Solved Second infected computer

M

mom26gr8kids

Posts: 574   +0
This is the laptop that I potentially infected from another laptop. Today my Comodo antivirus asked if it could clean 32 files, but when I tried to export those logs I deleted them, so I am not sure what they were. Here is the frst txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.05.2018
Ran by songe (administrator) on DESKTOP-NSCE1AL (05-05-2018 19:53:39)
Running from C:\Users\songe\Downloads
Loaded Profiles: songe (Available Profiles: songe)
Platform: Windows 10 Home Version 1709 16299.371 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igfxCUIService.exe
(HP) C:\Windows\System32\HP3DDGService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(COMODO) C:\Program Files (x86)\Comodo\COMODO Secure Shopping\csssrv64.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\IntelCpHDCPSvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(HP Inc.) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
() C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igfxEM.exe
(HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9192960 2017-04-06] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2208448 2018-03-13] (COMODO)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [1062392 2017-03-15] (HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324488 2016-08-02] (HP)
HKLM-x32\...\Run: [vdcss] => C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe [8511152 2018-03-06] (COMODO)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4072376 2018-01-17] (COMODO)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3642688 2018-04-23] (Dropbox, Inc.)
HKU\S-1-5-21-2895219947-52399620-1358840524-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [8887216 2018-04-04] (SUPERAntiSpyware)
HKU\S-1-5-21-2895219947-52399620-1358840524-1001\...\RunOnce: [Uninstall 18.044.0301.0006\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\songe\AppData\Local\Microsoft\OneDrive\18.044.0301.0006\amd64"
HKU\S-1-5-21-2895219947-52399620-1358840524-1001\...\RunOnce: [Uninstall 18.044.0301.0006] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\songe\AppData\Local\Microsoft\OneDrive\18.044.0301.0006"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{b3ec2d44-eace-4383-b00f-2dacc9f81f69}: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{b730547a-92ca-4653-b0c1-34d1cdba4996}: [DhcpNameServer] 172.168.0.5

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2895219947-52399620-1358840524-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {1C9A15F2-CD0A-4D1D-A66A-364C58CCFB87} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {1C9A15F2-CD0A-4D1D-A66A-364C58CCFB87} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2895219947-52399620-1358840524-1001 -> {1C9A15F2-CD0A-4D1D-A66A-364C58CCFB87} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho64.dll [2018-03-06] (COMODO)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-04-29] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06] (HP Inc.)
BHO-x32: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [2018-03-06] (COMODO)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-29] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-07] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-11-22] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-22] (Adobe Systems Inc.)

Chrome:
=======
CHR NewTab: Default -> Not-active:"chrome-extension://ampibhepipjeidadlneckcjabgafigja/newtab/newtab.html"
CHR Profile: C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default [2018-05-05]
CHR Extension: (Slides) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Email Access Online) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja [2018-04-05]
CHR Extension: (Docs) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Google Drive) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-16]
CHR Extension: (YouTube) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-16]
CHR Extension: (Adobe Acrobat) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-04-10]
CHR Extension: (Sheets) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Google Docs Offline) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-16]
CHR Extension: (Chrome Media Router) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-05]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8566440 2018-04-23] (Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11395096 2018-03-13] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2018-03-13] (COMODO)
R2 csssrv; C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe [4199088 2018-03-06] (COMODO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-09-16] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-09-16] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-04-23] (Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2218552 2017-03-17] (Intel Corporation)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-11-22] (WildTangent)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HP Orbit Service; C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe [3421616 2017-06-20] (HP Inc.)
R2 hp3ddgsrv; C:\WINDOWS\system32\HP3DDGService.exe [130072 2017-10-03] (HP)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-04-03] (HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [630776 2017-02-06] (HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515768 2017-04-13] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel(R) Corporation)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1199544 2018-01-17] (COMODO)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2016-12-19] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324600 2017-04-06] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [54296 2017-10-03] (HP)
R1 cmdcss; C:\WINDOWS\system32\drivers\cmdcss.sys [125000 2018-02-28] (COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [44056 2018-02-01] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [830448 2018-02-01] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50768 2018-02-01] (COMODO)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [72584 2017-03-17] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [67976 2017-03-17] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [355208 2017-03-17] (Intel Corporation)
R3 HID_PCI; C:\WINDOWS\System32\drivers\HID_PCI.sys [31328 2016-08-10] (Intel)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [40472 2017-10-03] (HP)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [174600 2017-04-13] (Intel Corporation)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [133896 2018-02-01] (COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63200 2017-12-12] (COMODO)
R3 ISH; C:\WINDOWS\System32\drivers\ISH.sys [143984 2016-09-19] (Intel)
R3 ISH_BusDriver; C:\WINDOWS\System32\drivers\ISH_BusDriver.sys [80496 2016-08-18] (Intel)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7647232 2017-10-17] (Intel Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [1849752 2017-09-29] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [947712 2017-03-31] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [781792 2017-03-13] (Realsil Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [60504 2017-03-31] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated)
R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [42000 2017-03-31] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30368 2017-06-21] (HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-05 19:53 - 2018-05-05 19:54 - 000020251 _____ C:\Users\songe\Downloads\FRST.txt
2018-05-05 19:53 - 2018-05-05 19:53 - 000000000 ____D C:\Users\songe\Downloads\FRST-OlderVersion
2018-05-05 19:52 - 2018-05-05 19:53 - 002405376 _____ (Farbar) C:\Users\songe\Downloads\FRST64.exe
2018-05-05 19:52 - 2018-05-05 19:53 - 000000000 ____D C:\FRST
2018-05-03 08:34 - 2018-05-03 08:34 - 000000000 ____D C:\Users\songe\AppData\Local\ElevatedDiagnostics
2018-04-30 00:32 - 2018-04-30 00:32 - 000025886 _____ C:\Users\songe\Documents\Transcript.xlsx
2018-04-30 00:32 - 2018-04-30 00:32 - 000000165 ____H C:\Users\songe\Documents\~$Transcript.xlsx
2018-04-25 21:57 - 2018-04-25 21:57 - 000675401 _____ C:\Users\songe\Downloads\flyer (7).pdf
2018-04-25 21:57 - 2018-04-25 21:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-04-23 04:15 - 2018-04-23 04:15 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-04-23 04:15 - 2018-04-23 04:15 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-04-23 04:15 - 2018-04-23 04:15 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-04-23 04:15 - 2018-04-23 04:15 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-04-19 10:39 - 2018-04-19 10:39 - 000011342 _____ C:\Users\songe\Downloads\3-1 TO 4-12 2018.xlsx
2018-04-16 21:06 - 2018-04-03 13:37 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-04-16 21:06 - 2018-04-03 13:37 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-04-16 01:24 - 2018-04-16 01:24 - 000000000 ___HD C:\ProgramData\temp
2018-04-15 21:30 - 2018-04-15 21:30 - 000031162 _____ C:\Users\songe\Downloads\The 80-20 Rule.pdf
2018-04-15 21:28 - 2018-04-15 21:28 - 000061982 _____ C:\Users\songe\Downloads\See Goal SMASH Goal.pdf
2018-04-15 21:26 - 2018-04-15 21:26 - 001914380 _____ C:\Users\songe\Downloads\Wake Up Do This!.pdf
2018-04-15 21:22 - 2018-04-15 21:22 - 000058167 _____ C:\Users\songe\Downloads\Parkinsons Law.pdf
2018-04-12 10:48 - 2018-04-12 10:48 - 000012912 _____ C:\Users\songe\Downloads\athlete_warm_up_jacket_2017_2018_results (3) (1).xlsx
2018-04-12 10:47 - 2018-04-12 10:47 - 000010969 _____ C:\Users\songe\Downloads\soccer warm up jacket order 2018.xlsx
2018-04-11 23:42 - 2018-03-29 23:12 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-04-11 23:42 - 2018-03-29 23:08 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-04-11 23:42 - 2018-03-29 23:06 - 000166304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-04-11 23:42 - 2018-03-29 23:05 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-04-11 23:42 - 2018-03-29 23:03 - 000319864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-04-11 23:42 - 2018-03-29 23:03 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-04-11 23:42 - 2018-03-29 23:03 - 000059808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-04-11 23:42 - 2018-03-29 23:03 - 000022400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-04-11 23:42 - 2018-03-29 23:01 - 008600480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-04-11 23:42 - 2018-03-29 23:01 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-04-11 23:42 - 2018-03-29 23:01 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-04-11 23:42 - 2018-03-29 23:01 - 000471968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-04-11 23:42 - 2018-03-29 23:00 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-04-11 23:42 - 2018-03-29 22:59 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-04-11 23:42 - 2018-03-29 22:59 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-04-11 23:42 - 2018-03-29 22:58 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-04-11 23:42 - 2018-03-29 22:58 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-04-11 23:42 - 2018-03-29 22:57 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-04-11 23:42 - 2018-03-29 22:57 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-04-11 23:42 - 2018-03-29 22:55 - 000062880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-04-11 23:42 - 2018-03-29 22:54 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-04-11 23:42 - 2018-03-29 22:54 - 000461728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-04-11 23:42 - 2018-03-29 22:54 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-04-11 23:42 - 2018-03-29 22:53 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-04-11 23:42 - 2018-03-29 22:53 - 000246176 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-04-11 23:42 - 2018-03-29 22:53 - 000163744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-04-11 23:42 - 2018-03-29 22:52 - 000727456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-04-11 23:42 - 2018-03-29 22:52 - 000428960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-04-11 23:42 - 2018-03-29 22:51 - 000902928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-04-11 23:42 - 2018-03-29 22:51 - 000147872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-04-11 23:42 - 2018-03-29 22:50 - 000057760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-04-11 23:42 - 2018-03-29 22:48 - 000614304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-04-11 23:42 - 2018-03-29 22:28 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-04-11 23:42 - 2018-03-29 22:27 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-04-11 23:42 - 2018-03-29 22:23 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-04-11 23:42 - 2018-03-29 22:13 - 002193176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-04-11 23:42 - 2018-03-29 22:10 - 000704080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-04-11 23:42 - 2018-03-29 22:07 - 001003160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-04-11 23:42 - 2018-03-29 21:46 - 018925056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-04-11 23:42 - 2018-03-29 21:46 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-04-11 23:42 - 2018-03-29 21:46 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-04-11 23:42 - 2018-03-29 21:45 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-04-11 23:42 - 2018-03-29 21:45 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-04-11 23:42 - 2018-03-29 21:43 - 019355136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-04-11 23:42 - 2018-03-29 21:43 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-04-11 23:42 - 2018-03-29 21:43 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-04-11 23:42 - 2018-03-29 21:43 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2018-04-11 23:42 - 2018-03-29 21:42 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-04-11 23:42 - 2018-03-29 21:42 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-04-11 23:42 - 2018-03-29 21:42 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-04-11 23:42 - 2018-03-29 21:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-04-11 23:42 - 2018-03-29 21:41 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-04-11 23:42 - 2018-03-29 21:41 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-04-11 23:42 - 2018-03-29 21:41 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-04-11 23:42 - 2018-03-29 21:41 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-04-11 23:42 - 2018-03-29 21:41 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-04-11 23:42 - 2018-03-29 21:40 - 011924992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-04-11 23:42 - 2018-03-29 21:40 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-04-11 23:42 - 2018-03-29 21:40 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-04-11 23:42 - 2018-03-29 21:39 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-04-11 23:42 - 2018-03-29 21:39 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-04-11 23:42 - 2018-03-29 21:38 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-04-11 23:42 - 2018-03-29 21:38 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-04-11 23:42 - 2018-03-29 21:38 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-04-11 23:42 - 2018-03-29 21:38 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-04-11 23:42 - 2018-03-29 21:38 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-04-11 23:42 - 2018-03-29 21:38 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-04-11 23:42 - 2018-03-29 21:38 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-04-11 23:42 - 2018-03-29 21:37 - 003677184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-04-11 23:42 - 2018-03-29 21:36 - 003664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-04-11 23:42 - 2018-03-29 21:36 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-04-11 23:42 - 2018-03-29 21:36 - 002014720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-04-11 23:42 - 2018-03-29 21:36 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-04-11 23:42 - 2018-03-29 21:36 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-04-11 23:42 - 2018-03-29 21:36 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-04-11 23:42 - 2018-03-29 21:35 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-04-11 23:42 - 2018-03-29 21:35 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-04-11 23:42 - 2018-03-29 21:35 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-04-11 23:42 - 2018-03-29 21:35 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-04-11 23:42 - 2018-03-29 21:33 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-04-11 23:42 - 2018-03-29 21:33 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-04-11 23:42 - 2018-03-29 21:33 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2018-04-11 23:42 - 2018-03-29 21:32 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-04-11 23:42 - 2018-03-29 21:32 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-04-11 23:42 - 2018-03-29 21:32 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-04-11 23:42 - 2018-03-29 21:32 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-04-11 23:42 - 2018-03-29 21:32 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-04-11 23:42 - 2018-03-29 21:32 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-04-11 23:42 - 2018-03-29 21:31 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-04-11 23:42 - 2018-03-29 21:31 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-04-11 23:42 - 2018-03-29 21:31 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-04-11 23:42 - 2018-03-29 21:31 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-04-11 23:42 - 2018-03-29 21:30 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-04-11 23:42 - 2018-03-29 21:30 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-04-11 23:42 - 2018-03-29 21:30 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-04-11 23:42 - 2018-03-29 21:30 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-04-11 23:42 - 2018-03-29 21:30 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-04-11 23:42 - 2018-03-29 21:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-04-11 23:42 - 2018-03-29 21:30 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-04-11 23:42 - 2018-03-29 21:30 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-04-11 23:42 - 2018-03-29 21:29 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-04-11 23:42 - 2018-03-29 21:29 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-04-11 23:42 - 2018-03-29 21:29 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-04-11 23:42 - 2018-03-29 21:29 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-04-11 23:42 - 2018-03-29 21:28 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-04-11 23:42 - 2018-03-29 21:28 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-04-11 23:42 - 2018-03-29 21:28 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-04-11 23:42 - 2018-03-29 21:28 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-04-11 23:42 - 2018-03-29 21:27 - 008104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-04-11 23:42 - 2018-03-29 21:27 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-04-11 23:42 - 2018-03-29 21:27 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-04-11 23:42 - 2018-03-29 21:27 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-04-11 23:42 - 2018-03-29 21:27 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-04-11 23:42 - 2018-03-29 21:26 - 004747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-04-11 23:42 - 2018-03-29 21:26 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-04-11 23:42 - 2018-03-29 21:25 - 002083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-04-11 23:42 - 2018-03-29 21:25 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-04-11 23:42 - 2018-03-29 21:25 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-04-11 23:42 - 2018-03-29 21:25 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-04-11 23:42 - 2018-03-29 21:25 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-04-11 23:42 - 2018-03-29 21:23 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-04-11 23:42 - 2018-03-29 21:23 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-04-11 23:42 - 2018-03-29 21:23 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-04-11 23:42 - 2018-03-29 21:23 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-04-11 23:42 - 2018-03-29 21:20 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2018-04-11 23:42 - 2018-03-13 01:03 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-04-11 23:42 - 2018-03-13 01:03 - 000279960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-04-11 23:42 - 2018-03-13 01:02 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-04-11 23:42 - 2018-03-13 00:59 - 000535968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-04-11 23:42 - 2018-03-13 00:58 - 000170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-04-11 23:42 - 2018-03-13 00:54 - 000555936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-04-11 23:42 - 2018-03-13 00:50 - 000617312 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-04-11 23:42 - 2018-03-12 23:40 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-04-11 23:42 - 2018-03-12 23:33 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-04-11 23:42 - 2018-03-12 23:32 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-04-11 23:42 - 2018-03-12 23:28 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-04-11 23:42 - 2018-03-12 23:27 - 003125760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-04-11 23:42 - 2018-03-12 23:23 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2018-04-11 23:42 - 2018-03-12 23:19 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-04-11 23:42 - 2018-03-12 23:15 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-04-11 23:42 - 2018-03-12 23:04 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-04-11 23:42 - 2018-03-12 22:43 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-04-11 23:42 - 2018-03-12 22:39 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-04-11 23:42 - 2018-03-12 22:37 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-04-11 23:42 - 2018-03-12 22:33 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-04-11 23:42 - 2018-03-12 22:31 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-04-11 23:42 - 2018-03-12 22:30 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-04-11 23:42 - 2018-03-12 22:27 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2018-04-11 23:42 - 2018-03-12 22:27 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2018-04-11 23:42 - 2017-11-26 06:36 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-04-11 23:41 - 2018-03-30 06:34 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-04-11 23:41 - 2018-03-29 23:18 - 001092008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-04-11 23:41 - 2018-03-29 23:14 - 000423320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-04-11 23:41 - 2018-03-29 23:10 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-04-11 23:41 - 2018-03-29 23:08 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-04-11 23:41 - 2018-03-29 23:08 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-04-11 23:41 - 2018-03-29 23:08 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-04-11 23:41 - 2018-03-29 23:07 - 000069528 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-04-11 23:41 - 2018-03-29 23:05 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-04-11 23:41 - 2018-03-29 23:05 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-04-11 23:41 - 2018-03-29 23:05 - 000191824 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-04-11 23:41 - 2018-03-29 23:05 - 000066720 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-04-11 23:41 - 2018-03-29 23:05 - 000015632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumdll.dll
2018-04-11 23:41 - 2018-03-29 23:04 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-04-11 23:41 - 2018-03-29 23:04 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-04-11 23:41 - 2018-03-29 23:04 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-04-11 23:41 - 2018-03-29 23:03 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-04-11 23:41 - 2018-03-29 23:03 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-04-11 23:41 - 2018-03-29 23:03 - 000508272 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-04-11 23:41 - 2018-03-29 23:03 - 000479920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-04-11 23:41 - 2018-03-29 23:03 - 000460704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-04-11 23:41 - 2018-03-29 23:03 - 000292384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-04-11 23:41 - 2018-03-29 23:03 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-04-11 23:41 - 2018-03-29 23:01 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-04-11 23:41 - 2018-03-29 22:57 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-04-11 23:41 - 2018-03-29 22:57 - 000711944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-04-11 23:41 - 2018-03-29 22:57 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-04-11 23:41 - 2018-03-29 22:55 - 000367344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-04-11 23:41 - 2018-03-29 22:54 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-04-11 23:41 - 2018-03-29 22:53 - 007676304 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-04-11 23:41 - 2018-03-29 22:53 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-04-11 23:41 - 2018-03-29 22:53 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-04-11 23:41 - 2018-03-29 22:52 - 021351632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-04-11 23:41 - 2018-03-29 22:52 - 002457504 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-04-11 23:41 - 2018-03-29 22:52 - 000677280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-04-11 23:41 - 2018-03-29 22:50 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-04-11 23:41 - 2018-03-29 22:48 - 001101728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-04-11 23:41 - 2018-03-29 22:28 - 000777912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-04-11 23:41 - 2018-03-29 22:24 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-04-11 23:41 - 2018-03-29 22:19 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-04-11 23:41 - 2018-03-29 22:16 - 000289824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-04-11 23:41 - 2018-03-29 22:13 - 000450936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-04-11 23:41 - 2018-03-29 22:09 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-04-11 23:41 - 2018-03-29 21:55 - 025253888 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-04-11 23:41 - 2018-03-29 21:46 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-04-11 23:41 - 2018-03-29 21:37 - 001298944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-04-11 23:41 - 2018-03-29 21:36 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-04-11 23:41 - 2018-03-29 21:36 - 000098304 _____ C:\WINDOWS\system32\runexehelper.exe
 
58112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-04-11 23:41 - 2018-03-29 21:35 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-04-11 23:41 - 2018-03-29 21:35 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-04-11 23:41 - 2018-03-29 21:35 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-04-11 23:41 - 2018-03-29 21:35 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-04-11 23:41 - 2018-03-29 21:35 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-04-11 23:41 - 2018-03-29 21:33 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-04-11 23:41 - 2018-03-29 21:33 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-04-11 23:41 - 2018-03-29 21:32 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-04-11 23:41 - 2018-03-29 21:32 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-04-11 23:41 - 2018-03-29 21:32 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-04-11 23:41 - 2018-03-29 21:32 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-04-11 23:41 - 2018-03-29 21:31 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-04-11 23:41 - 2018-03-29 21:31 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-04-11 23:41 - 2018-03-29 21:31 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-04-11 23:41 - 2018-03-29 21:30 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-04-11 23:41 - 2018-03-29 21:30 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-04-11 23:41 - 2018-03-29 21:30 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-04-11 23:41 - 2018-03-29 21:30 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-04-11 23:41 - 2018-03-29 21:29 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-04-11 23:41 - 2018-03-29 21:29 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-04-11 23:41 - 2018-03-29 21:29 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-04-11 23:41 - 2018-03-29 21:29 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-04-11 23:41 - 2018-03-29 21:29 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-04-11 23:41 - 2018-03-29 21:29 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-04-11 23:41 - 2018-03-29 21:28 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-04-11 23:41 - 2018-03-29 21:28 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-04-11 23:41 - 2018-03-29 21:28 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-04-11 23:41 - 2018-03-29 21:28 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-04-11 23:41 - 2018-03-29 21:28 - 000721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-04-11 23:41 - 2018-03-29 21:28 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-04-11 23:41 - 2018-03-29 21:28 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-04-11 23:41 - 2018-03-29 21:27 - 003170816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-04-11 23:41 - 2018-03-29 21:27 - 001002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-04-11 23:41 - 2018-03-29 21:27 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-04-11 23:41 - 2018-03-29 21:27 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-04-11 23:41 - 2018-03-29 21:26 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-04-11 23:41 - 2018-03-29 21:26 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-04-11 23:41 - 2018-03-29 21:26 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-04-11 23:41 - 2018-03-29 21:26 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-04-11 23:41 - 2018-03-29 21:26 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-04-11 23:41 - 2018-03-29 21:26 - 000765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-04-11 23:41 - 2018-03-29 21:26 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-04-11 23:41 - 2018-03-29 21:25 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-04-11 23:41 - 2018-03-29 21:25 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-04-11 23:41 - 2018-03-29 21:25 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-04-11 23:41 - 2018-03-29 21:25 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-04-11 23:41 - 2018-03-29 21:25 - 001055744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-04-11 23:41 - 2018-03-29 21:25 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-04-11 23:41 - 2018-03-29 21:24 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-04-11 23:41 - 2018-03-29 21:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-04-11 23:41 - 2018-03-29 21:21 - 002511360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-04-11 23:41 - 2018-03-29 21:21 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-04-11 23:41 - 2018-03-28 13:54 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-04-11 23:41 - 2018-03-13 01:03 - 005907288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-04-11 23:41 - 2018-03-13 01:03 - 000779960 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-04-11 23:41 - 2018-03-13 01:03 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-04-11 23:41 - 2018-03-13 00:58 - 000377760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-04-11 23:41 - 2018-03-13 00:55 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-04-11 23:41 - 2018-03-13 00:53 - 001054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-04-11 23:41 - 2018-03-13 00:53 - 000113568 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-04-11 23:41 - 2018-03-13 00:52 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-04-11 23:41 - 2018-03-13 00:51 - 002773408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-04-11 23:41 - 2018-03-12 23:36 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-04-11 23:41 - 2018-03-12 23:35 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-04-11 23:41 - 2018-03-12 23:34 - 008727552 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-04-11 23:41 - 2018-03-12 23:33 - 007544832 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-04-11 23:41 - 2018-03-12 23:33 - 001574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2018-04-11 23:41 - 2018-03-12 23:33 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-04-11 23:41 - 2018-03-12 23:32 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-04-11 23:41 - 2018-03-12 23:30 - 007145472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-04-11 23:41 - 2018-03-12 23:30 - 003400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-04-11 23:41 - 2018-03-12 23:29 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-04-11 23:41 - 2018-03-12 23:28 - 003160576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-04-11 23:41 - 2018-03-12 23:28 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-04-11 23:41 - 2018-03-12 23:28 - 001967104 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-04-11 23:41 - 2018-03-12 23:28 - 001157632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-04-11 23:41 - 2018-03-12 23:28 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-04-11 23:41 - 2018-03-12 23:27 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-04-11 23:41 - 2018-03-12 23:27 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-04-11 23:41 - 2018-03-12 23:23 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2018-04-11 23:41 - 2018-03-12 23:23 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2018-04-11 23:41 - 2018-03-12 23:22 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-04-11 23:41 - 2018-03-12 23:22 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-04-11 23:41 - 2018-03-12 23:19 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-04-11 23:41 - 2018-03-12 23:19 - 000311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-04-11 23:41 - 2018-03-12 23:08 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-04-11 23:41 - 2018-03-12 23:04 - 006481096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-04-11 23:41 - 2018-03-12 22:44 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-04-11 23:41 - 2018-03-12 22:40 - 006118400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-04-11 23:41 - 2018-03-12 22:38 - 006466560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-04-11 23:41 - 2018-03-12 22:37 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-04-11 23:41 - 2018-03-12 22:31 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-04-11 23:41 - 2018-03-12 22:30 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-04-11 23:40 - 2018-03-29 23:12 - 000270208 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2018-04-11 23:40 - 2018-03-29 23:12 - 000075168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-04-11 23:40 - 2018-03-29 23:07 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-04-11 23:40 - 2018-03-29 23:06 - 000053152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcw.sys
2018-04-11 23:40 - 2018-03-29 23:05 - 000073120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-04-11 23:40 - 2018-03-29 23:05 - 000059808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2018-04-11 23:40 - 2018-03-29 23:05 - 000035744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDFHost.dll
2018-04-11 23:40 - 2018-03-29 23:05 - 000022800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumbase.dll
2018-04-11 23:40 - 2018-03-29 23:05 - 000022208 _____ (Microsoft Corporation) C:\WINDOWS\system32\IumSdk.dll
2018-04-11 23:40 - 2018-03-29 23:05 - 000020888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-04-11 23:40 - 2018-03-29 23:03 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-04-11 23:40 - 2018-03-29 23:03 - 000139680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-04-11 23:40 - 2018-03-29 23:02 - 000128416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-04-11 23:40 - 2018-03-29 23:01 - 000034208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fs_rec.sys
2018-04-11 23:40 - 2018-03-29 23:00 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2018-04-11 23:40 - 2018-03-29 23:00 - 000094104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2018-04-11 23:40 - 2018-03-29 22:58 - 000039328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2018-04-11 23:40 - 2018-03-29 22:57 - 000121248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2018-04-11 23:40 - 2018-03-29 22:57 - 000031640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2018-04-11 23:40 - 2018-03-29 22:56 - 000018680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshhyperv.dll
2018-04-11 23:40 - 2018-03-29 22:53 - 000094080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2018-04-11 23:40 - 2018-03-29 22:52 - 000282528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2018-04-11 23:40 - 2018-03-29 22:52 - 000247480 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2018-04-11 23:40 - 2018-03-29 22:52 - 000192416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-04-11 23:40 - 2018-03-29 22:52 - 000054688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vdrvroot.sys
2018-04-11 23:40 - 2018-03-29 22:52 - 000047512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2018-04-11 23:40 - 2018-03-29 22:52 - 000028520 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2018-04-11 23:40 - 2018-03-29 22:51 - 000125568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-04-11 23:40 - 2018-03-29 22:51 - 000123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2018-04-11 23:40 - 2018-03-29 22:51 - 000071208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-04-11 23:40 - 2018-03-29 22:49 - 000204184 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-04-11 23:40 - 2018-03-29 22:48 - 000586800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp110_win.dll
2018-04-11 23:40 - 2018-03-29 22:18 - 000016600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshhyperv.dll
2018-04-11 23:40 - 2018-03-29 22:13 - 000073896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2018-04-11 23:40 - 2018-03-29 22:12 - 000186520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2018-04-11 23:40 - 2018-03-29 22:10 - 000099240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-04-11 23:40 - 2018-03-29 22:06 - 000180632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-04-11 23:40 - 2018-03-29 22:04 - 000417368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp110_win.dll
2018-04-11 23:40 - 2018-03-29 21:45 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2018-04-11 23:40 - 2018-03-29 21:44 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2018-04-11 23:40 - 2018-03-29 21:44 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2018-04-11 23:40 - 2018-03-29 21:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-04-11 23:40 - 2018-03-29 21:43 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2018-04-11 23:40 - 2018-03-29 21:43 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2018-04-11 23:40 - 2018-03-29 21:43 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2018-04-11 23:40 - 2018-03-29 21:43 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2018-04-11 23:40 - 2018-03-29 21:43 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-04-11 23:40 - 2018-03-29 21:43 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2018-04-11 23:40 - 2018-03-29 21:43 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2018-04-11 23:40 - 2018-03-29 21:43 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2018-04-11 23:40 - 2018-03-29 21:43 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2018-04-11 23:40 - 2018-03-29 21:43 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2018-04-11 23:40 - 2018-03-29 21:43 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2018-04-11 23:40 - 2018-03-29 21:43 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2018-04-11 23:40 - 2018-03-29 21:43 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsnmp32.dll
2018-04-11 23:40 - 2018-03-29 21:43 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-04-11 23:40 - 2018-03-29 21:43 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2018-04-11 23:40 - 2018-03-29 21:43 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2018-04-11 23:40 - 2018-03-29 21:43 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2018-04-11 23:40 - 2018-03-29 21:43 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2018-04-11 23:40 - 2018-03-29 21:42 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2018-04-11 23:40 - 2018-03-29 21:42 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2018-04-11 23:40 - 2018-03-29 21:42 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2018-04-11 23:40 - 2018-03-29 21:42 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2018-04-11 23:40 - 2018-03-29 21:42 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2018-04-11 23:40 - 2018-03-29 21:42 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2018-04-11 23:40 - 2018-03-29 21:41 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-04-11 23:40 - 2018-03-29 21:41 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-04-11 23:40 - 2018-03-29 21:41 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2018-04-11 23:40 - 2018-03-29 21:40 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2018-04-11 23:40 - 2018-03-29 21:40 - 000314880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2018-04-11 23:40 - 2018-03-29 21:40 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2018-04-11 23:40 - 2018-03-29 21:40 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2018-04-11 23:40 - 2018-03-29 21:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2018-04-11 23:40 - 2018-03-29 21:39 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-04-11 23:40 - 2018-03-29 21:36 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-04-11 23:40 - 2018-03-29 21:35 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2018-04-11 23:40 - 2018-03-29 21:35 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-04-11 23:40 - 2018-03-29 21:35 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2018-04-11 23:40 - 2018-03-29 21:35 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2018-04-11 23:40 - 2018-03-29 21:34 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2018-04-11 23:40 - 2018-03-29 21:33 - 000707584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2018-04-11 23:40 - 2018-03-29 21:33 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2018-04-11 23:40 - 2018-03-29 21:33 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irda.sys
2018-04-11 23:40 - 2018-03-29 21:33 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2018-04-11 23:40 - 2018-03-29 21:33 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2018-04-11 23:40 - 2018-03-29 21:33 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2018-04-11 23:40 - 2018-03-29 21:33 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2018-04-11 23:40 - 2018-03-29 21:33 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2018-04-11 23:40 - 2018-03-29 21:33 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2018-04-11 23:40 - 2018-03-29 21:33 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2018-04-11 23:40 - 2018-03-29 21:33 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2018-04-11 23:40 - 2018-03-29 21:33 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-04-11 23:40 - 2018-03-29 21:33 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmictimeprovider.dll
2018-04-11 23:40 - 2018-03-29 21:33 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys
2018-04-11 23:40 - 2018-03-29 21:33 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-04-11 23:40 - 2018-03-29 21:33 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapPeerProxy.dll
2018-04-11 23:40 - 2018-03-29 21:33 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapAuthProxy.dll
2018-04-11 23:40 - 2018-03-29 21:33 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HyperVideo.sys
2018-04-11 23:40 - 2018-03-29 21:33 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VMBusHID.sys
2018-04-11 23:40 - 2018-03-29 21:33 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysntfy.dll
2018-04-11 23:40 - 2018-03-29 21:33 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2018-04-11 23:40 - 2018-03-29 21:33 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nrpsrv.dll
2018-04-11 23:40 - 2018-03-29 21:33 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasacd.sys
2018-04-11 23:40 - 2018-03-29 21:33 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hyperkbd.sys
2018-04-11 23:40 - 2018-03-29 21:33 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgencounter.sys
2018-04-11 23:40 - 2018-03-29 21:33 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2018-04-11 23:40 - 2018-03-29 21:33 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys
2018-04-11 23:40 - 2018-03-29 21:33 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vms3cap.sys
2018-04-11 23:40 - 2018-03-29 21:33 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-04-11 23:40 - 2018-03-29 21:32 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2018-04-11 23:40 - 2018-03-29 21:32 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2018-04-11 23:40 - 2018-03-29 21:32 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2018-04-11 23:40 - 2018-03-29 21:32 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2018-04-11 23:40 - 2018-03-29 21:32 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-04-11 23:40 - 2018-03-29 21:32 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2018-04-11 23:40 - 2018-03-29 21:32 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\efslsaext.dll
2018-04-11 23:40 - 2018-03-29 21:32 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2018-04-11 23:40 - 2018-03-29 21:32 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndisuio.sys
2018-04-11 23:40 - 2018-03-29 21:32 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lltdio.sys
2018-04-11 23:40 - 2018-03-29 21:32 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Synth3dVsc.sys
2018-04-11 23:40 - 2018-03-29 21:32 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsnmp32.dll
2018-04-11 23:40 - 2018-03-29 21:32 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2018-04-11 23:40 - 2018-03-29 21:32 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2018-04-11 23:40 - 2018-03-29 21:32 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2018-04-11 23:40 - 2018-03-29 21:32 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdPnp.dll
2018-04-11 23:40 - 2018-03-29 21:32 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2018-04-11 23:40 - 2018-03-29 21:32 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2018-04-11 23:40 - 2018-03-29 21:32 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2018-04-11 23:40 - 2018-03-29 21:32 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmiprop.dll
2018-04-11 23:40 - 2018-03-29 21:32 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWNet.dll
2018-04-11 23:40 - 2018-03-29 21:32 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfhost.exe
2018-04-11 23:40 - 2018-03-29 21:32 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2018-04-11 23:40 - 2018-03-29 21:32 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2018-04-11 23:40 - 2018-03-29 21:32 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2018-04-11 23:40 - 2018-03-29 21:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2018-04-11 23:40 - 2018-03-29 21:31 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2018-04-11 23:40 - 2018-03-29 21:31 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2018-04-11 23:40 - 2018-03-29 21:31 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2018-04-11 23:40 - 2018-03-29 21:31 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-04-11 23:40 - 2018-03-29 21:31 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-04-11 23:40 - 2018-03-29 21:31 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2018-04-11 23:40 - 2018-03-29 21:31 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-04-11 23:40 - 2018-03-29 21:31 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2018-04-11 23:40 - 2018-03-29 21:31 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2018-04-11 23:40 - 2018-03-29 21:31 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2018-04-11 23:40 - 2018-03-29 21:31 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2018-04-11 23:40 - 2018-03-29 21:31 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2018-04-11 23:40 - 2018-03-29 21:31 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2018-04-11 23:40 - 2018-03-29 21:31 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-04-11 23:40 - 2018-03-29 21:31 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll
2018-04-11 23:40 - 2018-03-29 21:30 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2018-04-11 23:40 - 2018-03-29 21:30 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-04-11 23:40 - 2018-03-29 21:30 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2018-04-11 23:40 - 2018-03-29 21:30 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-04-11 23:40 - 2018-03-29 21:30 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-04-11 23:40 - 2018-03-29 21:29 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2018-04-11 23:40 - 2018-03-29 21:29 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2018-04-11 23:40 - 2018-03-29 21:29 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2018-04-11 23:40 - 2018-03-29 21:29 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2018-04-11 23:40 - 2018-03-29 21:28 - 000984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-04-11 23:40 - 2018-03-29 21:28 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2018-04-11 23:40 - 2018-03-29 21:28 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2018-04-11 23:40 - 2018-03-29 21:27 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-04-11 23:40 - 2018-03-29 21:27 - 000889856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-04-11 23:40 - 2018-03-29 21:27 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-04-11 23:40 - 2018-03-29 21:27 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2018-04-11 23:40 - 2018-03-29 21:25 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-04-11 23:40 - 2018-03-29 21:25 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2018-04-11 23:40 - 2018-03-29 21:25 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2018-04-11 23:40 - 2018-03-29 21:25 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2018-04-11 23:40 - 2018-03-29 21:23 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2018-04-11 23:40 - 2018-03-29 21:23 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2018-04-11 23:40 - 2018-03-29 21:23 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-04-11 23:40 - 2018-03-29 21:22 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2018-04-11 23:40 - 2018-03-29 21:22 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpbus.sys
2018-04-11 23:40 - 2018-03-29 21:22 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\beep.sys
2018-04-11 23:40 - 2018-03-29 21:20 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2018-04-11 23:40 - 2018-03-29 21:20 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2018-04-11 23:40 - 2018-03-29 21:20 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2018-04-11 23:40 - 2018-03-29 21:20 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2018-04-11 23:40 - 2018-03-29 21:20 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2018-04-11 23:40 - 2018-03-29 21:20 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-04-11 23:40 - 2018-03-29 21:20 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdPnp.dll
2018-04-11 23:40 - 2018-03-29 21:20 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2018-04-11 23:40 - 2018-03-29 21:20 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmiprop.dll
2018-04-11 23:40 - 2018-03-29 21:20 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWNet.dll
2018-04-11 23:40 - 2018-03-29 21:20 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\null.sys
2018-04-11 23:40 - 2018-03-13 00:58 - 000441248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2018-04-11 23:40 - 2018-03-13 00:55 - 001778360 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-04-11 23:40 - 2018-03-13 00:55 - 000417440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2018-04-11 23:40 - 2018-03-13 00:55 - 000334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-04-11 23:40 - 2018-03-13 00:54 - 000128928 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2018-04-11 23:40 - 2018-03-13 00:53 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2018-04-11 23:40 - 2018-03-13 00:53 - 000143264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2018-04-11 23:40 - 2018-03-13 00:53 - 000091152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2018-04-11 23:40 - 2018-03-13 00:52 - 000172112 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2018-04-11 23:40 - 2018-03-13 00:52 - 000127136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2018-04-11 23:40 - 2018-03-12 23:41 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-04-11 23:40 - 2018-03-12 23:40 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-04-11 23:40 - 2018-03-12 23:38 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2018-04-11 23:40 - 2018-03-12 23:38 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-04-11 23:40 - 2018-03-12 23:38 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2018-04-11 23:40 - 2018-03-12 23:37 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2018-04-11 23:40 - 2018-03-12 23:37 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2018-04-11 23:40 - 2018-03-12 23:37 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2018-04-11 23:40 - 2018-03-12 23:36 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2018-04-11 23:40 - 2018-03-12 23:35 - 000758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-04-11 23:40 - 2018-03-12 23:35 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2018-04-11 23:40 - 2018-03-12 23:35 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2018-04-11 23:40 - 2018-03-12 23:35 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsAuth.dll
2018-04-11 23:40 - 2018-03-12 23:35 - 000219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsCfg.dll
2018-04-11 23:40 - 2018-03-12 23:35 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlgpclnt.dll
2018-04-11 23:40 - 2018-03-12 23:34 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2018-04-11 23:40 - 2018-03-12 23:34 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll
2018-04-11 23:40 - 2018-03-12 23:34 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-04-11 23:40 - 2018-03-12 23:34 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2018-04-11 23:40 - 2018-03-12 23:33 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2018-04-11 23:40 - 2018-03-12 23:33 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2018-04-11 23:40 - 2018-03-12 23:33 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-04-11 23:40 - 2018-03-12 23:33 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2018-04-11 23:40 - 2018-03-12 23:32 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2018-04-11 23:40 - 2018-03-12 23:32 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2018-04-11 23:40 - 2018-03-12 23:32 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-04-11 23:40 - 2018-03-12 23:32 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2018-04-11 23:40 - 2018-03-12 23:31 - 002849792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-04-11 23:40 - 2018-03-12 23:31 - 001263104 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-04-11 23:40 - 2018-03-12 23:31 - 001173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-04-11 23:40 - 2018-03-12 23:31 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2018-04-11 23:40 - 2018-03-12 23:31 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2018-04-11 23:40 - 2018-03-12 23:30 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-04-11 23:40 - 2018-03-12 23:30 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2018-04-11 23:40 - 2018-03-12 23:30 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2018-04-11 23:40 - 2018-03-12 23:30 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2018-04-11 23:40 - 2018-03-12 23:28 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-04-11 23:40 - 2018-03-12 23:28 - 000837120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-04-11 23:40 - 2018-03-12 23:26 - 001737728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-04-11 23:40 - 2018-03-12 23:26 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-04-11 23:40 - 2018-03-12 23:25 - 001346560 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2018-04-11 23:40 - 2018-03-12 23:25 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2018-04-11 23:40 - 2018-03-12 23:24 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2018-04-11 23:40 - 2018-03-12 23:24 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-04-11 23:40 - 2018-03-12 23:24 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2018-04-11 23:40 - 2018-03-12 23:22 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2018-04-11 23:40 - 2018-03-12 23:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2018-04-11 23:40 - 2018-03-12 23:08 - 001555784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-04-11 23:40 - 2018-03-12 23:07 - 000115104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2018-04-11 23:40 - 2018-03-12 23:06 - 000564640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2018-04-11 23:40 - 2018-03-12 23:04 - 000140592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2018-04-11 23:40 - 2018-03-12 22:44 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-04-11 23:40 - 2018-03-12 22:40 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2018-04-11 23:40 - 2018-03-12 22:40 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2018-04-11 23:40 - 2018-03-12 22:39 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2018-04-11 23:40 - 2018-03-12 22:39 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-04-11 23:40 - 2018-03-12 22:39 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsCfg.dll
2018-04-11 23:40 - 2018-03-12 22:38 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlgpclnt.dll
2018-04-11 23:40 - 2018-03-12 22:37 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2018-04-11 23:40 - 2018-03-12 22:37 - 000537088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2018-04-11 23:40 - 2018-03-12 22:37 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2018-04-11 23:40 - 2018-03-12 22:37 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2018-04-11 23:40 - 2018-03-12 22:37 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-04-11 23:40 - 2018-03-12 22:37 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2018-04-11 23:40 - 2018-03-12 22:36 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2018-04-11 23:40 - 2018-03-12 22:36 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2018-04-11 23:40 - 2018-03-12 22:36 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-04-11 23:40 - 2018-03-12 22:35 - 006204416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-04-11 23:40 - 2018-03-12 22:34 - 002409984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-04-11 23:40 - 2018-03-12 22:34 - 000706048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-04-11 23:40 - 2018-03-12 22:33 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-04-11 23:40 - 2018-03-12 22:32 - 002577408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-04-11 23:40 - 2018-03-12 22:32 - 001948672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-04-11 23:40 - 2018-03-12 22:31 - 001348608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-04-11 23:40 - 2018-03-12 22:31 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2018-04-11 23:40 - 2018-03-12 22:28 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-04-11 23:40 - 2018-03-12 22:26 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2018-04-11 23:40 - 2017-11-26 07:32 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-04-11 23:40 - 2017-11-26 05:12 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-04-09 21:48 - 2018-04-09 21:48 - 000000000 ____D C:\Users\songe\AppData\LocalLow\Adobe
2018-04-09 21:48 - 2018-04-09 21:48 - 000000000 ____D C:\Users\songe\AppData\Local\CEF
2018-04-09 19:45 - 2018-04-09 23:41 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-04-09 19:44 - 2018-04-09 23:42 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-04-09 19:44 - 2018-04-09 19:44 - 000002131 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2018-04-09 19:43 - 2018-04-09 21:49 - 000000000 ____D C:\ProgramData\Adobe
2018-04-09 19:43 - 2018-04-09 19:43 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-04-06 18:59 - 2018-04-06 18:59 - 000102983 _____ C:\Users\songe\Downloads\Connect Workshop Flyer.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-05 19:50 - 2017-09-16 22:05 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2018-05-05 17:47 - 2018-01-06 22:57 - 000004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CA8BE191-1050-41F9-B70A-584B5F24C026}
2018-05-05 14:42 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-05-05 13:57 - 2018-01-06 22:57 - 000003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForsonge
2018-05-05 13:57 - 2017-09-18 09:56 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForsonge.job
2018-05-05 11:22 - 2017-09-29 07:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-05 11:22 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-05 11:08 - 2018-01-06 22:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-03 08:20 - 2018-01-06 22:30 - 000000000 ____D C:\Users\songe\AppData\Local\Packages
2018-05-02 20:46 - 2017-09-16 20:46 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-02 20:46 - 2017-09-16 20:46 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-05-02 20:37 - 2018-01-06 22:57 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2895219947-52399620-1358840524-1001
2018-05-02 20:37 - 2017-09-16 20:12 - 000002370 _____ C:\Users\songe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-02 20:37 - 2017-09-16 20:12 - 000000000 ___RD C:\Users\songe\OneDrive
2018-04-29 20:18 - 2017-09-29 07:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-04-29 20:17 - 2017-05-23 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2018-04-29 20:16 - 2017-05-23 11:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-04-25 21:58 - 2017-05-23 11:10 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-04-22 19:55 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\rescache
2018-04-16 21:14 - 2017-09-29 07:44 - 000000000 ____D C:\WINDOWS\INF
2018-04-16 21:13 - 2018-01-06 22:28 - 001131568 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-16 21:08 - 2018-01-08 15:58 - 000000000 ___RD C:\Users\songe\3D Objects
2018-04-16 21:08 - 2017-03-17 21:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-04-16 21:07 - 2017-09-16 19:59 - 000000000 __SHD C:\Users\songe\IntelGraphicsProfiles
2018-04-16 01:24 - 2018-01-06 22:20 - 000396560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-04-16 01:23 - 2018-01-06 22:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-04-16 01:23 - 2017-09-16 22:22 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2018-04-16 01:18 - 2017-09-29 02:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-04-16 01:16 - 2017-09-29 07:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-04-16 01:16 - 2017-09-29 07:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-04-16 01:16 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-04-16 01:16 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-04-12 08:56 - 2017-09-17 18:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-04-11 23:58 - 2017-10-11 22:11 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-04-11 23:58 - 2017-09-29 07:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-04-11 23:58 - 2017-09-17 18:00 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-04-11 23:21 - 2018-01-06 22:57 - 000004600 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-04-11 23:21 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-04-11 23:20 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-04-09 21:48 - 2017-12-06 00:38 - 000000000 ____D C:\Users\songe\AppData\Local\Adobe
2018-04-09 21:48 - 2017-09-16 19:59 - 000000000 ____D C:\Users\songe\AppData\Roaming\Adobe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-04-22 19:48

==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.05.2018
Ran by songe (05-05-2018 19:55:53)
Running from C:\Users\songe\Downloads
Windows 10 Home Version 1709 16299.371 (X64) (2018-01-07 05:04:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2895219947-52399620-1358840524-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2895219947-52399620-1358840524-503 - Limited - Disabled)
Guest (S-1-5-21-2895219947-52399620-1358840524-501 - Limited - Disabled)
songe (S-1-5-21-2895219947-52399620-1358840524-1001 - Administrator - Enabled) => C:\Users\songe
WDAGUtilityAccount (S-1-5-21-2895219947-52399620-1358840524-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {08B84BA8-CC77-5A8B-A100-3F522B1B6106}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Advanced Protection (Enabled - Up to date) {B3D9AA4C-EA4D-5505-9BB0-0420509C2BBB}
FW: COMODO Firewall (Enabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Barn Yarn Collector's Edition (HKLM-x32\...\WTA-c9ed4711-1b6f-4c6b-8f3d-adef2c58d28f) (Version: 3.0.2.48 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
COMODO Internet Security Premium (HKLM\...\{4F6FC44D-AE9F-472B-8F00-B8388BC9AA04}) (Version: 10.2.0.6526 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 10.2.0.6526 - COMODO Security Solutions Inc.)
COMODO Secure Shopping (HKLM-x32\...\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA442656}) (Version: 1.3.138.0 - COMODO) Hidden
COMODO Secure Shopping (HKLM-x32\...\Comodo Secure_Shopping_list_uninstall) (Version: 1.3.442656.138 - Comodo)
Dropbox (HKLM-x32\...\Dropbox) (Version: 48.4.58 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.139 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM-x32\...\{8F183B2E-D21D-4070-8132-DD39C3CBFA5C}) (Version: 6.0.41.1 - HP)
HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)
HP CoolSense (HKLM-x32\...\{20CC03C7-7B48-4130-B7FA-39BC128E3A9E}) (Version: 2.21.5 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.21 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{23D5C1E8-0442-4D70-9280-927EF36657CB}) (Version: 1.1.0.378 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{81CA40FD-E11B-4DC1-AE33-A71EB044B8B7}) (Version: 1.1.275.0 - HP Inc.)
HP Orbit (HKLM-x32\...\{82b971c1-85fa-4c53-ada1-4ec6be0c0c8a}) (Version: 3.5.171.271 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.5.37.19 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{00612F78-52C4-46C0-97F0-F50B6036B5E2}) (Version: 12.8.47.1 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{1BB20774-0FA8-4CFF-AB69-7B7AAE2DCE6C}) (Version: 1.4.19 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{099DAD2B-56C5-4919-9F82-418C2A018CAE}) (Version: 1.1.18.1 - HP)
Intel(R) Chipset Device Software (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11003.3588 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1047 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1643.1 - Intel Corporation)
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.1.22 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{A9BCF224-9E30-4BFD-8917-2990841F6A87}) (Version: 19.50.0 - Intel Corporation)
Intel® Integrated Sensor Solution (HKLM-x32\...\{b3782b53-1b6c-436a-b0f0-f65d83ae74d9}) (Version: 3.0.30.1119 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{185db067-38cd-4521-a43e-c39b96ee1389}) (Version: 19.50.1 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.3.438464.135 - Comodo)
ISS_Drivers_x64 (HKLM\...\{6F91DCD1-30DB-449C-AE79-6948BEB15825}) (Version: 3.0.30.1119 - Intel Corporation) Hidden
Letter Quest - Grimm's Journey (HKLM-x32\...\WTA-7eaf260a-4e53-46b4-9383-a3bf7a3616c3) (Version: 3.0.2.118 - WildTangent) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.9226.2114 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2895219947-52399620-1358840524-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mystika 2 (HKLM-x32\...\WTA-e5b14bce-4777-484d-8af2-cf7b8fbf5770) (Version: 1.1.2.4 - WildTangent) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9226.2114 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2114 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2114 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.9226.2114 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21296 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.13.1223.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8105 - Realtek Semiconductor Corp.)
Runefall (HKLM-x32\...\WTA-37102008-8636-4956-8257-58088279094b) (Version: 3.0.2.126 - WildTangent) Hidden
Sparkle 2 (HKLM-x32\...\WTA-2ce03d31-63c9-431a-8b6a-fe805a904b7b) (Version: 3.0.2.51 - WildTangent) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1248 - SUPERAntiSpyware.com)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.0.28 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.1.1.14 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-13] (COMODO)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-13] (COMODO)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igfxDTCM.dll [2017-11-03] (Intel Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-13] (COMODO)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04C40D08-C53D-4089-ADC0-46D2F538FBD8} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {09CCAA6A-7495-47B7-BFE3-943E4BC9CE39} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {0F245120-7B51-49AD-A044-AF69FA4D156C} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [2017-02-01] ()
Task: {1FADCCB0-FB49-4757-9CAE-7C2F3B368300} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [2017-01-12] (HP Development Company, L.P.)
Task: {2766C5B0-A6E7-4D5C-B8BA-78B52F21B707} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {2A9F20FD-E00B-473A-9DF4-D72FC059BF75} - System32\Tasks\HPCeeScheduleForsonge => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {33609C6D-3F53-47B4-936C-7AF54AC08449} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {35383491-FA9F-42EA-A709-8712CF6A99A8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-23] (Microsoft Corporation)
Task: {41CD4323-4F8B-4DC3-A016-EB11718C5FF7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-04-29] (Microsoft Corporation)
Task: {602FD9BB-B6C0-4CF2-8DCD-503276105551} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {66C8E07D-4719-43EE-9068-2D895F840F32} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-02-07] (HP Inc.)
Task: {72884BD7-1C08-4143-98C0-195A2EF50184} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-16] (Google Inc.)
Task: {786756C2-0B25-49D7-9642-BA0CB4DD924D} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-12-06] (HP Inc.)
Task: {79B54E7E-BC88-48F0-8DE2-B350390F004B} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2018-03-13] (COMODO)
Task: {7A898AEC-5A73-4457-9614-528E87D8712A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN772290D0 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-02-07] (HP Inc.)
Task: {84406447-1EDC-48C5-8313-171913A573E9} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {8F0FEEC4-E151-4208-9D5F-0C7FB39B7341} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {90032862-CA94-4214-9CC2-0673C44202F4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-03-07] (HP Inc.)
Task: {92C18554-831A-4766-BE0E-E2F7C61890D7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {98CBA3B3-5BD3-40CA-84FB-DBC4A4EFF173} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-23] (Microsoft Corporation)
Task: {9B6840E8-5F1B-4C01-9379-63AFE59EE5F1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-09-16] (Dropbox, Inc.)
Task: {ACFE5FA1-2663-4923-9B9D-93DC7161F763} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-04-29] (Microsoft Corporation)
Task: {B0DA6426-033B-4929-885A-C9DCA2FA471D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-09-16] (Dropbox, Inc.)
Task: {B15AEE9F-2B91-4D71-9BB7-C801C3332DD5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_pepper.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {B9E4A4DB-56EF-4714-A073-E638027FBC46} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2018-03-13] (COMODO)
Task: {BA2FA811-59DA-4251-B68E-ACCA9BB3D1DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-16] (Google Inc.)
Task: {BC9C85FC-0E83-472C-BB60-F5817B053AD4} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [2017-02-02] (HP Inc.)
Task: {C30F670B-5981-4220-A854-6C0557F1D12F} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2018-03-13] (COMODO)
Task: {C7C293F2-F3B7-42D4-A358-BD07821DC880} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-02-07] (HP Inc.)
Task: {DB3A0CD2-82FC-4A71-9196-7FB2F4424103} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {DF57355D-C2C4-4A2B-8D68-9349BDF18EC9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-04-29] (Microsoft Corporation)
Task: {F6698FB9-6DFA-41BE-ACA7-204D04BE5119} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-10-13] (Intel(R) Corporation)
Task: {F741F3D8-CB9F-46A8-9258-AB818E0CEFC3} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {FA4C50B2-23EE-4AE9-9E2C-1CF7542AD084} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {FBF11834-83F3-41EC-BEB4-F5AC74B11140} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-11] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForsonge.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=priceline&refclickid=square

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 07:41 - 2017-09-29 07:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-29 07:41 - 2017-09-29 07:41 - 000419840 _____ () c:\windows\system32\SSDM.dll
2017-08-29 06:57 - 2018-03-13 11:18 - 000160960 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2017-08-29 06:56 - 2018-03-13 11:17 - 000107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2017-08-29 06:56 - 2018-03-13 11:17 - 000244416 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2017-02-01 12:50 - 2017-02-01 12:50 - 000459264 _____ () C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
2018-03-19 21:25 - 2018-02-21 18:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-19 21:24 - 2018-02-21 18:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-04-26 21:23 - 2018-04-26 21:24 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-04-26 21:23 - 2018-04-26 21:24 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-04-26 21:23 - 2018-04-26 21:24 - 022320128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-04-26 21:23 - 2018-04-26 21:24 - 002603008 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\skypert.dll
2018-04-26 21:23 - 2018-04-26 21:24 - 000657408 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-05-02 20:46 - 2018-04-25 21:14 - 004443992 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\libglesv2.dll
2018-05-02 20:46 - 2018-04-25 21:14 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\libegl.dll
2017-07-20 17:03 - 2017-09-07 02:39 - 000073920 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2018-05-05 11:16 - 2018-05-05 11:17 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-05-05 11:16 - 2018-05-05 11:17 - 066466304 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-05-05 11:16 - 2018-05-05 11:17 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-05-05 11:16 - 2018-05-05 11:17 - 004173312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-05-05 11:16 - 2018-05-05 11:17 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-05-05 11:16 - 2018-05-05 11:17 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2017-09-29 19:12 - 2017-09-29 19:13 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-03-29 21:51 - 2018-03-29 21:53 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-05-05 11:16 - 2018-05-05 11:17 - 015563776 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-05-05 11:16 - 2018-05-05 11:17 - 004018176 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-05-05 11:16 - 2018-05-05 11:17 - 003281920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-05 11:16 - 2018-05-05 11:17 - 001386496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-02-04 14:24 - 2018-02-04 14:25 - 004601048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-05 11:16 - 2018-05-05 11:17 - 000094208 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\BendRealityNode.dll
2018-05-05 11:16 - 2018-05-05 11:17 - 000878080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-03-29 21:51 - 2018-03-29 21:53 - 000043008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-05-05 11:16 - 2018-05-05 11:17 - 000165888 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\SKU.dll
2018-05-05 11:16 - 2018-05-05 11:17 - 000038912 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\ExploreModel.dll
2018-05-05 11:16 - 2018-05-05 11:17 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\ImageDecoding.dll
2018-02-21 16:21 - 2018-02-21 16:21 - 000153088 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\ac7f29387efc85060f3f967eed21ac95\BRIDGECommon.ni.dll
2018-02-21 16:24 - 2018-02-21 16:24 - 000326144 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\e8a150bf15a0467b2e89dd2be0ef7225\CleanStartController.ni.dll
2018-02-21 16:24 - 2018-02-21 16:24 - 000116736 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\b7fbc3ebf83e8983de95b597d5e3c590\BridgeExtension.ni.dll
2018-04-25 21:56 - 2018-04-23 04:15 - 000866120 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-04-25 21:56 - 2018-04-23 04:15 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-04-11 23:23 - 2018-04-23 04:15 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2018-04-11 23:23 - 2018-04-23 04:15 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2018-04-11 23:23 - 2018-04-23 04:16 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2018-04-11 23:23 - 2018-04-23 04:15 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2018-04-11 23:23 - 2018-04-23 04:15 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2018-04-11 23:23 - 2018-04-23 04:15 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-04-25 21:56 - 2018-04-23 04:15 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-04-25 21:56 - 2018-04-23 04:15 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2018-04-11 23:23 - 2018-04-23 04:15 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2018-04-11 23:23 - 2018-04-23 04:17 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2018-04-11 23:23 - 2018-04-23 04:15 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-04-25 21:56 - 2018-04-23 04:15 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2018-04-25 21:56 - 2018-04-23 04:15 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2018-04-11 23:23 - 2018-04-23 04:15 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2018-04-11 23:23 - 2018-04-23 04:15 - 000114136 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-04-11 23:23 - 2018-04-23 04:16 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2018-04-11 23:23 - 2018-04-23 04:17 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2018-04-11 23:23 - 2018-04-23 04:15 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2018-04-11 23:23 - 2018-04-23 04:15 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2018-04-11 23:23 - 2018-04-23 04:15 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2018-04-11 23:23 - 2018-04-23 04:15 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2018-04-11 23:23 - 2018-04-23 04:15 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2018-04-11 23:23 - 2018-04-23 04:15 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2018-04-11 23:23 - 2018-04-23 04:15 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2018-04-11 23:23 - 2018-04-23 04:17 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2018-04-11 23:23 - 2018-04-23 04:17 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-04-11 23:23 - 2018-04-23 04:15 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-04-11 23:23 - 2018-04-23 04:15 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2018-04-11 23:23 - 2018-04-23 04:17 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2018-04-11 23:23 - 2018-04-23 04:15 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2018-04-11 23:23 - 2018-04-23 04:17 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2018-04-11 23:23 - 2018-04-23 04:15 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2018-04-11 23:23 - 2018-04-23 04:17 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2018-04-11 23:23 - 2018-04-23 04:17 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2018-04-11 23:23 - 2018-04-23 04:17 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2018-04-11 23:23 - 2018-04-23 04:17 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2018-04-11 23:23 - 2018-04-23 04:15 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2018-04-11 23:23 - 2018-04-23 04:17 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-04-25 21:56 - 2018-04-23 04:15 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-04-25 21:56 - 2018-04-23 04:16 - 000032608 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2018-04-25 21:56 - 2018-04-23 04:15 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-04-11 23:23 - 2018-04-23 04:17 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-04-11 23:23 - 2018-04-23 04:17 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-04-25 21:56 - 2018-04-23 04:16 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-04-11 23:23 - 2018-04-23 04:17 - 000087904 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2018-04-11 23:23 - 2018-04-23 04:17 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2018-04-25 21:56 - 2018-04-23 04:16 - 000038216 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd
2017-05-23 11:13 - 2017-11-26 22:01 - 001452728 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\ClientTelemetry.dll
2017-05-23 11:11 - 2018-03-07 18:09 - 000294056 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\IEAWSDC.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 15:03 - 2017-03-18 15:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2895219947-52399620-1358840524-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\songe\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\spring-flowers-growing-1366x768-13141629.jpg
DNS Servers: 192.168.0.1 - 205.171.2.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==
 
Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=================================

I don't see much here but let's double check.

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
redtarget.gif
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
redtarget.gif
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
 
RogueKiller V12.12.16.0 (x64) [May 4 2018] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.16299) 64 bits version
Started in : Normal mode
User : songe [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 05/06/2018 22:50:11 (Duration : 00:38:47)
Switches : -refid

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 14 ¤¤¤
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://hp17win10.msn.com/?pc=HCTE -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://hp17win10.msn.com/?pc=HCTE -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://hp17win10.msn.com/?pc=HCTE -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://hp17win10.msn.com/?pc=HCTE -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://hp17win10.msn.com/?pc=HCTE -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://hp17win10.msn.com/?pc=HCTE -> Replaced (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://hp17win10.msn.com/?pc=HCTE -> Replaced (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://hp17win10.msn.com/?pc=HCTE -> Replaced (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2895219947-52399620-1358840524-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://hp17win10.msn.com/?pc=HCTE -> Replaced (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2895219947-52399620-1358840524-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://hp17win10.msn.com/?pc=HCTE -> Replaced (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://hp17win10.msn.com/?pc=HCTE -> Replaced (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://hp17win10.msn.com/?pc=HCTE -> Replaced (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{b730547a-92ca-4653-b0c1-34d1cdba4996} | DhcpNameServer : 172.168.0.5 ([United States]) -> Replaced ()
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {CB5776D0-99DE-4DBE-9D12-7EAC652155F5} : v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\songe\AppData\Local\Temp\7zS478C\HP.EasyStart.exe|Name=HP EasyStart|Desc=Allow HP EasyStart| [x] -> Deleted

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST1000LM035-1RK172 +++++
--- User ---
[MBR] 5563ee86216a1c21e78cfa8297c1cea8
[BSP] 6a3125a7f090a24988d63ba5cae1a61d : Unknown MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 260 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 534528 | Size: 16 MB
2 - Basic data partition | Offset (sectors): 567296 | Size: 939354 MB
3 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1924364288 | Size: 980 MB
4 - [SYSTEM] Basic data partition | Offset (sectors): 1926371328 | Size: 13252 MB
User = LL1 ... OK
User = LL2 ... OK
 
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 5/7/18
Scan Time: 12:17 AM
Log File: 6078e0f6-51be-11e8-b649-30e1713090e9.json
Administrator: Yes

-Software Information-
Version: 3.4.5.2467
Components Version: 1.0.342
Update Package Version: 1.0.5014
License: Trial

-System Information-
OS: Windows 10 (Build 16299.371)
CPU: x64
File System: NTFS
User: DESKTOP-NSCE1AL\songe

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 284362
Threats Detected: 34
Threats Quarantined: 34
Time Elapsed: 3 min, 15 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 12
PUP.Optional.Spigot, C:\USERS\SONGE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Extension Settings\ampibhepipjeidadlneckcjabgafigja, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\_locales\en, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\html\popup, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\_metadata, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\js\popup, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\_locales, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\newtab, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\html, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\css, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\js, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\USERS\SONGE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\AMPIBHEPIPJEIDADLNECKCJABGAFIGJA, Quarantined, [173], [449620],1.0.5014

File: 22
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ampibhepipjeidadlneckcjabgafigja\000003.log, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ampibhepipjeidadlneckcjabgafigja\CURRENT, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ampibhepipjeidadlneckcjabgafigja\LOCK, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ampibhepipjeidadlneckcjabgafigja\LOG, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ampibhepipjeidadlneckcjabgafigja\LOG.old, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ampibhepipjeidadlneckcjabgafigja\MANIFEST-000001, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\USERS\SONGE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\USERS\SONGE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\USERS\SONGE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\AMPIBHEPIPJEIDADLNECKCJABGAFIGJA\6.8_0\MANIFEST.JSON, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\css\description.css, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\css\popup.css, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\html\popup\description.html, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\html\popup\popup.html, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\js\userNewTab.js, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\newtab\quicktab.html, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\_locales\en\messages.json, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\_metadata\verified_contents.json, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\after.js, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\background.js, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\chromeRestore.js, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\contentscript.js, Quarantined, [173], [449620],1.0.5014
PUP.Optional.Spigot, C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ampibhepipjeidadlneckcjabgafigja\6.8_0\icon.png, Quarantined, [173], [449620],1.0.5014

Physical Sector: 0
(No malicious items detected)


(end)
 
# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-05-02.2
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-07-2018
# Duration: 00:00:03
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Ask
Not Deleted AOL

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

  • Double click to run it.
  • Make sure you checkmark Addition.txt box.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.05.2018
Ran by songe (12-05-2018 13:40:50)
Running from C:\Users\songe\Downloads
Windows 10 Home Version 1709 16299.431 (X64) (2018-01-07 05:04:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2895219947-52399620-1358840524-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2895219947-52399620-1358840524-503 - Limited - Disabled)
Guest (S-1-5-21-2895219947-52399620-1358840524-501 - Limited - Disabled)
songe (S-1-5-21-2895219947-52399620-1358840524-1001 - Administrator - Enabled) => C:\Users\songe
WDAGUtilityAccount (S-1-5-21-2895219947-52399620-1358840524-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: COMODO Antivirus (Enabled - Up to date) {08B84BA8-CC77-5A8B-A100-3F522B1B6106}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Advanced Protection (Enabled - Up to date) {B3D9AA4C-EA4D-5505-9BB0-0420509C2BBB}
FW: COMODO Firewall (Enabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Barn Yarn Collector's Edition (HKLM-x32\...\WTA-c9ed4711-1b6f-4c6b-8f3d-adef2c58d28f) (Version: 3.0.2.48 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
COMODO Internet Security Premium (HKLM\...\{4F6FC44D-AE9F-472B-8F00-B8388BC9AA04}) (Version: 10.2.0.6526 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 10.2.0.6526 - COMODO Security Solutions Inc.)
COMODO Secure Shopping (HKLM-x32\...\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA442656}) (Version: 1.3.138.0 - COMODO) Hidden
COMODO Secure Shopping (HKLM-x32\...\Comodo Secure_Shopping_list_uninstall) (Version: 1.3.442656.138 - Comodo)
Dropbox (HKLM-x32\...\Dropbox) (Version: 49.4.68 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.139 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM-x32\...\{8F183B2E-D21D-4070-8132-DD39C3CBFA5C}) (Version: 6.0.41.1 - HP)
HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)
HP CoolSense (HKLM-x32\...\{20CC03C7-7B48-4130-B7FA-39BC128E3A9E}) (Version: 2.21.5 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.21 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{23D5C1E8-0442-4D70-9280-927EF36657CB}) (Version: 1.1.0.378 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{81CA40FD-E11B-4DC1-AE33-A71EB044B8B7}) (Version: 1.1.275.0 - HP Inc.)
HP Orbit (HKLM-x32\...\{82b971c1-85fa-4c53-ada1-4ec6be0c0c8a}) (Version: 3.5.171.271 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.6.18.11 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{00612F78-52C4-46C0-97F0-F50B6036B5E2}) (Version: 12.9.18.3 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{1BB20774-0FA8-4CFF-AB69-7B7AAE2DCE6C}) (Version: 1.4.19 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{099DAD2B-56C5-4919-9F82-418C2A018CAE}) (Version: 1.1.18.1 - HP)
Intel(R) Chipset Device Software (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11003.3588 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1047 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1643.1 - Intel Corporation)
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.1.22 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{A9BCF224-9E30-4BFD-8917-2990841F6A87}) (Version: 19.50.0 - Intel Corporation)
Intel® Integrated Sensor Solution (HKLM-x32\...\{b3782b53-1b6c-436a-b0f0-f65d83ae74d9}) (Version: 3.0.30.1119 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{185db067-38cd-4521-a43e-c39b96ee1389}) (Version: 19.50.1 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.3.438464.135 - Comodo)
ISS_Drivers_x64 (HKLM\...\{6F91DCD1-30DB-449C-AE79-6948BEB15825}) (Version: 3.0.30.1119 - Intel Corporation) Hidden
Letter Quest - Grimm's Journey (HKLM-x32\...\WTA-7eaf260a-4e53-46b4-9383-a3bf7a3616c3) (Version: 3.0.2.118 - WildTangent) Hidden
Malwarebytes version 3.4.5.2467 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.5.2467 - Malwarebytes)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.9226.2114 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2895219947-52399620-1358840524-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2895219947-52399620-1358840524-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05122018133259349\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mystika 2 (HKLM-x32\...\WTA-e5b14bce-4777-484d-8af2-cf7b8fbf5770) (Version: 1.1.2.4 - WildTangent) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9226.2114 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2114 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9226.2114 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.9226.2114 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21296 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.13.1223.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8105 - Realtek Semiconductor Corp.)
RogueKiller version 12.12.16.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.16.0 - Adlice Software)
Runefall (HKLM-x32\...\WTA-37102008-8636-4956-8257-58088279094b) (Version: 3.0.2.126 - WildTangent) Hidden
Sparkle 2 (HKLM-x32\...\WTA-2ce03d31-63c9-431a-8b6a-fe805a904b7b) (Version: 3.0.2.51 - WildTangent) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1258 - SUPERAntiSpyware.com)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.0.28 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.1.1.14 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-13] (COMODO)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-13] (COMODO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.21.0.dll [2018-05-04] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igfxDTCM.dll [2017-11-03] (Intel Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-13] (COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04C40D08-C53D-4089-ADC0-46D2F538FBD8} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {09CCAA6A-7495-47B7-BFE3-943E4BC9CE39} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {0F245120-7B51-49AD-A044-AF69FA4D156C} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [2017-02-01] ()
Task: {1FADCCB0-FB49-4757-9CAE-7C2F3B368300} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [2017-01-12] (HP Development Company, L.P.)
Task: {2766C5B0-A6E7-4D5C-B8BA-78B52F21B707} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {2A9F20FD-E00B-473A-9DF4-D72FC059BF75} - System32\Tasks\HPCeeScheduleForsonge => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {33609C6D-3F53-47B4-936C-7AF54AC08449} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {35383491-FA9F-42EA-A709-8712CF6A99A8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-23] (Microsoft Corporation)
Task: {41CD4323-4F8B-4DC3-A016-EB11718C5FF7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-04-29] (Microsoft Corporation)
Task: {602FD9BB-B6C0-4CF2-8DCD-503276105551} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {66C8E07D-4719-43EE-9068-2D895F840F32} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-02-07] (HP Inc.)
Task: {72884BD7-1C08-4143-98C0-195A2EF50184} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-16] (Google Inc.)
Task: {734D2852-A2CD-4F1A-96D5-9354A157FFB6} - System32\Tasks\SUPERAntiSpyware Scheduled Task f5e50bd1-a360-4818-81af-91fc5aefdf7a => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {786756C2-0B25-49D7-9642-BA0CB4DD924D} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-12-06] (HP Inc.)
Task: {79B54E7E-BC88-48F0-8DE2-B350390F004B} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2018-03-13] (COMODO)
Task: {7A898AEC-5A73-4457-9614-528E87D8712A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN772290D0 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-02-07] (HP Inc.)
Task: {84406447-1EDC-48C5-8313-171913A573E9} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {8F0FEEC4-E151-4208-9D5F-0C7FB39B7341} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {90032862-CA94-4214-9CC2-0673C44202F4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-03-07] (HP Inc.)
Task: {92C18554-831A-4766-BE0E-E2F7C61890D7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {98CBA3B3-5BD3-40CA-84FB-DBC4A4EFF173} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-23] (Microsoft Corporation)
Task: {9B6840E8-5F1B-4C01-9379-63AFE59EE5F1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-09-16] (Dropbox, Inc.)
Task: {ACFE5FA1-2663-4923-9B9D-93DC7161F763} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-04-29] (Microsoft Corporation)
Task: {B0DA6426-033B-4929-885A-C9DCA2FA471D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-09-16] (Dropbox, Inc.)
Task: {B15AEE9F-2B91-4D71-9BB7-C801C3332DD5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_pepper.exe [2018-05-08] (Adobe Systems Incorporated)
Task: {B9E4A4DB-56EF-4714-A073-E638027FBC46} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2018-03-13] (COMODO)
Task: {BA2FA811-59DA-4251-B68E-ACCA9BB3D1DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-16] (Google Inc.)
Task: {BC9C85FC-0E83-472C-BB60-F5817B053AD4} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [2017-02-02] (HP Inc.)
Task: {C30F670B-5981-4220-A854-6C0557F1D12F} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2018-03-13] (COMODO)
Task: {C7C293F2-F3B7-42D4-A358-BD07821DC880} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-02-07] (HP Inc.)
Task: {DB3A0CD2-82FC-4A71-9196-7FB2F4424103} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {DF57355D-C2C4-4A2B-8D68-9349BDF18EC9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-04-29] (Microsoft Corporation)
Task: {E8D356C2-4FE1-4E64-9612-C049329A00E4} - System32\Tasks\SUPERAntiSpyware Scheduled Task 8f07549c-983a-4456-b80d-93c3e27566ce => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {F6698FB9-6DFA-41BE-ACA7-204D04BE5119} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-10-13] (Intel(R) Corporation)
Task: {F741F3D8-CB9F-46A8-9258-AB818E0CEFC3} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {FA4C50B2-23EE-4AE9-9E2C-1CF7542AD084} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {FBF11834-83F3-41EC-BEB4-F5AC74B11140} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-08] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForsonge.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 8f07549c-983a-4456-b80d-93c3e27566ce.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task f5e50bd1-a360-4818-81af-91fc5aefdf7a.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=priceline&refclickid=square

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 07:41 - 2017-09-29 07:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-05-07 00:16 - 2018-03-12 15:09 - 002300192 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-05-07 00:16 - 2018-03-27 13:47 - 002492704 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-08-29 06:57 - 2018-03-13 11:18 - 000160960 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2017-08-29 06:56 - 2018-03-13 11:17 - 000107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2017-08-29 06:56 - 2018-03-13 11:17 - 000244416 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2017-07-20 17:03 - 2017-09-07 02:39 - 000073920 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2017-02-01 12:50 - 2017-02-01 12:50 - 000459264 _____ () C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
2018-03-19 21:25 - 2018-02-21 18:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-19 21:24 - 2018-02-21 18:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-04-26 21:23 - 2018-04-26 21:24 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-04-26 21:23 - 2018-04-26 21:24 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-04-26 21:23 - 2018-04-26 21:24 - 022320128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-04-26 21:23 - 2018-04-26 21:24 - 002603008 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\skypert.dll
2018-04-26 21:23 - 2018-04-26 21:24 - 000657408 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-05-02 20:46 - 2018-04-25 21:14 - 004443992 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\libglesv2.dll
2018-05-02 20:46 - 2018-04-25 21:14 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\libegl.dll
2018-05-09 22:07 - 2018-05-04 12:06 - 000863048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-05-09 22:07 - 2018-05-04 12:06 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-05-09 22:09 - 2018-05-04 12:04 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2018-05-09 22:08 - 2018-05-04 12:04 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2018-05-09 22:08 - 2018-05-04 12:09 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2018-05-09 22:09 - 2018-05-04 12:04 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2018-05-09 22:08 - 2018-05-04 12:04 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-05-09 22:07 - 2018-05-04 12:07 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2018-05-09 22:09 - 2018-05-04 12:04 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-05-09 22:07 - 2018-05-04 12:07 - 001845600 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-05-09 22:07 - 2018-05-04 12:07 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-05-09 22:08 - 2018-05-04 12:04 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-05-09 22:08 - 2018-05-04 12:06 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2018-05-09 22:08 - 2018-05-04 12:04 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2018-05-09 22:09 - 2018-05-04 12:09 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-05-09 22:07 - 2018-05-04 12:08 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2018-05-09 22:08 - 2018-05-04 12:04 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-05-09 22:07 - 2018-05-04 12:08 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-05-09 22:08 - 2018-05-04 12:06 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2018-05-09 22:08 - 2018-05-04 12:04 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2018-05-09 22:07 - 2018-05-04 12:04 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2018-05-09 22:08 - 2018-05-04 12:04 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2018-05-09 22:08 - 2018-05-04 12:04 - 000114136 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-05-09 22:08 - 2018-05-04 12:09 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2018-05-09 22:09 - 2018-05-04 12:09 - 000028000 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2018-05-09 22:08 - 2018-05-04 12:04 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2018-05-09 22:08 - 2018-05-04 12:04 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2018-05-09 22:08 - 2018-05-04 12:04 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2018-05-09 22:08 - 2018-05-04 12:04 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2018-05-09 22:08 - 2018-05-04 12:04 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2018-05-09 22:08 - 2018-05-04 12:04 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-05-09 22:07 - 2018-05-04 12:07 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2018-05-09 22:09 - 2018-05-04 12:09 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-05-09 22:07 - 2018-05-04 12:07 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2018-05-09 22:09 - 2018-05-04 12:09 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-05-09 22:08 - 2018-05-04 12:08 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-05-09 22:08 - 2018-05-04 12:04 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-05-09 22:08 - 2018-05-04 12:08 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2018-05-09 22:08 - 2018-05-04 12:08 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-05-09 22:08 - 2018-05-04 12:04 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2018-05-09 22:08 - 2018-05-04 12:08 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-05-09 22:08 - 2018-05-04 12:08 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-05-09 22:08 - 2018-05-04 12:08 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-05-09 22:08 - 2018-05-04 12:08 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-05-09 22:08 - 2018-05-04 12:08 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-05-09 22:08 - 2018-05-04 12:08 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-05-09 22:08 - 2018-05-04 12:08 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2018-05-09 22:09 - 2018-05-04 12:09 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2018-05-09 22:08 - 2018-05-04 12:04 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2018-05-09 22:09 - 2018-05-04 12:09 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2018-05-09 22:08 - 2018-05-04 12:04 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2018-05-09 22:09 - 2018-05-04 12:09 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2018-05-09 22:09 - 2018-05-04 12:09 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2018-05-09 22:09 - 2018-05-04 12:09 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2018-05-09 22:09 - 2018-05-04 12:09 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-05-09 22:07 - 2018-05-04 12:07 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2018-05-09 22:09 - 2018-05-04 12:04 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2018-05-09 22:08 - 2018-05-04 12:08 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2018-05-09 22:09 - 2018-05-04 12:09 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-05-09 22:07 - 2018-05-04 12:08 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-05-09 22:07 - 2018-05-04 12:06 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-05-09 22:07 - 2018-05-04 12:07 - 000032608 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2018-05-09 22:07 - 2018-05-04 12:06 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-05-09 22:09 - 2018-05-04 12:09 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-05-09 22:07 - 2018-05-04 12:07 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-05-09 22:08 - 2018-05-04 12:09 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-05-09 22:07 - 2018-05-04 12:08 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-05-09 22:07 - 2018-05-04 12:08 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-05-09 22:09 - 2018-05-04 12:09 - 000087904 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2018-05-09 22:09 - 2018-05-04 12:09 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-05-09 22:08 - 2018-05-04 12:08 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-05-09 22:08 - 2018-05-04 12:08 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.05.2018
Ran by songe (administrator) on DESKTOP-NSCE1AL (12-05-2018 13:35:54)
Running from C:\Users\songe\Downloads
Loaded Profiles: songe & (Available Profiles: songe)
Platform: Windows 10 Home Version 1709 16299.431 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igfxCUIService.exe
(HP) C:\Windows\System32\HP3DDGService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\IntelCpHDCPSvc.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(COMODO) C:\Program Files (x86)\Comodo\COMODO Secure Shopping\csssrv64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentask.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngentask.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
() C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igfxEM.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.16299.428_none_1704c21831ffb4a8\TiWorker.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.9226.2126\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\internet explorer\ielowutil.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9192960 2017-04-06] (Realtek Semiconductor)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2208448 2018-03-13] (COMODO)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [1062392 2017-03-15] (HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324488 2016-08-02] (HP)
HKLM-x32\...\Run: [vdcss] => C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe [8511152 2018-03-06] (COMODO)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4072376 2018-01-17] (COMODO)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3643712 2018-05-04] (Dropbox, Inc.)
HKU\S-1-5-21-2895219947-52399620-1358840524-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [8887216 2018-03-22] (SUPERAntiSpyware)
HKU\S-1-5-21-2895219947-52399620-1358840524-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05122018133259349\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [8887216 2018-03-22] (SUPERAntiSpyware)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{b3ec2d44-eace-4383-b00f-2dacc9f81f69}: [DhcpNameServer] 192.168.0.1 205.171.2.25

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-2895219947-52399620-1358840524-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-2895219947-52399620-1358840524-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05122018133259349\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
SearchScopes: HKLM -> {1C9A15F2-CD0A-4D1D-A66A-364C58CCFB87} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {1C9A15F2-CD0A-4D1D-A66A-364C58CCFB87} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2895219947-52399620-1358840524-1001 -> {1C9A15F2-CD0A-4D1D-A66A-364C58CCFB87} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2895219947-52399620-1358840524-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05122018133259349 -> {1C9A15F2-CD0A-4D1D-A66A-364C58CCFB87} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho64.dll [2018-03-06] (COMODO)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-04-29] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06] (HP Inc.)
BHO-x32: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [2018-03-06] (COMODO)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-29] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-07] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-11-22] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-22] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default [2018-05-12]
CHR Extension: (Slides) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Docs) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Google Drive) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-16]
CHR Extension: (YouTube) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-16]
CHR Extension: (Adobe Acrobat) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-04-10]
CHR Extension: (Sheets) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Google Docs Offline) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-16]
CHR Extension: (Chrome Media Router) - C:\Users\songe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-05]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8566440 2018-04-23] (Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11395096 2018-03-13] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2018-03-13] (COMODO)
R2 csssrv; C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe [4199088 2018-03-06] (COMODO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-09-16] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-09-16] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-05-04] (Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2218552 2017-03-17] (Intel Corporation)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-11-22] (WildTangent)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
S2 HP Orbit Service; C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe [3421616 2017-06-20] (HP Inc.)
R2 hp3ddgsrv; C:\WINDOWS\system32\HP3DDGService.exe [130072 2017-10-03] (HP)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-04-03] (HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656 2018-05-02] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [630776 2017-02-06] (HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515768 2017-04-13] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel(R) Corporation)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1199544 2018-01-17] (COMODO)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2016-12-19] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136 2018-03-27] (Malwarebytes)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324600 2017-04-06] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [54296 2017-10-03] (HP)
R1 cmdcss; C:\WINDOWS\system32\drivers\cmdcss.sys [125000 2018-02-28] (COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [44056 2018-02-01] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [830448 2018-02-01] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50768 2018-02-01] (COMODO)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [72584 2017-03-17] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [67976 2017-03-17] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [355208 2017-03-17] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [76192 2018-03-19] ()
R3 HID_PCI; C:\WINDOWS\System32\drivers\HID_PCI.sys [31328 2016-08-10] (Intel)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [40472 2017-10-03] (HP)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [174600 2017-04-13] (Intel Corporation)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [133896 2018-02-01] (COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63200 2017-12-12] (COMODO)
R3 ISH; C:\WINDOWS\System32\drivers\ISH.sys [143984 2016-09-19] (Intel)
R3 ISH_BusDriver; C:\WINDOWS\System32\drivers\ISH_BusDriver.sys [80496 2016-08-18] (Intel)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193768 2018-05-07] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2018-05-10] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-05-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-05-10] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [102112 2018-05-12] (Malwarebytes)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7647232 2017-10-17] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [947712 2017-03-31] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [781792 2017-03-13] (Realsil Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [60504 2017-03-31] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated)
R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [42000 2017-03-31] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30368 2017-06-21] (HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-10 21:17 - 2018-05-01 15:25 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-05-10 21:17 - 2018-05-01 15:25 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-10 20:48 - 2018-05-10 20:48 - 002429977 _____ C:\Users\songe\Downloads\FRBA Summer BB Camp 2018 flyer.pptx
2018-05-09 22:45 - 2018-04-15 15:25 - 001430768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2018-05-09 22:45 - 2018-04-15 14:04 - 001342464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2018-05-09 22:45 - 2018-04-15 14:03 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-09 22:45 - 2018-04-15 14:02 - 001669120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-05-09 22:44 - 2018-05-03 01:57 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-09 22:44 - 2018-05-03 01:43 - 000373664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-09 22:44 - 2018-05-03 01:37 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-05-09 22:44 - 2018-05-03 01:37 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-05-09 22:44 - 2018-05-03 01:36 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-09 22:44 - 2018-05-03 01:36 - 000437664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-05-09 22:44 - 2018-05-03 00:31 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-09 22:44 - 2018-05-03 00:26 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-05-09 22:44 - 2018-05-03 00:19 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-09 22:44 - 2018-05-03 00:18 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-09 22:44 - 2018-05-03 00:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-05-09 22:44 - 2018-05-03 00:16 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-09 22:44 - 2018-05-03 00:16 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-09 22:44 - 2018-05-03 00:16 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-05-09 22:44 - 2018-05-03 00:16 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-09 22:44 - 2018-05-03 00:15 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-09 22:44 - 2018-05-03 00:12 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-05-09 22:44 - 2018-05-03 00:11 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-09 22:44 - 2018-05-03 00:09 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-09 22:44 - 2018-05-03 00:09 - 003405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-09 22:44 - 2018-05-03 00:09 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-09 22:44 - 2018-05-03 00:07 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-09 22:44 - 2018-05-03 00:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-05-09 22:44 - 2018-05-03 00:00 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-09 22:44 - 2018-05-03 00:00 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-05-09 22:44 - 2018-05-03 00:00 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-05-09 22:44 - 2018-05-02 23:59 - 018924544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-09 22:44 - 2018-05-02 23:58 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-09 22:44 - 2018-05-02 23:57 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-09 22:44 - 2018-05-02 23:57 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-09 22:44 - 2018-05-02 23:57 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-05-09 22:44 - 2018-05-02 23:56 - 002677248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-09 22:44 - 2018-05-02 23:56 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-05-09 22:44 - 2018-05-02 23:56 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-05-09 22:44 - 2018-05-02 23:55 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-09 22:44 - 2018-05-02 23:54 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-05-09 22:44 - 2018-05-02 23:53 - 006060544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-09 22:44 - 2018-05-02 23:53 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-09 22:44 - 2018-05-02 23:52 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-09 22:44 - 2018-05-02 23:52 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-09 22:44 - 2018-05-02 23:52 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-09 22:44 - 2018-05-02 23:51 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-09 22:44 - 2018-05-02 23:51 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-09 22:44 - 2018-05-02 23:48 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-05-09 22:44 - 2018-04-15 16:04 - 000779952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-05-09 22:44 - 2018-04-15 16:03 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-05-09 22:44 - 2018-04-15 15:57 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-05-09 22:44 - 2018-04-15 15:49 - 001954056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-05-09 22:44 - 2018-04-15 15:49 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-05-09 22:44 - 2018-04-15 15:47 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-05-09 22:44 - 2018-04-15 15:34 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-05-09 22:44 - 2018-04-15 15:33 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-05-09 22:44 - 2018-04-15 15:32 - 001416392 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-05-09 22:44 - 2018-04-15 15:26 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-09 22:44 - 2018-04-15 14:47 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-05-09 22:44 - 2018-04-15 14:47 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-05-09 22:44 - 2018-04-15 14:47 - 001490856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-05-09 22:44 - 2018-04-15 14:47 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-09 22:44 - 2018-04-15 14:47 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-05-09 22:44 - 2018-04-15 14:47 - 000311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-05-09 22:44 - 2018-04-15 14:38 - 001123464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-05-09 22:44 - 2018-04-15 14:34 - 006482664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-09 22:44 - 2018-04-15 14:15 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-05-09 22:44 - 2018-04-15 14:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-05-09 22:44 - 2018-04-15 14:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-05-09 22:44 - 2018-04-15 14:14 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-05-09 22:44 - 2018-04-15 14:14 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-05-09 22:44 - 2018-04-15 14:12 - 017160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-05-09 22:44 - 2018-04-15 14:12 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-05-09 22:44 - 2018-04-15 14:12 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-05-09 22:44 - 2018-04-15 14:10 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-09 22:44 - 2018-04-15 14:08 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-09 22:44 - 2018-04-15 14:08 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-09 22:44 - 2018-04-15 14:08 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-09 22:44 - 2018-04-15 14:07 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-09 22:44 - 2018-04-15 14:07 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2018-05-09 22:44 - 2018-04-15 14:07 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2018-05-09 22:44 - 2018-04-15 14:07 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-05-09 22:44 - 2018-04-15 14:06 - 011924480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-09 22:44 - 2018-04-15 14:06 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2018-05-09 22:44 - 2018-04-15 14:06 - 000377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-05-09 22:44 - 2018-04-15 14:05 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-05-09 22:44 - 2018-04-15 14:04 - 002523136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2018-05-09 22:44 - 2018-04-15 14:04 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-09 22:44 - 2018-04-15 14:04 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-05-09 22:44 - 2018-04-15 14:03 - 002741248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-05-09 22:44 - 2018-04-15 14:03 - 002413568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2018-05-09 22:44 - 2018-04-15 14:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-05-09 22:44 - 2018-04-15 14:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-05-09 22:44 - 2018-04-15 14:00 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-05-09 22:44 - 2018-04-15 14:00 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-05-09 22:43 - 2018-05-03 01:51 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-09 22:43 - 2018-05-03 01:50 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-09 22:43 - 2018-05-03 01:48 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-09 22:43 - 2018-05-03 01:47 - 008600472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-09 22:43 - 2018-05-03 01:45 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-09 22:43 - 2018-05-03 01:38 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-09 22:43 - 2018-05-03 01:36 - 000247200 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-05-09 22:43 - 2018-05-03 01:32 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-05-09 22:43 - 2018-05-03 00:36 - 025254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-09 22:43 - 2018-05-03 00:29 - 000285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-05-09 22:43 - 2018-05-03 00:28 - 000061024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-05-09 22:43 - 2018-05-03 00:18 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-05-09 22:43 - 2018-05-03 00:18 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-05-09 22:43 - 2018-05-03 00:16 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-09 22:43 - 2018-05-03 00:15 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-05-09 22:43 - 2018-05-03 00:14 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-09 22:43 - 2018-05-03 00:14 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-05-09 22:43 - 2018-05-03 00:13 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-05-09 22:43 - 2018-05-03 00:12 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-09 22:43 - 2018-05-03 00:12 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-05-09 22:43 - 2018-05-03 00:09 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-09 22:43 - 2018-05-03 00:09 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-09 22:43 - 2018-05-03 00:09 - 002784256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-09 22:43 - 2018-05-03 00:09 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-09 22:43 - 2018-05-03 00:08 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-09 22:43 - 2018-05-03 00:08 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-09 22:43 - 2018-05-03 00:05 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-05-09 22:43 - 2018-05-03 00:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-05-09 22:43 - 2018-05-02 23:50 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-09 22:43 - 2018-04-15 15:51 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-05-09 22:43 - 2018-04-15 15:50 - 001925760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-05-09 22:43 - 2018-04-15 15:48 - 001638424 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-09 22:43 - 2018-04-15 15:38 - 000979360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-05-09 22:43 - 2018-04-15 15:29 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-05-09 22:43 - 2018-04-15 15:23 - 001101208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-05-09 22:43 - 2018-04-15 14:47 - 001323336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-05-09 22:43 - 2018-04-15 14:37 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-05-09 22:43 - 2018-04-15 14:34 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-05-09 22:43 - 2018-04-15 14:16 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-05-09 22:43 - 2018-04-15 14:14 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-05-09 22:43 - 2018-04-15 14:13 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-05-09 22:43 - 2018-04-15 14:10 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-05-09 22:43 - 2018-04-15 14:10 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-05-09 22:43 - 2018-04-15 14:09 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-05-09 22:43 - 2018-04-15 14:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-05-09 22:43 - 2018-04-15 14:07 - 012689920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-09 22:43 - 2018-04-15 14:07 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-09 22:43 - 2018-04-15 14:07 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-05-09 22:43 - 2018-04-15 14:07 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2018-05-09 22:43 - 2018-04-15 14:06 - 013660672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-09 22:43 - 2018-04-15 14:06 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2018-05-09 22:43 - 2018-04-15 14:05 - 004113408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-05-09 22:43 - 2018-04-15 14:05 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2018-05-09 22:43 - 2018-04-15 14:04 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-09 22:43 - 2018-04-15 14:04 - 001236480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-05-09 22:43 - 2018-04-15 14:04 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2018-05-09 22:43 - 2018-04-15 14:04 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2018-05-09 22:43 - 2018-04-15 14:04 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2018-05-09 22:43 - 2018-04-15 14:03 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-05-09 22:43 - 2018-04-15 14:03 - 004248064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-05-09 22:43 - 2018-04-15 14:03 - 003287040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2018-05-09 22:43 - 2018-04-15 14:03 - 002976256 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-05-09 22:43 - 2018-04-15 14:03 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-09 22:43 - 2018-04-15 14:03 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-05-09 22:43 - 2018-04-15 14:03 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-05-09 22:43 - 2018-04-15 14:03 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2018-05-09 22:43 - 2018-04-15 14:03 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-05-09 22:43 - 2018-04-15 14:03 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-05-09 22:43 - 2018-04-15 14:03 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2018-05-09 22:43 - 2018-04-15 14:03 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2018-05-09 22:43 - 2018-04-15 14:03 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-05-09 22:43 - 2018-04-15 14:02 - 004814336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-05-09 22:43 - 2018-04-15 14:02 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2018-05-09 22:42 - 2018-05-03 01:48 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-05-09 22:42 - 2018-05-03 01:36 - 007675792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-09 22:42 - 2018-05-03 01:35 - 000358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-05-09 22:42 - 2018-05-03 01:34 - 021356824 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-09 22:42 - 2018-05-03 01:34 - 000070864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-05-09 22:42 - 2018-05-03 00:31 - 006092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-09 22:42 - 2018-05-03 00:25 - 020290248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-09 22:42 - 2018-05-03 00:17 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-05-09 22:42 - 2018-05-03 00:16 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-09 22:42 - 2018-05-03 00:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-05-09 22:42 - 2018-05-02 23:58 - 006467072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-05-09 22:42 - 2018-05-02 23:57 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-09 22:42 - 2018-04-15 16:07 - 001463344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-05-09 22:42 - 2018-04-15 15:48 - 005859248 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-05-09 22:42 - 2018-04-15 15:32 - 003904296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-05-09 22:42 - 2018-04-15 15:28 - 000688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-09 22:42 - 2018-04-15 14:38 - 003485392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-05-09 22:42 - 2018-04-15 14:10 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-05-09 22:42 - 2018-04-15 14:08 - 000859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2018-05-09 22:42 - 2018-04-15 14:08 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2018-05-09 22:42 - 2018-04-15 14:07 - 003367936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2018-05-09 22:42 - 2018-04-15 14:07 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-09 22:42 - 2018-04-15 14:07 - 000792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-05-09 22:42 - 2018-04-15 14:07 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-05-09 22:42 - 2018-04-15 14:06 - 000721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-05-09 22:42 - 2018-04-15 14:05 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2018-05-09 22:42 - 2018-04-15 14:04 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-09 22:42 - 2018-04-15 14:04 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2018-05-09 22:42 - 2018-04-15 14:04 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2018-05-09 22:42 - 2018-04-15 14:04 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2018-05-09 22:42 - 2018-04-15 14:04 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2018-05-09 22:42 - 2018-04-15 14:03 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-05-09 22:42 - 2018-04-15 14:03 - 002814976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-05-09 22:42 - 2018-04-15 14:03 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2018-05-09 22:42 - 2018-04-15 14:01 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-05-09 22:42 - 2018-04-15 14:00 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-05-09 22:42 - 2018-04-15 13:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2018-05-09 22:41 - 2018-05-03 01:56 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-05-09 22:41 - 2018-05-03 01:56 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-05-09 22:41 - 2018-05-03 01:54 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-05-09 22:41 - 2018-05-03 01:54 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-05-09 22:41 - 2018-05-03 01:53 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-09 22:41 - 2018-05-03 01:52 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-05-09 22:41 - 2018-05-03 01:52 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-09 22:41 - 2018-05-03 01:52 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-05-09 22:41 - 2018-05-03 01:50 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-05-09 22:41 - 2018-05-03 01:50 - 000423328 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-05-09 22:41 - 2018-05-03 01:50 - 000069536 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-05-09 22:41 - 2018-05-03 01:49 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-05-09 22:41 - 2018-05-03 01:48 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-05-09 22:41 - 2018-05-03 01:47 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-09 22:41 - 2018-05-03 01:45 - 000711936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-05-09 22:41 - 2018-05-03 01:41 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-05-09 22:41 - 2018-05-03 01:35 - 002472864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-05-09 22:41 - 2018-05-03 00:19 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-05-09 22:41 - 2018-05-03 00:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-09 22:41 - 2018-05-03 00:18 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-05-09 22:41 - 2018-04-15 15:38 - 003180720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-05-09 22:41 - 2018-04-15 15:30 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-05-09 22:41 - 2018-04-15 15:26 - 002711176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-09 22:41 - 2018-04-15 15:26 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-05-09 22:41 - 2018-04-15 14:35 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-05-09 22:41 - 2018-04-15 14:34 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-05-09 22:41 - 2018-04-15 14:34 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-05-09 22:41 - 2018-04-15 14:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2018-05-09 22:41 - 2018-04-15 14:11 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-05-09 22:41 - 2018-04-15 14:09 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_User.dll
2018-05-09 22:41 - 2018-04-15 14:07 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-05-09 22:41 - 2018-04-15 14:07 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-05-09 22:41 - 2018-04-15 14:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2018-05-09 22:41 - 2018-04-15 14:07 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2018-05-09 22:41 - 2018-04-15 14:05 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2018-05-09 22:41 - 2018-04-15 14:04 - 002490880 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2018-05-09 22:41 - 2018-04-15 14:04 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2018-05-09 22:41 - 2018-04-15 14:03 - 003177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-09 22:41 - 2018-04-15 14:03 - 002462208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2018-05-09 22:41 - 2018-04-15 14:03 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2018-05-09 22:41 - 2018-04-15 14:00 - 002223616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-05-09 22:40 - 2018-05-03 01:53 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-05-09 22:40 - 2018-05-03 01:48 - 000793960 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-09 22:40 - 2018-05-03 01:43 - 000702568 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2018-05-09 22:40 - 2018-05-03 00:44 - 000595448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2018-05-09 22:40 - 2018-05-03 00:43 - 000594056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-09 22:40 - 2018-05-03 00:39 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-05-09 22:40 - 2018-05-03 00:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-05-09 22:40 - 2018-05-03 00:16 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-09 22:40 - 2018-05-03 00:14 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-05-09 22:40 - 2018-05-03 00:13 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-05-09 22:40 - 2018-05-03 00:12 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-09 22:40 - 2018-05-03 00:09 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-09 22:40 - 2018-05-03 00:09 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-09 22:40 - 2018-05-03 00:09 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-05-09 22:40 - 2018-05-03 00:05 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-09 22:40 - 2018-05-02 23:53 - 007813120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-09 22:40 - 2018-05-02 23:48 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-09 22:40 - 2018-05-02 23:47 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-05-09 22:40 - 2018-04-15 15:49 - 000563632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-05-09 22:40 - 2018-04-15 15:33 - 001269616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-05-09 22:40 - 2018-04-15 15:29 - 001873944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2018-05-09 22:40 - 2018-04-15 15:25 - 000661920 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2018-05-09 22:40 - 2018-04-15 14:36 - 002386832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-05-09 22:40 - 2018-04-15 14:36 - 001575896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2018-05-09 22:40 - 2018-04-15 14:36 - 000832648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-05-09 22:40 - 2018-04-15 14:36 - 000543920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-09 22:40 - 2018-04-15 14:34 - 000077552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2018-05-09 22:40 - 2018-04-15 14:14 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-05-09 22:40 - 2018-04-15 14:12 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-05-09 22:40 - 2018-04-15 14:11 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-05-09 22:40 - 2018-04-15 14:10 - 001576960 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-05-09 22:40 - 2018-04-15 14:10 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-05-09 22:40 - 2018-04-15 14:10 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-05-09 22:40 - 2018-04-15 14:09 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-05-09 22:40 - 2018-04-15 14:08 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-05-09 22:40 - 2018-04-15 14:08 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2018-05-09 22:40 - 2018-04-15 14:08 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2018-05-09 22:40 - 2018-04-15 14:07 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2018-05-09 22:40 - 2018-04-15 14:07 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-05-09 22:40 - 2018-04-15 14:06 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-05-09 22:40 - 2018-04-15 14:05 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-05-09 22:40 - 2018-04-15 14:04 - 000997376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-05-09 22:40 - 2018-04-15 14:04 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-05-09 22:40 - 2018-04-15 14:04 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-05-09 22:40 - 2018-04-15 14:03 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-05-09 22:40 - 2018-04-15 14:03 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-05-09 22:40 - 2018-04-15 14:01 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2018-05-09 22:40 - 2018-04-15 14:01 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-05-09 22:40 - 2018-04-15 14:01 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2018-05-09 22:40 - 2018-04-15 14:00 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2018-05-09 22:40 - 2018-04-15 14:00 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2018-05-09 22:40 - 2017-11-26 07:26 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-05-09 22:39 - 2018-05-03 00:16 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-05-09 22:39 - 2018-05-03 00:06 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-05-09 22:39 - 2018-05-03 00:05 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2018-05-09 22:39 - 2018-05-02 23:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-05-09 22:39 - 2018-05-02 23:57 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-09 22:39 - 2018-05-02 23:53 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-09 22:39 - 2018-05-02 23:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-09 22:39 - 2018-05-02 23:49 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-05-09 22:39 - 2018-05-02 23:48 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2018-05-09 22:39 - 2018-04-15 15:29 - 000198440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2018-05-09 22:39 - 2018-04-15 15:25 - 000327008 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2018-05-09 22:39 - 2018-04-15 15:25 - 000092032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2018-05-09 22:39 - 2018-04-15 15:24 - 000063656 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2018-05-09 22:39 - 2018-04-15 14:38 - 000444280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-05-09 22:39 - 2018-04-15 14:34 - 000572312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2018-05-09 22:39 - 2018-04-15 14:34 - 000279472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2018-05-09 22:39 - 2018-04-15 14:34 - 000166408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2018-05-09 22:39 - 2018-04-15 14:34 - 000052248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2018-05-09 22:39 - 2018-04-15 14:15 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2018-05-09 22:39 - 2018-04-15 14:14 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-05-09 22:39 - 2018-04-15 14:14 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-05-09 22:39 - 2018-04-15 14:11 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-05-09 22:39 - 2018-04-15 14:11 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2018-05-09 22:39 - 2018-04-15 14:11 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2018-05-09 22:39 - 2018-04-15 14:10 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-05-09 22:39 - 2018-04-15 14:10 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-05-09 22:39 - 2018-04-15 14:10 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-05-09 22:39 - 2018-04-15 14:08 - 000627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2018-05-09 22:39 - 2018-04-15 14:08 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2018-05-09 22:39 - 2018-04-15 14:08 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2018-05-09 22:39 - 2018-04-15 14:08 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2018-05-09 22:39 - 2018-04-15 14:08 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-05-09 22:39 - 2018-04-15 14:07 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-05-09 22:39 - 2018-04-15 14:07 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-05-09 22:39 - 2018-04-15 14:07 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-05-09 22:39 - 2018-04-15 14:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-05-09 22:39 - 2018-04-15 14:06 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2018-05-09 22:39 - 2018-04-15 14:04 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-05-09 22:39 - 2018-04-15 14:02 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-05-09 22:39 - 2018-04-15 13:58 - 001472000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2018-05-09 22:38 - 2018-05-03 00:15 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\itircl.dll
2018-05-09 22:38 - 2018-05-03 00:03 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-05-09 22:38 - 2018-05-03 00:03 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-05-09 22:38 - 2018-05-02 23:57 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itircl.dll
2018-05-09 22:38 - 2018-04-15 14:14 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-05-09 22:38 - 2018-04-15 14:13 - 000084992 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-05-09 22:38 - 2018-04-15 14:12 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2018-05-09 22:38 - 2018-04-15 14:11 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2018-05-09 22:38 - 2018-04-15 14:11 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2018-05-09 22:38 - 2018-04-15 14:11 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-05-09 22:38 - 2018-04-15 14:10 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-05-09 22:38 - 2018-04-15 14:10 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2018-05-09 22:38 - 2018-04-15 14:10 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2018-05-09 22:38 - 2018-04-15 14:09 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-05-09 22:38 - 2018-04-15 14:09 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2018-05-09 22:38 - 2018-04-15 14:09 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2018-05-09 22:38 - 2018-04-15 14:08 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2018-05-09 22:38 - 2018-04-15 14:07 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-05-09 22:38 - 2018-04-15 14:07 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-05-09 22:38 - 2018-04-15 14:07 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2018-05-09 22:38 - 2018-04-15 14:06 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2018-05-09 22:38 - 2018-04-15 14:05 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-05-09 22:38 - 2018-04-15 14:03 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-05-09 22:38 - 2018-04-15 14:01 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-05-09 22:38 - 2018-04-15 14:01 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2018-05-09 22:38 - 2018-04-15 14:00 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-05-09 22:38 - 2018-04-15 14:00 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2018-05-09 22:38 - 2018-04-15 14:00 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2018-05-09 22:38 - 2018-04-15 14:00 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-05-09 22:38 - 2018-04-15 14:00 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-05-09 22:38 - 2018-04-15 14:00 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2018-05-09 22:38 - 2018-04-15 13:59 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2018-05-09 22:38 - 2018-04-15 13:59 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-05-09 22:09 - 2018-05-09 22:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-05-07 00:38 - 2018-05-07 00:38 - 000000000 ___HD C:\ProgramData\temp
2018-05-07 00:32 - 2018-05-07 00:36 - 000000000 ____D C:\AdwCleaner
2018-05-07 00:32 - 2018-05-07 00:32 - 007271632 _____ (Malwarebytes) C:\Users\songe\Downloads\AdwCleaner.exe
2018-05-07 00:24 - 2018-05-07 00:24 - 000007351 _____ C:\Users\songe\Documents\mbam.txt
2018-05-07 00:17 - 2018-05-12 13:32 - 000102112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-05-07 00:17 - 2018-05-10 21:16 - 000112864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-05-07 00:17 - 2018-05-10 21:16 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-05-07 00:17 - 2018-05-07 00:17 - 000193768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-05-07 00:16 - 2018-05-10 21:16 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-05-07 00:16 - 2018-05-07 00:16 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-05-07 00:16 - 2018-05-07 00:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-05-07 00:16 - 2018-05-07 00:16 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-05-07 00:16 - 2018-05-07 00:16 - 000000000 ____D C:\Program Files\Malwarebytes
2018-05-07 00:16 - 2018-03-19 12:57 - 000076192 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-05-06 23:46 - 2018-05-06 23:46 - 073524488 _____ (Malwarebytes ) C:\Users\songe\Downloads\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.5006.exe
2018-05-06 22:50 - 2018-05-06 22:50 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-05-06 22:48 - 2018-05-07 00:17 - 000000000 ____D C:\ProgramData\RogueKiller
2018-05-06 22:48 - 2018-05-06 22:48 - 000000906 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2018-05-06 22:48 - 2018-05-06 22:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-05-06 22:48 - 2018-05-06 22:48 - 000000000 ____D C:\Program Files\RogueKiller
2018-05-06 22:34 - 2018-05-06 22:34 - 036639176 _____ (Adlice Software ) C:\Users\songe\Downloads\RogueKiller_setup_ref3.exe
2018-05-05 20:05 - 2018-05-07 00:38 - 000000542 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task f5e50bd1-a360-4818-81af-91fc5aefdf7a.job
2018-05-05 20:05 - 2018-05-07 00:38 - 000000542 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 8f07549c-983a-4456-b80d-93c3e27566ce.job
2018-05-05 20:05 - 2018-05-05 20:05 - 000003782 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task f5e50bd1-a360-4818-81af-91fc5aefdf7a
2018-05-05 20:05 - 2018-05-05 20:05 - 000003700 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 8f07549c-983a-4456-b80d-93c3e27566ce
2018-05-05 20:04 - 2018-05-05 20:05 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2018-05-05 20:04 - 2018-05-05 20:04 - 000001856 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2018-05-05 20:04 - 2018-05-05 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2018-05-05 19:55 - 2018-05-05 19:57 - 000053156 _____ C:\Users\songe\Downloads\Addition.txt
2018-05-05 19:53 - 2018-05-12 13:38 - 000021050 _____ C:\Users\songe\Downloads\FRST.txt
2018-05-05 19:53 - 2018-05-12 13:35 - 000000000 ____D C:\Users\songe\Downloads\FRST-OlderVersion
2018-05-05 19:52 - 2018-05-12 13:35 - 002404864 _____ (Farbar) C:\Users\songe\Downloads\FRST64.exe
2018-05-05 19:52 - 2018-05-12 13:35 - 000000000 ____D C:\FRST
2018-05-04 12:06 - 2018-05-04 12:06 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-05-04 12:06 - 2018-05-04 12:06 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-05-04 12:06 - 2018-05-04 12:06 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-05-04 12:06 - 2018-05-04 12:06 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-05-03 08:34 - 2018-05-03 08:34 - 000000000 ____D C:\Users\songe\AppData\Local\ElevatedDiagnostics
2018-04-30 00:32 - 2018-05-07 00:35 - 000025896 _____ C:\Users\songe\Documents\Transcript.xlsx
2018-04-25 21:57 - 2018-04-25 21:57 - 000675401 _____ C:\Users\songe\Downloads\flyer (7).pdf
2018-04-19 10:39 - 2018-04-19 10:39 - 000011342 _____ C:\Users\songe\Downloads\3-1 TO 4-12 2018.xlsx
2018-04-15 21:30 - 2018-04-15 21:30 - 000031162 _____ C:\Users\songe\Downloads\The 80-20 Rule.pdf
2018-04-15 21:28 - 2018-04-15 21:28 - 000061982 _____ C:\Users\songe\Downloads\See Goal SMASH Goal.pdf
2018-04-15 21:26 - 2018-04-15 21:26 - 001914380 _____ C:\Users\songe\Downloads\Wake Up Do This!.pdf
2018-04-15 21:22 - 2018-04-15 21:22 - 000058167 _____ C:\Users\songe\Downloads\Parkinsons Law.pdf
2018-04-12 10:48 - 2018-04-12 10:48 - 000012912 _____ C:\Users\songe\Downloads\athlete_warm_up_jacket_2017_2018_results (3) (1).xlsx
2018-04-12 10:47 - 2018-04-12 10:47 - 000010969 _____ C:\Users\songe\Downloads\soccer warm up jacket order 2018.xlsx
 
==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-12 13:37 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-12 13:35 - 2018-01-06 22:57 - 000004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CA8BE191-1050-41F9-B70A-584B5F24C026}
2018-05-12 13:35 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-05-12 13:33 - 2017-09-16 22:05 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2018-05-12 13:31 - 2018-01-06 22:28 - 001174660 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-12 13:29 - 2018-01-06 22:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-10 21:20 - 2017-09-29 07:44 - 000000000 ____D C:\WINDOWS\INF
2018-05-10 21:19 - 2018-01-08 15:58 - 000000000 ___RD C:\Users\songe\3D Objects
2018-05-10 21:19 - 2017-03-17 21:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-10 21:18 - 2017-09-16 19:59 - 000000000 __SHD C:\Users\songe\IntelGraphicsProfiles
2018-05-10 21:16 - 2018-01-06 22:20 - 000396560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-10 21:15 - 2018-01-06 22:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-10 21:15 - 2017-09-18 09:56 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForsonge.job
2018-05-10 21:14 - 2017-09-29 02:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-05-10 21:11 - 2017-09-29 07:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-05-10 21:11 - 2017-09-29 07:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-05-10 21:11 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-05-10 21:11 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-10 21:11 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-05-10 21:11 - 2017-09-29 02:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-10 21:11 - 2017-09-29 02:45 - 000000000 ____D C:\WINDOWS\servicing
2018-05-10 21:10 - 2017-09-29 07:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-10 20:49 - 2018-01-06 22:30 - 000000000 ____D C:\Users\songe\AppData\Local\Packages
2018-05-10 20:13 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\rescache
2018-05-10 20:01 - 2017-09-29 07:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-10 19:57 - 2018-01-06 22:57 - 000003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForsonge
2018-05-10 19:49 - 2017-09-17 18:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-10 19:44 - 2017-10-11 22:11 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-10 19:43 - 2017-09-17 18:00 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-10 18:38 - 2017-09-29 07:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-09 23:10 - 2017-09-29 07:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-05-09 23:08 - 2017-09-29 07:41 - 000073112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-05-09 23:08 - 2017-09-29 07:41 - 000020888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-05-09 23:07 - 2017-09-29 07:41 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-05-09 22:11 - 2017-05-23 11:10 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-05-08 09:43 - 2018-01-06 22:57 - 000004600 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-05-08 09:43 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-05-08 09:43 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-05-06 23:28 - 2017-03-18 15:03 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-05-02 20:46 - 2017-09-16 20:46 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-02 20:46 - 2017-09-16 20:46 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-05-02 20:37 - 2018-01-06 22:57 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2895219947-52399620-1358840524-1001
2018-05-02 20:37 - 2017-09-16 20:12 - 000002370 _____ C:\Users\songe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-02 20:37 - 2017-09-16 20:12 - 000000000 ___RD C:\Users\songe\OneDrive
2018-04-29 20:18 - 2017-09-29 07:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-04-29 20:17 - 2017-05-23 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2018-04-29 20:16 - 2017-05-23 11:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-04-16 01:16 - 2017-09-29 07:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-04-16 01:16 - 2017-09-29 07:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-04-16 01:16 - 2017-09-29 07:46 - 000000000 ____D C:\WINDOWS\system32\appraiser

Some files in TEMP:
====================
2018-05-06 22:48 - 2018-03-13 01:02 - 001954048 _____ (Microsoft Corporation) C:\Users\songe\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-05 21:01

==================== End of FRST.txt ============================
 
Those are clean.

Last scans...

redtarget.gif
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run


redtarget.gif
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center
  • Windows Update
  • Windows Defender
  • Other Services

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.


redtarget.gif
Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


redtarget.gif
Download Sophos Free Virus Removal Tool and save it to your desktop.
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
 
Results of screen317's Security Check version 1.014 --- 12/23/15
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
Malwarebytes
COMODO Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Google Chrome (66.0.3359.139)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Comodo Firewall cmdagent.exe
Malwarebytes Anti-Malware mbamtray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
 
Farbar Service Scanner Version: 27-01-2016
Ran by songe (administrator) on 15-05-2018 at 19:05:26
Running from "C:\Users\songe\Downloads"
Microsoft Windows 10 Home (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
 
Your computer is clean

1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download
51a5ce45263de-delfix.png
DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:
  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create registry backup
  • Purge System Restore
  • Reset system settings
Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.

2. Make sure Windows Updates are current.

3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")

5. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

6. Run Temporary File Cleaner (TFC) and AdwCleaner weekly (you need to redownload these tools since they were removed by DelFix).

7. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

8. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

9. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642

10. Please, let me know, how your computer is doing.
 
You must log in or register to reply here.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
797
uber_beetle
uber_beetle
NonTechyDad
Solved Malware removal for my son's pc
2
Replies
33
Views
5K
Broni
Broni
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni

Latest posts

Back