Driver\SSDriver\fi5110\SsWiaChecker.exe [86016 2016-02-18] (PFU LIMITED)
HKLM-x32\...\Run: [ScanSnap OnlineUpdate Watcher] => C:\Program Files (x86)\PFU\ScanSnap\Update\SsUWatcher.exe [454144 2016-09-06] (PFU Limited)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKU\S-1-5-21-2810527709-413825500-1257755514-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886768 2017-11-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-2810527709-413825500-1257755514-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10024624 2017-11-08] (Piriform Ltd)
HKU\S-1-5-21-2810527709-413825500-1257755514-1002\...\Run: [Akamai NetSession Interface] => C:\Users\M\AppData\Local\Akamai\netsession_win.exe [4490200 2017-09-08] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2810527709-413825500-1257755514-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3101984 2017-10-11] (Valve Corporation)
HKU\S-1-5-21-2810527709-413825500-1257755514-1002\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2810527709-413825500-1257755514-1002\...\Run: [HP Officejet Pro 8600 (NET) #2] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2810527709-413825500-1257755514-1002\...\RunOnce: [Uninstall 17.3.7131.1115\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\M\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\amd64"
HKU\S-1-5-21-2810527709-413825500-1257755514-1002\...\RunOnce: [Uninstall 17.3.7131.1115] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\M\AppData\Local\Microsoft\OneDrive\17.3.7131.1115"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScanSnap Manager.lnk [2017-07-31]
ShortcutTarget: ScanSnap Manager.lnk -> C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe (PFU Limited)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5a5e6b4c-640e-4bcf-90aa-facbf65cdb35}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2810527709-413825500-1257755514-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-01-18] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-01-18] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-19] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-19] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2810527709-413825500-1257755514-1002 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/US/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://paychex.webex.com/client/WBXclient-31.14.3-30/webex/ieatgpc1.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-18] (Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-27]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-11-25] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-11] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-11] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-11-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2810527709-413825500-1257755514-1002: @citrixonline.com/appdetectorplugin -> C:\Users\M\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-07-14] (Citrix Online)
FF Plugin HKU\S-1-5-21-2810527709-413825500-1257755514-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\M\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-22] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\M\AppData\Local\Google\Chrome\User Data\Default [2018-01-31]
CHR Extension: (Slides) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Docs) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-16]
CHR Extension: (YouTube) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-16]
CHR Extension: (Adobe Acrobat) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-13]
CHR Extension: (Sheets) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Google Docs Offline) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-27]
CHR Extension: (Gmail) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01]
CHR Extension: (Chrome Media Router) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-14]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [683696 2015-11-16] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-10-20] (BitRaider, LLC)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-10-09] (BitRaider, LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761584 2017-12-23] (Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2017-12-14] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294608 2017-12-14] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2017-12-14] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [232320 2017-11-21] (Dell Inc.)
R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [115632 2013-08-03] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [148688 2013-08-03] (Intel Corporation)
S2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [124880 2013-08-03] (Intel Corporation)
R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\Epson USB Display V1.7\EMP_UDSA.exe [166504 2014-04-23] (SEIKO EPSON CORPORATION)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-14] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-10-28] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2016-11-11] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2017-02-28] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-19] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [783264 2013-09-08] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-11] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-14] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-14] (NVIDIA Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [316152 2016-03-09] (Realtek Semiconductor)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2017-12-22] (Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [263264 2017-02-16] (Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-19] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-19] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-10-09] (BitRaider)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2014-11-04] (BitRaider)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2017-12-14] (Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
R3 DptfDevDram; C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys [143568 2013-08-03] (Intel Corporation)
R3 DptfDevGen; C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys [76432 2013-08-03] (Intel Corporation)
R3 DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [114680 2013-08-03] (Intel Corporation)
R3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [287160 2013-08-03] (Intel Corporation)
R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [494272 2013-08-03] (Intel Corporation)
R3 eppvad_simple; C:\WINDOWS\system32\drivers\EMP_UDAU.sys [23040 2014-04-23] (SEIKO EPSON CORPORATION)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-29] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 irstrtdv; C:\WINDOWS\System32\drivers\irstrtdv.sys [20192 2013-09-08] (Intel Corporation)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193968 2018-01-25] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2018-01-25] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2018-01-25] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-01-25] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2018-01-31] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-11] (Intel Corporation)
R1 MpKsla099b9fe; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{70248895-6863-4F11-9EBA-495ECC8FCE81}\MpKsla099b9fe.sys [58120 2018-01-30] (Microsoft Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-09-29] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_96feac2ff3979cc1\nvlddmkm.sys [14249416 2016-10-05] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
R3 SensorsAlsDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [259584 2017-09-29] (Microsoft Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72288 2017-02-16] (Synaptics Incorporated)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [83456 2013-08-06] (STMicroelectronics)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-19] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-19] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-19] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-29 17:54 - 2018-01-29 17:54 - 000019331 _____ C:\Users\M\Downloads\sos.update.9557.1.29.18.xlsx
2018-01-27 00:32 - 2018-01-27 00:32 - 000019548 _____ C:\Users\M\Downloads\sos.update.9557.1.26.18.xlsx
2018-01-26 12:37 - 2018-01-26 12:37 - 000205567 _____ C:\Users\M\Downloads\DOC012618-01262018122950.pdf
2018-01-25 20:29 - 2018-01-25 20:29 - 000001120 _____ C:\Users\M\Documents\AdwCleaner[C0].txt
2018-01-25 20:26 - 2018-01-30 16:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-01-25 20:20 - 2018-01-25 20:20 - 000001226 _____ C:\Users\M\Documents\Malwarebytes.txt
2018-01-25 20:15 - 2018-01-25 20:15 - 000005906 _____ C:\Users\M\Documents\rk_83D6.tmp.txt
2018-01-25 19:36 - 2018-01-25 19:36 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-01-25 19:29 - 2018-01-25 20:28 - 000000000 ____D C:\AdwCleaner
2018-01-25 19:29 - 2018-01-25 19:29 - 008206624 _____ (Malwarebytes) C:\Users\M\Downloads\AdwCleaner.exe
2018-01-25 19:28 - 2018-01-25 20:27 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-01-25 19:28 - 2018-01-25 19:28 - 000193968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-01-25 19:28 - 2018-01-25 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-01-25 19:27 - 2018-01-25 19:27 - 082302320 _____ (Malwarebytes ) C:\Users\M\Downloads\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3780.exe
2018-01-25 19:25 - 2018-01-25 19:29 - 000000000 ____D C:\ProgramData\RogueKiller
2018-01-25 19:25 - 2018-01-25 19:25 - 000000906 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2018-01-25 19:25 - 2018-01-25 19:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-01-25 19:25 - 2018-01-25 19:25 - 000000000 ____D C:\Program Files\RogueKiller
2018-01-25 19:23 - 2018-01-25 19:23 - 036412224 _____ (Adlice Software ) C:\Users\M\Downloads\RogueKiller_setup_ref3.exe
2018-01-25 18:17 - 2018-01-25 18:17 - 000003584 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-mpipis@sbcglobal.net
2018-01-25 14:47 - 2018-01-25 14:47 - 000048668 _____ C:\Users\M\Documents\Addition.txt
2018-01-25 14:46 - 2018-01-25 14:46 - 000076789 _____ C:\Users\M\Documents\FRST.txt
2018-01-25 14:01 - 2018-01-25 14:01 - 000048665 _____ C:\Users\M\Downloads\Addition.txt
2018-01-25 14:00 - 2018-01-31 09:46 - 000027639 _____ C:\Users\M\Downloads\FRST.txt
2018-01-25 14:00 - 2018-01-31 09:46 - 000000000 ____D C:\FRST
2018-01-25 14:00 - 2018-01-31 09:45 - 000000000 ____D C:\Users\M\Downloads\FRST-OlderVersion
2018-01-25 13:59 - 2018-01-31 09:45 - 002393088 _____ (Farbar) C:\Users\M\Downloads\FRST64.exe
2018-01-25 12:48 - 2018-01-25 12:48 - 000947062 _____ C:\Users\M\Documents\Scan0025.pdf
2018-01-24 12:45 - 2018-01-24 12:45 - 000017394 _____ C:\Users\M\Downloads\export (9).xlsx
2018-01-23 20:18 - 2018-01-23 20:18 - 000018734 _____ C:\Users\M\Downloads\sos.update.9557.1.23.18.xlsx
2018-01-23 17:16 - 2018-01-23 17:16 - 001534173 _____ C:\Users\M\Documents\Scan0024.pdf
2018-01-23 16:38 - 2018-01-23 16:38 - 000148883 _____ C:\Users\M\Downloads\Fax_20180116_717227430.pdf
2018-01-23 16:38 - 2018-01-23 16:38 - 000126839 _____ C:\Users\M\Downloads\Fax_20180117_717345992.pdf
2018-01-23 15:10 - 2018-01-23 15:10 - 003076696 _____ C:\Users\M\Downloads\Gilmore Rhonda Multipayer enroll.pdf
2018-01-23 15:09 - 2018-01-23 15:09 - 000510291 _____ C:\Users\M\Downloads\Single ID EFS (1).pdf
2018-01-23 15:08 - 2018-01-23 15:08 - 000010389 _____ C:\Users\M\Downloads\Acceptable Signatures.pdf
2018-01-22 22:46 - 2018-01-22 22:46 - 000018067 _____ C:\Users\M\Downloads\sos.update.9557.1.22.2018.xlsx
2018-01-19 18:33 - 2018-01-31 09:45 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-01-19 18:33 - 2018-01-25 20:26 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-01-19 18:33 - 2018-01-25 19:28 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-01-19 18:33 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-01-19 18:32 - 2018-01-19 18:32 - 000000000 ____D C:\Program Files\Malwarebytes
2018-01-19 16:06 - 2018-01-19 16:06 - 000000346 _____ C:\Users\M\Downloads\Export (3).CSV
2018-01-19 15:51 - 2018-01-19 15:51 - 000017480 _____ C:\Users\M\Downloads\Export (2).CSV
2018-01-19 15:47 - 2018-01-19 15:47 - 000000702 _____ C:\Users\M\Downloads\Export (1).CSV
2018-01-19 15:45 - 2018-01-19 15:45 - 000012243 _____ C:\Users\M\Downloads\Export.CSV
2018-01-18 15:02 - 2018-01-18 15:02 - 000015642 _____ C:\Users\M\Downloads\2018.sos.1.18.2018.ii.xlsx
2018-01-17 16:55 - 2018-01-17 16:55 - 001053120 _____ C:\Users\M\Documents\Scan0023.pdf
2018-01-17 16:46 - 2018-01-17 17:06 - 000087552 _____ C:\Users\M\Downloads\11054596_Check_Reconciliation_Data_Wed_Jan_17_16_45_00_EST_2018.xls
2018-01-17 16:41 - 2018-01-17 16:42 - 000011353 _____ C:\Users\M\Downloads\export (8).xlsx
2018-01-17 16:37 - 2018-01-17 16:37 - 000935626 _____ C:\Users\M\Documents\Scan0022.pdf
2018-01-17 16:33 - 2018-01-17 16:33 - 000069567 _____ C:\Users\M\Documents\Scan0021.pdf
2018-01-17 16:32 - 2018-01-17 16:32 - 001059580 _____ C:\Users\M\Documents\Scan0020.pdf
2018-01-15 15:52 - 2018-01-15 15:52 - 000933730 _____ C:\Users\M\Documents\Scan0019.pdf
2018-01-15 15:51 - 2018-01-15 15:51 - 000866569 _____ C:\Users\M\Documents\Scan0018.pdf
2018-01-15 15:14 - 2018-01-15 15:14 - 000042456 _____ C:\Users\M\Documents\Copy of rep_11054596_PYRJRN_Fri_Jan_12_14_36_41_EST_2018_XLSX_0.xlsx
2018-01-13 02:17 - 2018-01-13 02:17 - 012585192 _____ C:\Users\M\Documents\L0803340.pdf
2018-01-13 01:48 - 2018-01-13 01:48 - 013075476 _____ C:\Users\M\Downloads\L0803340.pdf
2018-01-12 14:38 - 2018-01-12 14:38 - 000023576 _____ C:\Users\M\Downloads\reports_20180112143857.zip
2018-01-12 14:27 - 2018-01-12 14:27 - 003074579 _____ C:\Users\M\Documents\Scan0017.pdf
2018-01-12 13:38 - 2018-01-12 13:38 - 000023606 _____ C:\Users\M\Downloads\reports_20180112133759.zip
2018-01-12 13:04 - 2018-01-12 13:04 - 000229372 _____ C:\Users\M\Downloads\Blank Preview Agreement Health Link HCBS Waiver Program (1).pdf
2018-01-12 09:46 - 2018-01-12 09:46 - 000003494 _____ C:\Users\M\Downloads\reports_20180112094648.zip
2018-01-12 00:51 - 2018-01-12 00:51 - 000023635 _____ C:\Users\M\Downloads\reports_20180112005107.zip
2018-01-11 17:39 - 2018-01-11 17:39 - 000376768 _____ C:\Users\M\Downloads\11054596_Employee_Data_for_Time_Clocks_Thu_Jan_11_17_38_00_EST_2018.xls
2018-01-11 16:38 - 2018-01-11 16:38 - 000075591 _____ C:\Users\M\Downloads\December Service Month Authorization.xlsx
2018-01-11 11:03 - 2018-01-11 11:03 - 000229372 _____ C:\Users\M\Downloads\Blank Preview Agreement Health Link HCBS Waiver Program.pdf
2018-01-11 11:02 - 2018-01-11 11:02 - 000510291 _____ C:\Users\M\Downloads\Single ID EFS.pdf
2018-01-10 15:39 - 2018-01-10 15:39 - 000061812 _____ C:\Users\M\Downloads\Fax_20171216_715268027.pdf
2018-01-10 15:39 - 2018-01-10 15:39 - 000060710 _____ C:\Users\M\Downloads\Fax_20171221_715617262.pdf
2018-01-10 15:39 - 2018-01-10 15:39 - 000056235 _____ C:\Users\M\Downloads\Fax_20171228_715959035.pdf
2018-01-10 15:39 - 2018-01-10 15:39 - 000051412 _____ C:\Users\M\Downloads\Fax_20180101_716144879.pdf
2018-01-10 15:39 - 2018-01-10 15:39 - 000033418 _____ C:\Users\M\Downloads\Fax_20171221_715685273.pdf
2018-01-10 15:39 - 2018-01-10 15:39 - 000026196 _____ C:\Users\M\Downloads\Fax_20171221_715685232.pdf
2018-01-10 15:38 - 2018-01-10 15:38 - 000094633 _____ C:\Users\M\Downloads\Fax_20171213_715053171.pdf
2018-01-10 15:38 - 2018-01-10 15:38 - 000078657 _____ C:\Users\M\Downloads\Fax_20171213_714993813.pdf
2018-01-10 15:38 - 2018-01-10 15:38 - 000061684 _____ C:\Users\M\Downloads\Fax_20171216_715268003.pdf
2018-01-10 15:38 - 2018-01-10 15:38 - 000044438 _____ C:\Users\M\Downloads\Fax_20171215_715240941.pdf
2018-01-10 15:37 - 2018-01-10 15:37 - 000194776 _____ C:\Users\M\Downloads\Fax_20171207_714582546.pdf
2018-01-10 15:37 - 2018-01-10 15:37 - 000133014 _____ C:\Users\M\Downloads\Fax_20171207_714605631.pdf
2018-01-10 15:37 - 2018-01-10 15:37 - 000098977 _____ C:\Users\M\Downloads\Fax_20171211_714793482.pdf
2018-01-10 15:37 - 2018-01-10 15:37 - 000086269 _____ C:\Users\M\Downloads\Fax_20171211_714818600.pdf
2018-01-10 15:37 - 2018-01-10 15:37 - 000083090 _____ C:\Users\M\Downloads\Fax_20171212_714955134.pdf
2018-01-10 15:37 - 2018-01-10 15:37 - 000052786 _____ C:\Users\M\Downloads\Fax_20171207_714618239.pdf
2018-01-10 15:36 - 2018-01-10 15:36 - 000118118 _____ C:\Users\M\Downloads\Fax_20171207_714555718.pdf
2018-01-10 14:35 - 2018-01-10 14:35 - 000017640 _____ C:\Users\M\Downloads\sos.update.1.10.18.xlsx
2018-01-10 11:38 - 2018-01-10 11:38 - 000003934 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AnonymousRegistration
2018-01-10 11:37 - 2018-01-10 11:37 - 000000000 ____D C:\ProgramData\Dell Inc
2018-01-10 11:36 - 2018-01-10 11:37 - 002148634 _____ C:\Users\M\Downloads\010118_JudithWhite_Time_Sheets_WCAA-signedSigned.pdf
2018-01-09 13:41 - 2018-01-09 13:41 - 000914521 _____ C:\Users\M\Documents\Scan0016.pdf
2018-01-09 13:39 - 2018-01-09 13:39 - 000880228 _____ C:\Users\M\Documents\Scan0015.pdf
2018-01-09 13:16 - 2018-01-09 13:16 - 000338313 _____ C:\Users\M\Documents\Scan0014.pdf
2018-01-09 13:09 - 2018-01-09 13:09 - 000164880 _____ C:\Users\M\Downloads\RCP Associates Contract (1).pdf
2018-01-08 14:39 - 2018-01-08 14:39 - 000017539 _____ C:\Users\M\Downloads\2018.SOS.1.18.18.xlsx
2018-01-08 12:35 - 2018-01-08 12:35 - 000154465 _____ C:\Users\M\Downloads\3133688857_180108_716581623.pdf
2018-01-08 12:35 - 2018-01-08 12:35 - 000012493 _____ C:\Users\M\Downloads\3133688857_180108_716581729.pdf
2018-01-08 12:30 - 2018-01-08 12:30 - 000096087 _____ C:\Users\M\Downloads\NA_180108_716581195.pdf
2018-01-08 12:30 - 2018-01-08 12:30 - 000073061 _____ C:\Users\M\Downloads\NA_180108_716580759.pdf
2018-01-05 13:29 - 2018-01-01 12:15 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-01-05 13:29 - 2018-01-01 07:54 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-01-05 13:29 - 2018-01-01 07:53 - 001090984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-01-05 13:29 - 2018-01-01 07:52 - 000066712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-01-05 13:29 - 2018-01-01 07:51 - 001414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-01-05 13:29 - 2018-01-01 07:51 - 001209240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-01-05 13:29 - 2018-01-01 07:51 - 001055128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-01-05 13:29 - 2018-01-01 07:51 - 000191816 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-01-05 13:29 - 2018-01-01 07:51 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-01-05 13:29 - 2018-01-01 07:50 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-01-05 13:29 - 2018-01-01 07:50 - 000780464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-01-05 13:29 - 2018-01-01 07:50 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-01-05 13:29 - 2018-01-01 07:50 - 000077208 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-01-05 13:29 - 2018-01-01 07:49 - 008605080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-01-05 13:29 - 2018-01-01 07:49 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-01-05 13:29 - 2018-01-01 07:49 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-01-05 13:29 - 2018-01-01 07:49 - 000292376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-01-05 13:29 - 2018-01-01 07:48 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-01-05 13:29 - 2018-01-01 07:48 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll