1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

[Resolved] Blue Screen & Virus attacked

Discussion in 'Spyware, Adware, Viruses and Malware Removal' started by ramesh help, Jan 10, 2018.

  1. ramesh help

    ramesh help Established Techie7 Member

    Hi Broni,
    Its been sometime since i came here. I have followed the scans which you have thought long ago & managed to do alot of virus cleaning up.

    I am left on the Farbar Recovery Scan Tool FRST(FRST64) file. can you help me out on the fix file list? This is the balance to be done.
    *(note, i will not be active for 3 days travelling)*

    Everything below done:
    RogueKiller
    Malwarebytes
    AdwCleaner
    Junkware Removal Tool
    Farbar Recovery Scan Tool (FRST/FRST64)
    Security Check
    Farbar Service Scanner (FSS)
    Temp File Cleaner (TFC)

    Pending/not needed for now
    Sophos Free Virus Removal Tool

    Done updating
    Java version 32-bit out of Date!
     
  2. ramesh help

    ramesh help Established Techie7 Member

    FRST
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
    Ran by Home (administrator) on DESKTOP-AG9DEDH (10-01-2018 13:54:56)
    Running from C:\Users\Home\Downloads
    Loaded Profiles: Home (Available Profiles: Home)
    Platform: Windows 10 Home Version 1703 15063.850 (X64) Language: English (United Kingdom)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
    (Intel Corporation) C:\Windows\System32\ibtsiva.exe
    (Microsoft Corporation) C:\Windows\System32\Locator.exe
    (www.example.com) C:\Program Files (x86)\System Native\Main Services\amd\gservice.exe
    (Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\IntelCpHDCPSvc.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\igfxCUIService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\IntelCpHeciSvc.exe
    (Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\igfxEM.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE
    (Adlice Software) C:\Program Files\RogueKiller\RogueKiller64.exe
    (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-19] (Microsoft Corporation)
    HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297272 2017-12-11] (Apple Inc.)
    HKLM\...\Run: [SERVICE] => [X]
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2017-11-28] (Adobe Systems Inc.)
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\logon.scr
    Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-01-04]
    ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation)
    GroupPolicy: Restriction <==== ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    Tcpip\Parameters: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{2932496d-0bdb-11e7-a8ba-806e6f6e6963}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{2eed2ca6-62ae-4832-a2bc-797af511b181}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{3e8cd711-8c03-4497-b0a3-96439e127060}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{3e8cd711-8c03-4497-b0a3-96439e127060}: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{7a0aa4d2-5fbf-425e-bb39-0b8e87787ae0}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{89c7d9d2-b82d-4b12-a174-010c1c2aee99}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{be34f7d1-1aa2-4b2b-ba63-83fc4ecd66c2}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{e5f548e5-804e-4ae0-843c-b0a104b797ae}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{ecc22f3c-39b8-4d25-8211-9310c4b0ac91}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{ecc22f3c-39b8-4d25-8211-9310c4b0ac91}: [DhcpNameServer] 8.8.8.8

    Internet Explorer:
    ==================
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3128490503-3481064576-2182703944-1001 -> {0CE02FFA-A6B0-46F6-BA2F-BD32C3630126} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
    BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
    BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-18] (Adobe Systems Incorporated)
    BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
    BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-18] (Adobe Systems Incorporated)
    BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-09-07] (Oracle Corporation)
    BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-18] (Adobe Systems Incorporated)
    BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-02-22] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-07] (Oracle Corporation)
    BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
    BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-18] (Adobe Systems Incorporated)
    Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
    Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-18] (Adobe Systems Incorporated)
    Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
    Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-18] (Adobe Systems Incorporated)
    Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)
    Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe

    FireFox:
    ========
    FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
    FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-27]
    FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-16] ()
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-16] ()
    FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-07] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-07] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
    FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-11-28] (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems)

    Chrome:
    =======
    CHR Session Restore: Default -> is enabled.
    CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default [2018-01-10]
    CHR Extension: (UROverview) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\amdamgkgchnbaopmphhjapmjcdghdphi [2018-01-09]
    CHR Extension: (Tampermonkey) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-10-08]
    CHR Extension: (WME JNF) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnjmbmlldgfomcdmflifibpappdadcm [2017-11-24]
    CHR Extension: (Ads Blocker for Facebook ™) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmgjckeibmdfndlflobjhddhmemajjld [2017-12-24]
    CHR Extension: (Friend Remover PRO - Delete All Friends 2017) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekjblaihiicbgjibfipjoepkmondnnbd [2017-11-24]
    CHR Extension: (WME Route Checker) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjnhelaghhdbglpieidncdppchpnlfh [2017-09-14]
    CHR Extension: (AdBlock) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-24]
    CHR Extension: (Lazada Price Tracker) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbffioiakemflkglioiijpfddgahchaf [2018-01-10]
    CHR Extension: (Video Adblocker for Youtube™ Extension) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2017-11-24]
    CHR Extension: (Social Fixer for Facebook) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2017-12-25]
    CHR Extension: (WME Toolbox) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihebciailciabdiknfomleeccodkdejn [2017-12-24]
    CHR Extension: (WME Color Highlights) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijnldkoicbhinlgnoigchihmegdjobjc [2017-07-28]
    CHR Extension: (Waze - Google Maps™ link) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jblojdkgpamepmiammlgkkhknojnlmai [2017-08-20]
    CHR Extension: (Torrentz2 Magnet Links +) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldknhpjddofdohocbhakahagoepainmo [2017-12-30]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
    CHR Extension: (Google Slides Offline) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj [2018-01-10]
    CHR Extension: (Chrome Media Router) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-24]
    CHR Extension: (RightToCopy) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmcimdddlobkphnofejmeidjblideca [2018-01-04]
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
    R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-09] (Intel Corporation)
    R2 gservice.exe; C:\Program Files (x86)\System Native\Main Services\amd\gservice.exe [5931776 2018-01-10] (www.example.com)
    R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [542392 2017-10-18] (Intel Corporation)
    R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324544 2017-12-14] (Realtek Semiconductor)
    S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-07-27] (TeamViewer GmbH)
    S3 updater; C:\Program Files (x86)\System Native\Main Services\updater.exe [571648 2018-01-10] (System Native)
    R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [592776 2017-05-08] (Waves Audio Ltd.)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-19] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
    S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492256 2017-06-14] (Wondershare)
    R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
    R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [74144 2017-11-09] (Intel Corporation)
    R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [69536 2017-11-09] (Intel Corporation)
    R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [382880 2017-11-09] (Intel Corporation)
    R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77432 2018-01-10] ()
    R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [54816 2016-10-28] (Intel Corporation)
    R3 HID_PCI; C:\Windows\System32\drivers\HID_PCI.sys [31328 2016-08-10] (Intel)
    R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [98976 2017-06-28] (Intel Corporation)
    R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [132104 2017-10-18] (Intel Corporation)
    R3 ISH; C:\Windows\System32\drivers\ISH.sys [143984 2016-09-20] (Intel)
    R3 ISH_BusDriver; C:\Windows\System32\drivers\ISH_BusDriver.sys [80496 2016-08-18] (Intel)
    R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193968 2018-01-10] (Malwarebytes)
    R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [110016 2018-01-10] (Malwarebytes)
    R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [46008 2018-01-10] (Malwarebytes)
    R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-01-10] (Malwarebytes)
    R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [94144 2018-01-10] (Malwarebytes)
    R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7638536 2017-10-30] (Intel Corporation)
    R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_4308e967c08942e3\nvlddmkm.sys [17028552 2017-12-19] (NVIDIA Corporation)
    R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3237312 2017-12-11] (Realtek Semiconductor Corp.)
    S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-19] ()
    S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
    U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2018-01-10] ()
    R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [42000 2017-01-12] (Intel Corporation)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44632 2017-03-19] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [294816 2017-03-19] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-19] (Microsoft Corporation)
    R2 WinDivert1.2; C:\Windows\system32\drivers\WinDivert64.sys [37552 2018-01-10] (Basil)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
  3. ramesh help

    ramesh help Established Techie7 Member

    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-01-10 13:54 - 2018-01-10 13:55 - 000021361 _____ C:\Users\Home\Downloads\FRST.txt
    2018-01-10 13:54 - 2018-01-10 13:54 - 002393088 _____ (Farbar) C:\Users\Home\Downloads\FRST64.exe
    2018-01-10 13:54 - 2018-01-10 13:54 - 001753600 _____ (Farbar) C:\Users\Home\Downloads\FRST.exe
    2018-01-10 13:54 - 2018-01-10 13:54 - 000000000 ____D C:\FRST
    2018-01-10 13:52 - 2018-01-10 13:55 - 008198432 _____ (Malwarebytes) C:\Users\Home\Downloads\adwcleaner_7.0.6.0.exe
    2018-01-10 13:47 - 2018-01-10 13:52 - 000000000 ____D C:\AdwCleaner
    2018-01-10 12:50 - 2018-01-10 12:51 - 008198432 _____ (Malwarebytes) C:\Users\Home\Downloads\AdwCleaner.exe
    2018-01-10 12:49 - 2018-01-10 13:51 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
    2018-01-10 12:49 - 2018-01-10 12:49 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
    2018-01-10 12:49 - 2018-01-10 12:49 - 000000000 ____D C:\ProgramData\RogueKiller
    2018-01-10 12:49 - 2018-01-10 12:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
    2018-01-10 12:49 - 2018-01-10 12:49 - 000000000 ____D C:\Program Files\RogueKiller
    2018-01-10 12:48 - 2018-01-10 12:48 - 033463072 _____ (Adlice Software ) C:\Users\Home\Downloads\RogueKiller_setup_ref3.exe
    2018-01-10 12:32 - 2018-01-10 13:49 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
    2018-01-10 12:32 - 2018-01-10 13:49 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
    2018-01-10 12:32 - 2018-01-10 13:49 - 000094144 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
    2018-01-10 12:32 - 2018-01-10 13:49 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
    2018-01-10 12:32 - 2018-01-10 12:55 - 000193968 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
    2018-01-10 12:32 - 2018-01-10 12:32 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2018-01-10 12:32 - 2018-01-10 12:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2018-01-10 12:31 - 2018-01-10 12:55 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
    2018-01-10 12:31 - 2018-01-10 12:31 - 083316440 _____ (Malwarebytes ) C:\Users\Home\Downloads\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3374.exe
    2018-01-10 12:31 - 2018-01-10 12:31 - 000000000 ____D C:\ProgramData\Malwarebytes
    2018-01-10 12:31 - 2018-01-10 12:31 - 000000000 ____D C:\Program Files\Malwarebytes
    2018-01-10 12:29 - 2018-01-10 12:43 - 000000000 ____D C:\Users\Home\AppData\Roaming\herfhhze0fk
    2018-01-10 12:28 - 2018-01-10 12:28 - 000000000 ____D C:\ProgramData\System Native
    2018-01-10 12:26 - 2018-01-10 12:26 - 000003621 _____ C:\Users\Public\Desktop\R@1n.txt
    2018-01-10 12:26 - 2018-01-10 12:26 - 000000000 ____D C:\Windows\System32\Tasks\R@1n-KMS
    2018-01-10 12:26 - 2018-01-10 12:26 - 000000000 ____D C:\Users\Home\AppData\Local\mpress
    2018-01-10 12:25 - 2018-01-10 12:25 - 000004096 _____ C:\Windows\KMS-R@1nHook.dll
    2018-01-10 12:18 - 2018-01-10 12:43 - 000000328 _____ C:\Windows\Tasks\plaAVjRQXWCDePSecyr.job
    2018-01-10 12:17 - 2018-01-10 12:43 - 000000318 _____ C:\Windows\Tasks\BcyoMZkjXMgFaPP.job
    2018-01-10 12:17 - 2018-01-10 12:17 - 000037552 _____ (Basil) C:\Windows\system32\Drivers\WinDivert64.sys
    2018-01-10 12:16 - 2018-01-10 13:45 - 000000000 ____D C:\Disk
    2018-01-10 12:16 - 2018-01-10 12:43 - 000000000 ____D C:\Users\Home\AppData\Roaming\ka10kqmgpts
    2018-01-10 12:16 - 2018-01-10 12:16 - 000140800 _____ C:\Users\Home\AppData\Local\installer.dat
    2018-01-10 12:16 - 2018-01-10 12:16 - 000000000 ____D C:\Windat
    2018-01-10 12:15 - 2018-01-10 12:43 - 000000000 ____D C:\Program Files (x86)\Multitimer
    2018-01-10 12:14 - 2018-01-10 12:38 - 000000000 ____D C:\WinSys
    2018-01-10 12:14 - 2018-01-10 12:38 - 000000000 ____D C:\Applications
    2018-01-10 12:14 - 2018-01-10 12:28 - 000000258 __RSH C:\ProgramData\ntuser.pol
    2018-01-10 12:14 - 2018-01-10 12:14 - 000003784 _____ C:\Windows\System32\Tasks\updater
    2018-01-10 12:14 - 2018-01-10 12:14 - 000003580 _____ C:\Windows\System32\Tasks\Guard
    2018-01-10 12:14 - 2018-01-10 12:14 - 000000000 ____D C:\Users\Home\AppData\Roaming\System Native
    2018-01-10 12:14 - 2018-01-10 12:14 - 000000000 ____D C:\Program Files (x86)\System Native
    2018-01-10 12:12 - 2018-01-10 12:41 - 000000000 ____D C:\Program Files (x86)\KMSPico 10.2.2 Final
    2018-01-09 11:17 - 2018-01-09 11:17 - 000000000 ____D C:\Users\Home\Downloads\temp
    2018-01-09 11:16 - 2018-01-09 18:30 - 000000000 ____D C:\Users\Home\Desktop\torrent incomplete
    2018-01-09 11:01 - 2018-01-09 11:05 - 000000000 ____D C:\Users\Home\Downloads\Ferdinand 2017
    2018-01-08 20:54 - 2018-01-08 20:54 - 000037171 _____ C:\Windows\uninstaller.dat
    2018-01-08 10:33 - 2018-01-09 19:09 - 000000000 ____D C:\Users\Home\AppData\Roaming\qBittorrent
    2018-01-08 10:33 - 2018-01-08 10:33 - 000000000 ____D C:\Users\Home\AppData\Local\qBittorrent
    2018-01-08 10:33 - 2018-01-08 10:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
    2018-01-08 10:33 - 2018-01-08 10:33 - 000000000 ____D C:\Program Files (x86)\qBittorrent
    2018-01-07 16:48 - 2018-01-07 17:08 - 000001855 _____ C:\Users\Home\Desktop\dsfsdfdsfd.txt
    2018-01-07 10:53 - 2018-01-01 14:03 - 000891904 _____ (Microsoft Corporation) C:\Windows\system32\Spectrum.exe
    2018-01-07 10:53 - 2018-01-01 10:27 - 000074648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
    2018-01-07 10:53 - 2018-01-01 10:26 - 000107416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
    2018-01-07 10:53 - 2018-01-01 10:24 - 000135576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2018-01-07 10:53 - 2018-01-01 10:24 - 000102808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
    2018-01-07 10:53 - 2018-01-01 10:24 - 000052632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys
    2018-01-07 10:53 - 2018-01-01 10:22 - 001239448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
    2018-01-07 10:53 - 2018-01-01 10:22 - 001194784 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2018-01-07 10:53 - 2018-01-01 10:22 - 000181912 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2018-01-07 10:53 - 2018-01-01 10:22 - 000119704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2018-01-07 10:53 - 2018-01-01 10:21 - 000587160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
    2018-01-07 10:53 - 2018-01-01 10:20 - 000036760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys
    2018-01-07 10:53 - 2018-01-01 10:19 - 000730008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
    2018-01-07 10:53 - 2018-01-01 10:19 - 000164760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
    2018-01-07 10:53 - 2018-01-01 10:19 - 000047512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys
    2018-01-07 10:53 - 2018-01-01 10:19 - 000027456 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
    2018-01-07 10:53 - 2018-01-01 10:18 - 000110600 _____ (Microsoft Corporation) C:\Windows\system32\rmclient.dll
    2018-01-07 10:53 - 2018-01-01 10:18 - 000057752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
    2018-01-07 10:53 - 2018-01-01 10:16 - 002672024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2018-01-07 10:53 - 2018-01-01 10:16 - 000610712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2018-01-07 10:53 - 2018-01-01 10:15 - 000083352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
    2018-01-07 10:53 - 2018-01-01 10:09 - 000070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WindowsTrustedRT.sys
    2018-01-07 10:53 - 2018-01-01 10:07 - 000583688 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_win.dll
    2018-01-07 10:53 - 2018-01-01 10:03 - 000627584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
    2018-01-07 10:53 - 2018-01-01 10:03 - 000311704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2018-01-07 10:53 - 2018-01-01 09:52 - 000195768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
    2018-01-07 10:53 - 2018-01-01 09:50 - 000787704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2018-01-07 10:53 - 2018-01-01 09:49 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
    2018-01-07 10:53 - 2018-01-01 09:48 - 005828768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
    2018-01-07 10:53 - 2018-01-01 09:48 - 002167320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2018-01-07 10:53 - 2018-01-01 09:48 - 000073896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wwapi.dll
    2018-01-07 10:53 - 2018-01-01 09:47 - 001998416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2018-01-07 10:53 - 2018-01-01 09:47 - 000433888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
    2018-01-07 10:53 - 2018-01-01 09:47 - 000186520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
    2018-01-07 10:53 - 2018-01-01 09:47 - 000016592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshhyperv.dll
    2018-01-07 10:53 - 2018-01-01 09:46 - 000702032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
    2018-01-07 10:53 - 2018-01-01 09:46 - 000087352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll
    2018-01-07 10:53 - 2018-01-01 09:45 - 020374424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2018-01-07 10:53 - 2018-01-01 09:45 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
    2018-01-07 10:53 - 2018-01-01 09:43 - 000558080 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2018-01-07 10:53 - 2018-01-01 09:42 - 000480912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2018-01-07 10:53 - 2018-01-01 09:42 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
    2018-01-07 10:53 - 2018-01-01 09:41 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenanceClient.dll
    2018-01-07 10:53 - 2018-01-01 09:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgid.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
    2018-01-07 10:53 - 2018-01-01 09:40 - 000130560 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
    2018-01-07 10:53 - 2018-01-01 09:40 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storqosflt.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Synth3dVsc.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
    2018-01-07 10:53 - 2018-01-01 09:40 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dmvsc.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RfxVmt.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerSvc.dll
    2018-01-07 10:53 - 2018-01-01 09:39 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
    2018-01-07 10:53 - 2018-01-01 09:39 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
    2018-01-07 10:53 - 2018-01-01 09:39 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
    2018-01-07 10:53 - 2018-01-01 09:38 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
    2018-01-07 10:53 - 2018-01-01 09:38 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2018-01-07 10:53 - 2018-01-01 09:38 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
    2018-01-07 10:53 - 2018-01-01 09:38 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
    2018-01-07 10:53 - 2018-01-01 09:37 - 002953216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
    2018-01-07 10:53 - 2018-01-01 09:37 - 000473600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2018-01-07 10:53 - 2018-01-01 09:37 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2018-01-07 10:53 - 2018-01-01 09:37 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2018-01-07 10:53 - 2018-01-01 09:37 - 000038912 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2018-01-07 10:53 - 2018-01-01 09:36 - 000548864 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
    2018-01-07 10:53 - 2018-01-01 09:36 - 000328704 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
    2018-01-07 10:53 - 2018-01-01 09:36 - 000209920 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
    2018-01-07 10:53 - 2018-01-01 09:35 - 000421888 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
    2018-01-07 10:53 - 2018-01-01 09:35 - 000343040 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
    2018-01-07 10:53 - 2018-01-01 09:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
    2018-01-07 10:53 - 2018-01-01 09:35 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PimIndexMaintenanceClient.dll
    2018-01-07 10:53 - 2018-01-01 09:35 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\virtdisk.dll
    2018-01-07 10:53 - 2018-01-01 09:34 - 000203264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\container.dll
    2018-01-07 10:53 - 2018-01-01 09:34 - 000132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
    2018-01-07 10:53 - 2018-01-01 09:34 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
    2018-01-07 10:53 - 2018-01-01 09:34 - 000049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tetheringclient.dll
    2018-01-07 10:53 - 2018-01-01 09:34 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2018-01-07 10:53 - 2018-01-01 09:34 - 000010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2018-01-07 10:53 - 2018-01-01 09:33 - 001627648 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
    2018-01-07 10:53 - 2018-01-01 09:33 - 001177600 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
    2018-01-07 10:53 - 2018-01-01 09:33 - 000175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
    2018-01-07 10:53 - 2018-01-01 09:33 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2018-01-07 10:53 - 2018-01-01 09:33 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ssdpapi.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 001094656 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 000365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2018-01-07 10:53 - 2018-01-01 09:32 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 000253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
    2018-01-07 10:53 - 2018-01-01 09:32 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 000069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\keyiso.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3dlg.dll
    2018-01-07 10:53 - 2018-01-01 09:31 - 000934912 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
    2018-01-07 10:53 - 2018-01-01 09:31 - 000757760 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
    2018-01-07 10:53 - 2018-01-01 09:31 - 000370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
    2018-01-07 10:53 - 2018-01-01 09:31 - 000242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
    2018-01-07 10:53 - 2018-01-01 09:31 - 000232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppLockerCSP.dll
    2018-01-07 10:53 - 2018-01-01 09:31 - 000173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
    2018-01-07 10:53 - 2018-01-01 09:30 - 020514304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
    2018-01-07 10:53 - 2018-01-01 09:30 - 019337216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2018-01-07 10:53 - 2018-01-01 09:30 - 000815616 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
    2018-01-07 10:53 - 2018-01-01 09:30 - 000432640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
    2018-01-07 10:53 - 2018-01-01 09:30 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2018-01-07 10:53 - 2018-01-01 09:30 - 000304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
    2018-01-07 10:53 - 2018-01-01 09:29 - 002516480 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2018-01-07 10:53 - 2018-01-01 09:29 - 001628672 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
    2018-01-07 10:53 - 2018-01-01 09:29 - 000969728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
    2018-01-07 10:53 - 2018-01-01 09:29 - 000664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2018-01-07 10:53 - 2018-01-01 09:29 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2018-01-07 10:53 - 2018-01-01 09:29 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
    2018-01-07 10:53 - 2018-01-01 09:28 - 001452544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
    2018-01-07 10:53 - 2018-01-01 09:28 - 000754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2018-01-07 10:53 - 2018-01-01 09:28 - 000522752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
    2018-01-07 10:53 - 2018-01-01 09:28 - 000260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2018-01-07 10:53 - 2018-01-01 09:27 - 000946176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
    2018-01-07 10:53 - 2018-01-01 09:27 - 000879104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2018-01-07 10:53 - 2018-01-01 09:27 - 000267264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
    2018-01-07 10:53 - 2018-01-01 09:26 - 005964288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
    2018-01-07 10:53 - 2018-01-01 09:26 - 000750592 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
    2018-01-07 10:53 - 2018-01-01 09:26 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
    2018-01-07 10:53 - 2018-01-01 09:26 - 000385536 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
    2018-01-07 10:53 - 2018-01-01 09:26 - 000183296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
    2018-01-07 10:53 - 2018-01-01 09:26 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\rdvvmtransport.dll
    2018-01-07 10:53 - 2018-01-01 09:26 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys
    2018-01-07 10:53 - 2018-01-01 09:24 - 003651072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2018-01-07 10:53 - 2018-01-01 09:24 - 002859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2018-01-07 10:53 - 2018-01-01 09:24 - 000658944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2018-01-07 10:53 - 2018-01-01 09:23 - 001627136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2018-01-07 10:53 - 2018-01-01 09:23 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
    2018-01-07 10:53 - 2018-01-01 09:22 - 000367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
    2018-01-07 10:53 - 2018-01-01 09:21 - 000337920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
    2018-01-07 10:53 - 2018-01-01 09:21 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvvmtransport.dll
    2018-01-07 10:53 - 2018-01-01 09:20 - 000708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
    2018-01-07 10:53 - 2018-01-01 09:20 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
    2018-01-07 10:53 - 2018-01-01 09:19 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscproxystub.dll
    2018-01-07 10:53 - 2018-01-01 09:18 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
    2018-01-07 10:53 - 2018-01-01 09:18 - 000048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdPnp.dll
    2018-01-07 10:53 - 2018-01-01 09:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmiprop.dll
    2018-01-07 10:53 - 2018-01-01 09:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWNet.dll
    2018-01-07 10:52 - 2018-01-01 10:27 - 001021336 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
    2018-01-07 10:52 - 2018-01-01 10:27 - 000751576 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
    2018-01-07 10:52 - 2018-01-01 10:27 - 000544152 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
    2018-01-07 10:52 - 2018-01-01 10:27 - 000382864 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2018-01-07 10:52 - 2018-01-01 10:27 - 000264536 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
    2018-01-07 10:52 - 2018-01-01 10:27 - 000074648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
    2018-01-07 10:52 - 2018-01-01 10:27 - 000066712 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
    2018-01-07 10:52 - 2018-01-01 10:27 - 000022800 _____ (Microsoft Corporation) C:\Windows\system32\iumbase.dll
    2018-01-07 10:52 - 2018-01-01 10:27 - 000022208 _____ (Microsoft Corporation) C:\Windows\system32\IumSdk.dll
    2018-01-07 10:52 - 2018-01-01 10:27 - 000020376 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
    2018-01-07 10:52 - 2018-01-01 10:27 - 000015632 _____ (Microsoft Corporation) C:\Windows\system32\iumdll.dll
    2018-01-07 10:52 - 2018-01-01 10:25 - 001065608 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2018-01-07 10:52 - 2018-01-01 10:25 - 000900880 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
    2018-01-07 10:52 - 2018-01-01 10:24 - 008345496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2018-01-07 10:52 - 2018-01-01 10:24 - 002327448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2018-01-07 10:52 - 2018-01-01 10:24 - 001188544 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2018-01-07 10:52 - 2018-01-01 10:24 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
    2018-01-07 10:52 - 2018-01-01 10:24 - 000105880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2018-01-07 10:52 - 2018-01-01 10:24 - 000033688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
    2018-01-07 10:52 - 2018-01-01 10:23 - 000456088 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
    2018-01-07 10:52 - 2018-01-01 10:23 - 000386456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
    2018-01-07 10:52 - 2018-01-01 10:22 - 000503704 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
    2018-01-07 10:52 - 2018-01-01 10:21 - 000328616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
    2018-01-07 10:52 - 2018-01-01 10:21 - 000063896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys
    2018-01-07 10:52 - 2018-01-01 10:20 - 007319912 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
    2018-01-07 10:52 - 2018-01-01 10:20 - 002647216 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2018-01-07 10:52 - 2018-01-01 10:20 - 000524760 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
    2018-01-07 10:52 - 2018-01-01 10:20 - 000459160 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
    2018-01-07 10:52 - 2018-01-01 10:19 - 002466392 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2018-01-07 10:52 - 2018-01-01 10:19 - 000870896 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
    2018-01-07 10:52 - 2018-01-01 10:19 - 000714648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000643704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000546712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000282520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000247472 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
    2018-01-07 10:52 - 2018-01-01 10:19 - 000184728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000123800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000118680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvsocket.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000082328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000054168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000031640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000018672 _____ (Microsoft Corporation) C:\Windows\system32\wshhyperv.dll
    2018-01-07 10:52 - 2018-01-01 10:18 - 021354736 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2018-01-07 10:52 - 2018-01-01 10:18 - 001146776 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
    2018-01-07 10:52 - 2018-01-01 10:18 - 000966040 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
    2018-01-07 10:52 - 2018-01-01 10:18 - 000822680 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
    2018-01-07 10:52 - 2018-01-01 10:18 - 000316240 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2018-01-07 10:52 - 2018-01-01 10:18 - 000175800 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
    2018-01-07 10:52 - 2018-01-01 10:18 - 000059800 _____ (Microsoft Corporation) C:\Windows\system32\hvhostsvc.dll
    2018-01-07 10:52 - 2018-01-01 10:17 - 000154520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2018-01-07 10:52 - 2018-01-01 10:16 - 001107352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2018-01-07 10:52 - 2018-01-01 10:15 - 001396680 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2018-01-07 10:52 - 2018-01-01 10:15 - 000644696 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2018-01-07 10:52 - 2018-01-01 10:14 - 000159640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
    2018-01-07 10:52 - 2018-01-01 10:10 - 000100800 _____ (Microsoft Corporation) C:\Windows\system32\wwapi.dll
    2018-01-07 10:52 - 2018-01-01 10:09 - 000434072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
    2018-01-07 10:52 - 2018-01-01 10:09 - 000142744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
    2018-01-07 10:52 - 2018-01-01 10:09 - 000114584 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
    2018-01-07 10:52 - 2018-01-01 10:08 - 001325960 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2018-01-07 10:52 - 2018-01-01 09:52 - 023680512 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
    2018-01-07 10:52 - 2018-01-01 09:44 - 000411184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_win.dll
    2018-01-07 10:52 - 2018-01-01 09:43 - 003670016 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
    2018-01-07 10:52 - 2018-01-01 09:42 - 000122880 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2018-01-07 10:52 - 2018-01-01 09:42 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys
    2018-01-07 10:52 - 2018-01-01 09:42 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys
    2018-01-07 10:52 - 2018-01-01 09:42 - 000047104 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2018-01-07 10:52 - 2018-01-01 09:41 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
    2018-01-07 10:52 - 2018-01-01 09:41 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\sysntfy.dll
    2018-01-07 10:52 - 2018-01-01 09:41 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll
    2018-01-07 10:52 - 2018-01-01 09:41 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\VmApplicationHealthMonitorProxy.dll
    2018-01-07 10:52 - 2018-01-01 09:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hyperkbd.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgencounter.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys
    2018-01-07 10:52 - 2018-01-01 09:40 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\container.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000133632 _____ (Microsoft Corporation) C:\Windows\system32\wificonnapi.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\container_xml.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2018-01-07 10:52 - 2018-01-01 09:40 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\efslsaext.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcnfs.sys
    2018-01-07 10:52 - 2018-01-01 09:40 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys
    2018-01-07 10:52 - 2018-01-01 09:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\tetheringclient.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\efssvc.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\virtdisk.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2018-01-07 10:52 - 2018-01-01 09:40 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\gpuenergydrv.sys
    2018-01-07 10:52 - 2018-01-01 09:39 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\ACPBackgroundManagerPolicy.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2018-01-07 10:52 - 2018-01-01 09:39 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
    2018-01-07 10:52 - 2018-01-01 09:39 - 000144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2018-01-07 10:52 - 2018-01-01 09:39 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\rasauto.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\SCardDlg.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\ssdpapi.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2018-01-07 10:52 - 2018-01-01 09:38 - 000457728 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000304640 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
    2018-01-07 10:52 - 2018-01-01 09:38 - 000283648 _____ (Microsoft Corporation) C:\Windows\system32\icsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\WPTaskScheduler.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000165888 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2018-01-07 10:52 - 2018-01-01 09:38 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
    2018-01-07 10:52 - 2018-01-01 09:38 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\keyiso.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\dot3dlg.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 023683072 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\PhoneProviders.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000723968 _____ (Microsoft Corporation) C:\Windows\system32\NaturalAuth.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000582656 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000434176 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000424960 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000342528 _____ (Microsoft Corporation) C:\Windows\system32\APHostService.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000336384 _____ (Microsoft Corporation) C:\Windows\system32\AppLockerCSP.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000305152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
    2018-01-07 10:52 - 2018-01-01 09:37 - 000250368 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000250368 _____ (Microsoft Corporation) C:\Windows\system32\BrokerLib.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000232960 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000189952 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000626176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000457728 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000388096 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000310784 _____ (Microsoft Corporation) C:\Windows\system32\wifiprofilessettinghandler.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000307712 _____ (Microsoft Corporation) C:\Windows\system32\icsvcext.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000996864 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000847360 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000741376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
    2018-01-07 10:52 - 2018-01-01 09:35 - 000692736 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000538624 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000422912 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000365568 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000292352 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000973312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000805888 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000752640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000399872 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000239616 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2018-01-07 10:52 - 2018-01-01 09:34 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2018-01-07 10:52 - 2018-01-01 09:34 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2018-01-07 10:52 - 2018-01-01 09:34 - 000013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2018-01-07 10:52 - 2018-01-01 09:33 - 003306496 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000877568 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000583168 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000365568 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2018-01-07 10:52 - 2018-01-01 09:33 - 000120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2018-01-07 10:52 - 2018-01-01 09:32 - 002078720 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2018-01-07 10:52 - 2018-01-01 09:32 - 001028608 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
    2018-01-07 10:52 - 2018-01-01 09:32 - 000970752 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2018-01-07 10:52 - 2018-01-01 09:32 - 000922112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2018-01-07 10:52 - 2018-01-01 09:32 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2018-01-07 10:52 - 2018-01-01 09:32 - 000123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2018-01-07 10:52 - 2018-01-01 09:32 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2018-01-07 10:52 - 2018-01-01 09:32 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2018-01-07 10:52 - 2018-01-01 09:31 - 008188928 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
    2018-01-07 10:52 - 2018-01-01 09:31 - 007339520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
    2018-01-07 10:52 - 2018-01-01 09:31 - 001736704 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:31 - 001398272 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
    2018-01-07 10:52 - 2018-01-01 09:31 - 001355264 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
    2018-01-07 10:52 - 2018-01-01 09:31 - 000266240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 012803584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 004719104 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 003206656 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 000706560 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2018-01-07 10:52 - 2018-01-01 09:30 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 000397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 000397312 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 002426368 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 001583616 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000877568 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000755200 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000272384 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2018-01-07 10:52 - 2018-01-01 09:28 - 001802752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2018-01-07 10:52 - 2018-01-01 09:28 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2018-01-07 10:52 - 2018-01-01 09:27 - 006249472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
    2018-01-07 10:52 - 2018-01-01 09:26 - 011888640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2018-01-07 10:52 - 2018-01-01 09:26 - 000722944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2018-01-07 10:52 - 2018-01-01 09:26 - 000502272 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
    2018-01-07 10:52 - 2018-01-01 09:25 - 002010112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2018-01-07 10:52 - 2018-01-01 09:25 - 000824832 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
    2018-01-07 10:52 - 2018-01-01 09:25 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll
    2018-01-07 10:52 - 2018-01-01 09:25 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys
    2018-01-07 10:52 - 2018-01-01 09:24 - 001463296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2018-01-07 10:52 - 2018-01-01 09:24 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\wscproxystub.dll
    2018-01-07 10:52 - 2018-01-01 09:23 - 000239616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
    2018-01-07 10:52 - 2018-01-01 09:23 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
    2018-01-07 10:52 - 2018-01-01 09:23 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
    2018-01-07 10:52 - 2018-01-01 09:23 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\fdPnp.dll
    2018-01-07 10:52 - 2018-01-01 09:23 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
    2018-01-07 10:52 - 2018-01-01 09:23 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
    2018-01-07 10:52 - 2018-01-01 09:23 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
    2018-01-07 10:52 - 2018-01-01 09:23 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\fdWNet.dll
    2018-01-07 10:52 - 2018-01-01 09:23 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\wmiprop.dll
    2018-01-07 10:52 - 2018-01-01 09:23 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys
    2018-01-07 10:52 - 2018-01-01 09:18 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
    2018-01-05 10:52 - 2018-01-10 11:59 - 000000000 ____D C:\Users\Home\Desktop\chap 2
    2018-01-04 21:18 - 2018-01-04 21:18 - 000142783 _____ C:\Users\Home\Desktop\4D, 5D, 6D Forecast table.pdf
    2018-01-03 15:42 - 2018-01-03 15:42 - 000000000 ____D C:\Users\Home\AppData\Local\VirtualStore
    2018-01-03 14:56 - 2018-01-07 10:06 - 000000000 ____D C:\Users\Home\AppData\Roaming\Syncios Data Transfer
    2018-01-03 14:56 - 2018-01-03 14:56 - 000000000 ____D C:\Users\Home\Documents\Syncios Data Transfer
    2018-01-03 14:56 - 2018-01-03 14:56 - 000000000 ____D C:\Users\Home\.android
    2018-01-03 14:53 - 2018-01-10 11:46 - 000001332 _____ C:\Users\Home\Desktop\Syncios Data Transfer.lnk
    2018-01-03 14:53 - 2018-01-03 14:53 - 000000000 ____D C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Syncios
    2018-01-03 14:53 - 2018-01-03 14:53 - 000000000 ____D C:\Program Files (x86)\AnvSoft
    2018-01-03 14:46 - 2018-01-03 14:46 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
    2018-01-03 14:46 - 2018-01-03 14:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2018-01-03 14:46 - 2018-01-03 14:46 - 000000000 ____D C:\Program Files\iTunes
    2018-01-03 14:46 - 2018-01-03 14:46 - 000000000 ____D C:\Program Files\iPod
    2018-01-03 14:45 - 2018-01-03 14:45 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
    2018-01-03 14:45 - 2018-01-03 14:45 - 000000000 ____D C:\Windows\System32\Tasks\Apple
    2018-01-03 14:45 - 2018-01-03 14:45 - 000000000 ____D C:\Users\Home\AppData\Local\Apple
    2018-01-03 14:45 - 2018-01-03 14:45 - 000000000 ____D C:\Program Files\Common Files\Apple
    2018-01-03 14:45 - 2018-01-03 14:45 - 000000000 ____D C:\Program Files\Bonjour
    2018-01-03 14:45 - 2018-01-03 14:45 - 000000000 ____D C:\Program Files (x86)\Bonjour
    2018-01-03 14:45 - 2018-01-03 14:45 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
    2018-01-03 10:00 - 2018-01-07 09:32 - 000000000 ____D C:\Users\Home\Desktop\exam
    2018-01-03 09:34 - 2018-01-03 09:38 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
    2018-01-03 09:31 - 2018-01-03 09:31 - 000076484 _____ C:\Users\Home\Desktop\0061066798_MGT5000_Coversheet
    2018-01-03 09:26 - 2018-01-03 09:26 - 000009774 _____ C:\Users\Home\Desktop\USQ Transcirpts score.pdf
    2018-01-02 10:49 - 2018-01-02 10:49 - 000185428 _____ C:\Users\Home\Desktop\AIS Form v21.pdf
    2018-01-02 10:49 - 2018-01-02 10:49 - 000000000 ____D C:\Users\Home\AppData\Local\CEF
    2017-12-31 16:45 - 2017-12-31 16:45 - 000000279 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin (2).lnk
    2017-12-30 17:03 - 2017-12-30 17:03 - 000000000 ____D C:\ProgramData\VS Revo Group
    2017-12-29 14:57 - 2017-12-29 14:57 - 000000000 ____D C:\Program Files\Reference Assemblies
    2017-12-29 14:57 - 2017-12-29 14:57 - 000000000 ____D C:\Program Files\MSBuild
    2017-12-29 14:57 - 2017-12-29 14:57 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
    2017-12-29 14:57 - 2017-12-29 14:57 - 000000000 ____D C:\Program Files (x86)\MSBuild
    2017-12-29 14:55 - 2017-02-10 11:26 - 001166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
    2017-12-29 14:55 - 2017-02-10 11:26 - 000124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2017-12-29 14:55 - 2017-02-10 11:26 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
    2017-12-29 14:55 - 2017-02-10 11:21 - 000778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
    2017-12-29 14:55 - 2017-02-10 11:21 - 000103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2017-12-29 14:55 - 2017-02-10 11:21 - 000035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
    2017-12-27 21:59 - 2017-12-27 21:59 - 000000000 __SHD C:\ProgramData\ms-drivers
    2017-12-27 21:59 - 2017-12-27 21:59 - 000000000 __SHD C:\ProgramData\icsxml
    2017-12-27 21:55 - 2017-12-27 22:01 - 000000000 ____D C:\Users\Home\AppData\Local\MetaGeek,_LLC
    2017-12-27 21:55 - 2017-12-27 21:55 - 000000000 __SHD C:\Users\Home\AppData\Local\icsxml
    2017-12-27 21:54 - 2017-12-27 21:54 - 000000000 __SHD C:\Users\Home\AppData\Local\ms-drivers
    2017-12-27 21:54 - 2017-12-27 21:54 - 000000000 __SHD C:\ProgramData\DIBsection
    2017-12-27 21:54 - 2017-12-27 21:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
    2017-12-27 21:54 - 2017-12-27 21:54 - 000000000 ____D C:\Program Files (x86)\MetaGeek
    2017-12-27 09:07 - 2017-12-27 09:07 - 000000000 ___SD C:\Windows\UpdateAssistantV2
    2017-12-26 21:16 - 2017-12-26 21:16 - 000000371 _____ C:\Users\Home\Desktop\job report.txt
    2017-12-26 12:09 - 2018-01-07 09:37 - 000000000 ____D C:\Users\Home\Desktop\job files important documents
    2017-12-26 10:31 - 2017-12-26 10:31 - 000000279 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
    2017-12-26 10:20 - 2017-12-26 10:20 - 000000000 ____D C:\Users\Home\Tracing
    2017-12-25 08:44 - 2017-11-30 10:58 - 006763128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2017-12-25 08:44 - 2017-11-30 10:57 - 001123968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
    2017-12-25 08:44 - 2017-11-30 10:43 - 000095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
    2017-12-25 08:44 - 2017-11-30 10:43 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2017-12-25 08:44 - 2017-11-30 10:42 - 000148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
    2017-12-25 08:44 - 2017-11-30 10:42 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscript.ocx
    2017-12-25 08:44 - 2017-11-30 10:41 - 000146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
    2017-12-25 08:44 - 2017-11-30 10:40 - 000528384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
    2017-12-25 08:44 - 2017-11-30 10:40 - 000206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
    2017-12-25 08:44 - 2017-11-30 10:40 - 000143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
    2017-12-25 08:44 - 2017-11-30 10:38 - 001248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
    2017-12-25 08:44 - 2017-11-30 10:38 - 000636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
    2017-12-25 08:44 - 2017-11-30 10:36 - 001019904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
    2017-12-25 08:44 - 2017-11-30 10:34 - 004559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
    2017-12-25 08:44 - 2017-11-17 17:31 - 000223640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
    2017-12-25 08:44 - 2017-11-02 13:04 - 001292360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2017-12-25 08:44 - 2017-11-02 12:49 - 001838848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2017-12-25 08:44 - 2017-11-02 12:45 - 000613136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2017-12-25 08:44 - 2017-11-02 12:45 - 000362144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
    2017-12-25 08:44 - 2017-11-02 12:45 - 000354360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
    2017-12-25 08:44 - 2017-11-02 12:45 - 000283544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
    2017-12-25 08:44 - 2017-11-02 12:45 - 000172952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
    2017-12-25 08:44 - 2017-11-02 12:45 - 000133896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
    2017-12-25 08:44 - 2017-11-02 12:44 - 005808640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
    2017-12-25 08:44 - 2017-11-02 12:44 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
    2017-12-25 08:44 - 2017-11-02 12:30 - 000407040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
    2017-12-25 08:44 - 2017-11-02 12:30 - 000155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
    2017-12-25 08:44 - 2017-11-02 12:27 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2017-12-25 08:44 - 2017-11-02 12:27 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertPKICmdlet.dll
    2017-12-25 08:44 - 2017-11-02 12:26 - 002671616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
    2017-12-25 08:44 - 2017-11-02 12:26 - 000371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
    2017-12-25 08:44 - 2017-11-02 12:26 - 000068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll
    2017-12-25 08:44 - 2017-11-02 12:25 - 012227072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
    2017-12-25 08:44 - 2017-11-02 12:24 - 007598080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2017-12-25 08:44 - 2017-11-02 12:24 - 000463872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
    2017-12-25 08:44 - 2017-11-02 12:24 - 000444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Launcher.dll
    2017-12-25 08:44 - 2017-11-02 12:23 - 000680960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
    2017-12-25 08:44 - 2017-11-02 12:23 - 000590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
    2017-12-25 08:44 - 2017-11-02 12:23 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
    2017-12-25 08:44 - 2017-11-02 12:22 - 001884160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
    2017-12-25 08:44 - 2017-11-02 12:22 - 001494528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
    2017-12-25 08:44 - 2017-11-02 12:21 - 004417024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
    2017-12-25 08:44 - 2017-11-02 12:21 - 000787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2017-12-25 08:44 - 2017-10-25 15:40 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
    2017-12-25 08:44 - 2017-10-15 23:09 - 002259760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
    2017-12-25 08:44 - 2017-10-15 23:01 - 000583160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
    2017-12-25 08:44 - 2017-10-15 22:51 - 000584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
    2017-12-25 08:44 - 2017-10-15 22:49 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
    2017-12-25 08:44 - 2017-10-15 22:45 - 001292288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
    2017-12-25 08:44 - 2017-10-15 22:44 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
    2017-12-25 08:44 - 2017-10-15 22:42 - 005225984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
    2017-12-25 08:44 - 2017-10-15 22:42 - 003667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
    2017-12-25 08:44 - 2017-10-15 22:38 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
    2017-12-25 08:41 - 2017-11-30 11:23 - 007910960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
    2017-12-25 08:41 - 2017-11-30 10:45 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
    2017-12-25 08:41 - 2017-11-30 10:44 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
    2017-12-25 08:41 - 2017-11-30 10:42 - 001878016 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
    2017-12-25 08:41 - 2017-11-30 10:37 - 001293824 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
    2017-12-25 08:41 - 2017-11-30 10:36 - 005557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
    2017-12-25 08:41 - 2017-11-17 16:59 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2017-12-25 08:41 - 2017-11-02 13:20 - 000469568 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2017-12-25 08:41 - 2017-11-02 13:13 - 001345600 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2017-12-25 08:41 - 2017-11-02 13:13 - 000095640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
    2017-12-25 08:41 - 2017-11-02 13:12 - 000026472 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2017-12-25 08:41 - 2017-11-02 12:37 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
    2017-12-25 08:41 - 2017-11-02 12:35 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
    2017-12-25 08:41 - 2017-11-02 12:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
    2017-12-25 08:41 - 2017-11-02 12:35 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2017-12-25 08:41 - 2017-11-02 12:34 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\SharedPCCSP.dll
    2017-12-25 08:41 - 2017-11-02 12:34 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
    2017-12-25 08:41 - 2017-11-02 12:34 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2017-12-25 08:41 - 2017-11-02 12:34 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wuautoappupdate.dll
    2017-12-25 08:41 - 2017-11-02 12:33 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\CertPKICmdlet.dll
    2017-12-25 08:41 - 2017-11-02 12:32 - 008213504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2017-12-25 08:41 - 2017-11-02 12:32 - 000255488 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
    2017-12-25 08:41 - 2017-11-02 12:32 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Storage.dll
    2017-12-25 08:41 - 2017-11-02 12:30 - 000601088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Launcher.dll
    2017-12-25 08:41 - 2017-11-02 12:30 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
    2017-12-25 08:41 - 2017-11-02 12:29 - 000415232 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
    2017-12-25 08:41 - 2017-11-02 12:27 - 000565248 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll
    2017-12-25 08:41 - 2017-11-02 12:27 - 000537600 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
    2017-12-25 08:41 - 2017-11-02 12:26 - 001937408 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2017-12-25 08:41 - 2017-11-02 12:26 - 000986624 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2017-12-25 08:41 - 2017-11-02 12:25 - 003377664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
    2017-12-25 08:41 - 2017-11-02 12:25 - 002052608 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
    2017-12-25 08:41 - 2017-11-02 12:23 - 002449408 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2017-12-25 08:41 - 2017-11-02 12:23 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
    2017-12-25 08:41 - 2017-10-15 22:15 - 000584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
    2017-12-25 08:41 - 2017-10-15 22:08 - 001260544 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
    2017-12-25 08:41 - 2017-10-15 22:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
    2017-12-25 08:40 - 2017-11-30 11:33 - 000038808 _____ (Microsoft Corporation) C:\Windows\system32\OOBEUpdater.exe
    2017-12-25 08:40 - 2017-11-30 11:23 - 001194248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
    2017-12-25 08:40 - 2017-11-30 10:45 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2017-12-25 08:40 - 2017-11-30 10:44 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
    2017-12-25 08:40 - 2017-11-30 10:43 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
    2017-12-25 08:40 - 2017-11-30 10:42 - 000560640 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
    2017-12-25 08:40 - 2017-11-30 10:42 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
    2017-12-25 08:40 - 2017-11-30 10:41 - 000527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
    2017-12-25 08:40 - 2017-11-30 10:41 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
    2017-12-25 08:40 - 2017-11-30 10:41 - 000222208 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
    2017-12-25 08:40 - 2017-11-30 10:39 - 000925696 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
    2017-12-25 08:40 - 2017-11-17 17:46 - 000678808 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2017-12-25 08:40 - 2017-11-17 17:46 - 000484248 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
    2017-12-25 08:40 - 2017-11-17 17:46 - 000136088 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2017-12-25 08:40 - 2017-11-17 17:46 - 000034712 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
    2017-12-25 08:40 - 2017-11-17 17:39 - 005477088 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
    2017-12-25 08:40 - 2017-11-17 16:56 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
    2017-12-25 08:40 - 2017-11-02 13:16 - 002398696 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2017-12-25 08:40 - 2017-11-02 13:13 - 002443672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2017-12-25 08:40 - 2017-11-02 13:12 - 000727336 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2017-12-25 08:40 - 2017-11-02 13:12 - 000412752 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
    2017-12-25 08:40 - 2017-11-02 13:12 - 000319384 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
    2017-12-25 08:40 - 2017-11-02 13:12 - 000144248 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
    2017-12-25 08:40 - 2017-11-02 13:12 - 000038808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
    2017-12-25 08:40 - 2017-11-02 13:10 - 006557520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
    2017-12-25 08:40 - 2017-11-02 13:05 - 000187800 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
    2017-12-25 08:40 - 2017-11-02 12:37 - 001278976 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
    2017-12-25 08:40 - 2017-11-02 12:37 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
    2017-12-25 08:40 - 2017-11-02 12:37 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
    2017-12-25 08:40 - 2017-11-02 12:36 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
    2017-12-25 08:40 - 2017-11-02 12:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpstorport.sys
    2017-12-25 08:40 - 2017-11-02 12:34 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\DataUsageLiveTileTask.exe
    2017-12-25 08:40 - 2017-11-02 12:33 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\DataUsageHandlers.dll
    2017-12-25 08:40 - 2017-11-02 12:33 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\OnDemandConnRouteHelper.dll
    2017-12-25 08:40 - 2017-11-02 12:31 - 000411648 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2017-12-25 08:40 - 2017-11-02 12:31 - 000153088 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
    2017-12-25 08:40 - 2017-11-02 12:30 - 013381120 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
    2017-12-25 08:40 - 2017-11-02 12:30 - 000719872 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
    2017-12-25 08:40 - 2017-11-02 12:30 - 000635392 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
    2017-12-25 08:40 - 2017-11-02 12:30 - 000165888 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
    2017-12-25 08:40 - 2017-11-02 12:28 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
    2017-12-25 08:40 - 2017-11-02 12:27 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
    2017-12-25 08:40 - 2017-11-02 12:26 - 004445696 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
    2017-12-25 08:40 - 2017-11-02 12:26 - 003060224 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
    2017-12-25 08:40 - 2017-11-02 12:25 - 001713664 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
    2017-12-25 08:40 - 2017-11-02 12:24 - 004707840 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
    2017-12-25 08:40 - 2017-11-02 12:19 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
    2017-12-25 08:40 - 2017-10-15 22:57 - 000712600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
    2017-12-25 08:40 - 2017-10-15 22:57 - 000409496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
    2017-12-25 08:40 - 2017-10-15 22:53 - 002969880 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
    2017-12-25 08:40 - 2017-10-15 22:53 - 000387928 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
    2017-12-25 08:40 - 2017-10-15 22:49 - 000094616 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2017-12-25 08:40 - 2017-10-15 22:14 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\SEMgrPS.dll
    2017-12-25 08:40 - 2017-10-15 22:13 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
    2017-12-25 08:40 - 2017-10-15 22:10 - 001303040 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
    2017-12-25 08:40 - 2017-10-15 22:05 - 004396032 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
    2017-12-25 08:40 - 2017-10-15 22:02 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\LocationFrameworkInternalPS.dll
    2017-12-25 08:39 - 2017-11-30 10:39 - 002809344 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 002032536 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2017-12-25 08:39 - 2017-11-17 17:46 - 001578904 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 000613784 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 000612248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 000379288 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 000259992 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 000190360 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 000067992 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
    2017-12-25 08:39 - 2017-11-02 13:14 - 000667040 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
    2017-12-25 08:39 - 2017-11-02 13:13 - 000212888 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
    2017-12-25 08:39 - 2017-11-02 13:12 - 000654976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
    2017-12-25 08:39 - 2017-11-02 13:12 - 000430848 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
    2017-12-25 08:39 - 2017-11-02 12:33 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
    2017-12-25 08:39 - 2017-11-02 12:28 - 001468416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
    2017-12-25 08:39 - 2017-11-02 12:28 - 000939008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
    2017-12-25 08:39 - 2017-11-02 12:25 - 001886208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
    2017-12-25 08:39 - 2017-10-15 22:59 - 000923040 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
    2017-12-25 08:39 - 2017-10-15 22:56 - 000872464 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
    2017-12-25 08:39 - 2017-10-15 22:08 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
    2017-12-25 00:59 - 2017-12-25 00:59 - 000000043 _____ C:\Users\Home\AppData\Roaming\WB.CFG
    2017-12-24 18:03 - 2017-12-24 18:03 - 000012214 _____ C:\Users\Home\Desktop\ideas.txt
    2017-12-24 14:21 - 2018-01-10 11:46 - 000001313 _____ C:\Users\Home\Desktop\resmon.lnk
    2017-12-24 14:03 - 2017-12-24 14:03 - 000000000 ____D C:\Users\Public\Thunder Network
    2017-12-24 14:03 - 2017-12-24 14:03 - 000000000 ____D C:\ProgramData\Thunder Network
    2017-12-24 13:55 - 2017-12-24 13:55 - 000001400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
    2017-12-24 13:54 - 2017-12-24 13:55 - 000000000 ____D C:\ProgramData\PlugCache
    2017-12-24 13:54 - 2017-12-24 13:54 - 000000000 ____D C:\Users\Home\AppData\Local\DBG
    2017-12-24 13:44 - 2017-12-24 13:44 - 000000000 ____D C:\Users\Home\AppData\Local\ElevatedDiagnostics
    2017-12-24 09:22 - 2018-01-09 19:14 - 000328320 _____ C:\Windows\system32\FNTCACHE.DAT
    2017-12-24 09:01 - 2017-12-24 09:01 - 000000000 _____ C:\Windows\SysWOW64\last.dump
    2017-12-24 08:54 - 2017-12-24 08:54 - 000000000 ____D C:\Program Files\Common Files\Avast Software
    2017-12-24 08:53 - 2017-12-24 08:53 - 000061304 _____ () C:\Windows\system32\Drivers\lpsport.sys
    2017-12-24 08:21 - 2017-12-24 08:21 - 000000000 ____D C:\Users\Home\AppData\Local\NVIDIA Corporation
    2017-12-24 00:47 - 2017-12-24 00:47 - 000000000 ____D C:\Program Files\AVAST Software
    2017-12-24 00:46 - 2017-12-24 08:52 - 000000000 ____D C:\ProgramData\AVAST Software
    2017-12-24 00:35 - 2017-12-24 00:35 - 000000000 ____D C:\Users\Home\AppData\Local\Intel
    2017-12-24 00:34 - 2017-12-24 00:34 - 000000000 ____D C:\ProgramData\Intel
    2017-12-24 00:31 - 2017-12-24 00:31 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
    2017-12-24 00:31 - 2017-12-24 00:31 - 000000000 ____D C:\Program Files\Waves
    2017-12-24 00:25 - 2017-12-24 00:25 - 000002446 _____ C:\Users\Home\Desktop\driver udpaet.txt
    2017-12-23 23:41 - 2017-12-23 23:41 - 000000000 ____D C:\Users\Home\Documents\System Report
    2017-12-23 23:38 - 2017-12-23 23:44 - 000000000 ____D C:\Users\Home\AppData\Roaming\FreshDiagnose
    2017-12-23 22:08 - 2017-12-23 22:08 - 000000000 ____D C:\Users\Home\Desktop\New Folder (2)
    2017-12-22 16:23 - 2017-06-28 04:55 - 000191648 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaLPSS2_I2C.sys
    2017-12-22 16:23 - 2017-06-28 04:55 - 000098976 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaLPSS2_GPIO2.sys
    2017-12-22 16:23 - 2017-05-08 19:39 - 001730296 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
    2017-12-22 16:23 - 2017-05-08 19:39 - 000038480 _____ (Intel Corporation) C:\Windows\system32\Drivers\ICCWDT.sys
    2017-12-22 16:21 - 2017-10-17 00:08 - 000906240 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
    2017-12-22 16:13 - 2017-12-16 08:23 - 040237456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 036350960 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 035157488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 029381936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 023267096 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 019040512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 013867656 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 013255032 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 011781912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 010883744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 004202992 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 003817584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 003615032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001990128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438871.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001674736 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438871.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001321448 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001135464 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001101104 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001038496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001032688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000980880 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000933360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000885680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000794392 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000634224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000616240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000506864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
    2017-12-22 16:12 - 2017-12-16 08:23 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
    2017-12-22 16:12 - 2017-12-16 08:23 - 000000669 _____ C:\Windows\system32\nv-vk64.json
    2017-12-22 16:05 - 2017-12-14 03:52 - 003677120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
    2017-12-22 16:05 - 2017-12-13 23:08 - 015292305 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
    2017-12-22 16:04 - 2017-12-14 03:55 - 000343672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
    2017-12-22 16:04 - 2017-12-14 03:54 - 003509168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
    2017-12-22 16:04 - 2017-12-14 03:54 - 001353288 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
    2017-12-22 16:04 - 2017-12-14 03:54 - 000691640 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
    2017-12-22 16:04 - 2017-12-14 03:53 - 024910440 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioCapture64.dll
    2017-12-22 16:04 - 2017-12-14 03:53 - 024034024 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRenderAVX64.dll
    2017-12-22 16:04 - 2017-12-14 03:52 - 003786672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioMeters64.exe
    2017-12-22 16:04 - 2017-12-14 03:52 - 003205568 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
    2017-12-22 16:04 - 2017-12-14 03:52 - 002922944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
    2017-12-22 15:37 - 2017-10-30 04:06 - 013334260 _____ C:\Windows\system32\Drivers\Netwfw04.dat
    2017-12-22 15:24 - 2017-12-11 06:49 - 001132760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsMFT0.dll
    2017-12-22 15:24 - 2017-12-11 06:48 - 002650328 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCamU64.exe
    2017-12-22 15:24 - 2017-12-11 06:48 - 001980632 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsDecode.dll
    2017-12-22 15:24 - 2017-12-11 06:48 - 000666048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamP64.dll
    2017-12-22 15:24 - 2017-12-11 06:48 - 000577472 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtCamP.dll
    2017-12-11 17:40 - 2017-10-18 23:38 - 000402616 _____ (Intel Corporation) C:\Windows\system32\ibtproppage.dll
    2017-12-11 17:40 - 2017-10-18 23:20 - 000116670 _____ C:\Windows\system32\Drivers\ibtfw.dat



    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-01-10 13:51 - 2017-07-13 17:12 - 000000000 ____D C:\Users\Home\AppData\Local\ClassicShell
    2018-01-10 13:50 - 2017-07-14 03:37 - 000000000 __SHD C:\Users\Home\IntelGraphicsProfiles
    2018-01-10 13:49 - 2017-07-14 03:19 - 000000000 ____D C:\ProgramData\NVIDIA
    2018-01-10 13:49 - 2017-03-18 20:03 - 000000006 ____H C:\Windows\Tasks\SA.DAT
    2018-01-10 13:45 - 2017-03-18 20:02 - 000000000 ____D C:\Windows\system32\SleepStudy
    2018-01-10 12:43 - 2017-03-18 20:12 - 000000000 ____D C:\Users\Home
    2018-01-10 12:41 - 2017-07-13 17:33 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2018-01-10 12:41 - 2017-03-19 05:03 - 000000000 ____D C:\Program Files\IP Address Messenger
    2018-01-10 12:35 - 2017-03-18 20:11 - 001722872 _____ C:\Windows\system32\PerfStringBackup.INI
    2018-01-10 12:14 - 2017-03-19 05:03 - 000000000 ___HD C:\Windows\system32\GroupPolicy
    2018-01-10 12:13 - 2017-03-19 05:01 - 000000000 ____D C:\Windows\INF
    2018-01-10 12:09 - 2017-03-18 20:13 - 000000000 ____D C:\Users\Home\AppData\Local\Packages
    2018-01-10 11:46 - 2017-07-15 11:16 - 000001104 _____ C:\Users\Home\Desktop\QuickGamma.lnk
    2018-01-09 21:08 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\rescache
    2018-01-09 19:19 - 2017-03-18 20:13 - 000000000 __RHD C:\Users\Public\AccountPictures
    2018-01-09 19:12 - 2017-03-19 05:03 - 000000000 ___SD C:\Windows\SysWOW64\F12
    2018-01-09 19:12 - 2017-03-19 05:03 - 000000000 ___SD C:\Windows\system32\F12
    2018-01-09 19:12 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\system32\en-GB
    2018-01-09 19:12 - 2017-03-18 19:40 - 000262144 _____ C:\Windows\system32\config\BBI
    2018-01-09 18:35 - 2017-07-14 22:54 - 000000000 ____D C:\ProgramData\Skype
    2018-01-09 18:31 - 2017-07-16 12:34 - 000000000 ____D C:\Users\Home\AppData\Roaming\vlc
    2018-01-09 18:30 - 2017-07-26 18:34 - 000000000 ____D C:\Users\Home\Documents\PlagiarismCheckerX
    2018-01-09 18:04 - 2017-07-14 03:25 - 000000000 ____D C:\Users\Home\AppData\Roaming\Skype
    2018-01-08 08:22 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\system32\NDF
    2018-01-07 14:11 - 2017-03-19 05:03 - 000000000 ___HD C:\Program Files\WindowsApps
    2018-01-07 14:11 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\AppReadiness
    2018-01-07 10:58 - 2017-03-19 04:51 - 000000000 ____D C:\Windows\CbsTemp
    2018-01-05 09:32 - 2017-07-14 03:37 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
    2018-01-05 09:32 - 2017-07-14 03:20 - 000000000 ____D C:\Program Files (x86)\VulkanRT
    2018-01-04 15:25 - 2017-07-14 05:46 - 000000000 ____D C:\Users\Home\AppData\LocalLow\uTorrent
    2018-01-04 15:25 - 2017-07-14 05:45 - 000000000 ____D C:\Users\Home\AppData\Roaming\uTorrent
    2018-01-03 15:50 - 2017-07-14 06:09 - 000007582 _____ C:\Users\Home\AppData\Local\Resmon.ResmonCfg
    2018-01-03 15:31 - 2017-07-29 16:21 - 000000000 ____D C:\Users\Home\AppData\Roaming\TeamViewer
    2018-01-03 14:44 - 2017-08-02 21:52 - 000000000 ____D C:\ProgramData\Apple
    2018-01-03 09:37 - 2017-07-13 18:02 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
    2018-01-03 09:37 - 2017-07-13 18:02 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
    2017-12-31 16:39 - 2017-08-18 12:53 - 000000000 ____D C:\Users\Home\Desktop\movies
    2017-12-31 16:39 - 2017-07-21 13:23 - 000000000 ____D C:\Users\Home\Desktop\[backup] edit pics
    2017-12-31 16:32 - 2017-08-03 17:53 - 000000000 ____D C:\Users\Home\Desktop\resume
    2017-12-31 15:26 - 2017-07-14 03:34 - 000000000 ____D C:\Users\Home\Documents\Dell Downloads
    2017-12-29 15:00 - 2017-07-14 03:30 - 000000000 ____D C:\Users\Home\AppData\Local\Deployment
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\SysWOW64\en-GB
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\system32\oobe
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\system32\appraiser
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\ShellExperiences
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\Provisioning
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
    2017-12-25 08:24 - 2017-07-14 03:38 - 000000000 ____D C:\ProgramData\Package Cache
    2017-12-25 08:24 - 2017-07-14 03:37 - 000000000 ____D C:\Program Files\Intel
    2017-12-24 12:21 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\LiveKernelReports
    2017-12-24 09:43 - 2017-07-14 09:17 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
    2017-12-24 09:43 - 2017-07-14 09:17 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
    2017-12-24 09:43 - 2017-07-14 09:17 - 000002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
    2017-12-24 09:43 - 2017-07-14 09:17 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
    2017-12-24 09:20 - 2017-07-13 18:13 - 000000000 ____D C:\Windows\Minidump
    2017-12-24 09:19 - 2017-07-21 23:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
    2017-12-24 09:10 - 2017-07-29 16:21 - 000000000 ____D C:\Program Files (x86)\TeamViewer
    2017-12-24 08:23 - 2017-07-29 11:00 - 000000000 ____D C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
    2017-12-24 08:21 - 2017-08-02 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
    2017-12-24 08:21 - 2017-08-02 21:36 - 000000000 ____D C:\Program Files (x86)\Wondershare
    2017-12-24 08:20 - 2017-07-22 16:50 - 000000000 ____D C:\Users\Home\AppData\Roaming\Opera Software
    2017-12-24 08:15 - 2017-03-18 20:13 - 000000000 ____D C:\Users\Home\AppData\Local\ConnectedDevicesPlatform
    2017-12-24 00:41 - 2017-07-14 03:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2017-12-24 00:41 - 2017-07-14 03:18 - 000000000 ____D C:\Program Files\NVIDIA Corporation
    2017-12-24 00:39 - 2017-07-14 03:18 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
    2017-12-24 00:32 - 2017-07-14 03:34 - 000000000 ____D C:\Windows\system32\RTCOM
    2017-12-24 00:32 - 2017-07-14 03:33 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
    2017-12-24 00:30 - 2017-07-14 03:33 - 000110423 _____ C:\Windows\system32\Drivers\rtkhdasetting.zip
    2017-12-24 00:01 - 2017-07-14 04:05 - 000000000 ____D C:\Windows\system32\MRT
    2017-12-23 23:58 - 2017-10-15 16:39 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
    2017-12-23 23:58 - 2017-07-14 04:04 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2017-12-23 23:56 - 2017-07-14 03:36 - 000000000 ____D C:\Intel
    2017-12-19 21:18 - 2017-12-10 19:13 - 000000000 ____D C:\Users\Home\Desktop\mba files
    2017-12-16 08:23 - 2017-07-14 03:17 - 000048442 _____ C:\Windows\system32\nvinfo.pb
    2017-12-16 08:23 - 2017-07-14 03:13 - 004485376 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
    2017-12-16 07:15 - 2017-07-14 03:19 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
    2017-12-16 06:34 - 2017-07-14 03:19 - 005964688 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
    2017-12-16 06:34 - 2017-07-14 03:19 - 002589168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
    2017-12-16 06:34 - 2017-07-14 03:19 - 001767408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
    2017-12-16 06:34 - 2017-07-14 03:19 - 000608056 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
    2017-12-16 06:34 - 2017-07-14 03:19 - 000450544 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
    2017-12-16 06:34 - 2017-07-14 03:19 - 000123704 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
    2017-12-16 06:34 - 2017-07-14 03:19 - 000082928 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
    2017-12-15 02:17 - 2017-07-14 03:19 - 007917671 _____ C:\Windows\system32\nvcoproc.bin
    2017-12-14 03:57 - 2016-11-23 06:55 - 000568224 _____ (Intel Corporation) C:\Windows\system32\tbb_waves.dll
    2017-12-14 03:55 - 2016-11-23 06:55 - 000192944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
    2017-12-14 03:54 - 2016-11-23 06:55 - 003570992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
    2017-12-14 03:53 - 2016-11-23 06:55 - 023935912 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRender64.dll
    2017-12-14 03:52 - 2016-11-23 06:55 - 006083008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
    2017-12-14 03:52 - 2016-11-23 06:55 - 000023656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
    2017-12-11 07:10 - 2017-07-14 03:19 - 000144824 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
    2017-12-11 07:10 - 2017-07-14 03:19 - 000119736 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
    2017-12-11 06:49 - 2016-11-14 22:04 - 003237312 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvc.sys
    2017-12-11 06:48 - 2016-11-14 22:04 - 000104384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamO64.dll

    ==================== Files in the root of some directories =======

    2017-12-25 00:59 - 2017-12-25 00:59 - 000000043 _____ () C:\Users\Home\AppData\Roaming\WB.CFG
    2017-07-14 19:46 - 2017-07-14 19:46 - 331479536 _____ () C:\Users\Home\AppData\Local\ACCCx4_1_1_202.zip.aamdownload
    2017-07-14 19:46 - 2017-07-14 19:46 - 000003693 _____ () C:\Users\Home\AppData\Local\ACCCx4_1_1_202.zip.aamdownload.aamd
    2018-01-10 12:16 - 2018-01-10 12:16 - 000140800 _____ () C:\Users\Home\AppData\Local\installer.dat
    2017-07-14 06:09 - 2018-01-03 15:50 - 000007582 _____ () C:\Users\Home\AppData\Local\Resmon.ResmonCfg
    2017-07-25 12:45 - 2017-07-25 12:45 - 000000358 _____ () C:\Users\Home\AppData\Local\winconf.pxt

    Some files in TEMP:
    ====================
    2018-01-10 12:49 - 2017-09-05 13:26 - 001930840 _____ (Microsoft Corporation) C:\Users\Home\AppData\Local\Temp\dllnt_dump.dll
    2017-12-30 16:45 - 2017-12-19 18:07 - 000169648 _____ () C:\Users\Home\AppData\Local\Temp\substat.dll
    2017-12-30 16:45 - 2017-12-19 18:07 - 000445104 _____ () C:\Users\Home\AppData\Local\Temp\uninstall.dll

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2018-01-04 21:23

    ==================== End of FRST.txt ============================
     
  4. ramesh help

    ramesh help Established Techie7 Member

    ..........................................
    ........................................
    ..........................................
    ..........................................
    .........................................


    Addition:
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018
    Ran by Home (10-01-2018 13:56:18)
    Running from C:\Users\Home\Downloads
    Windows 10 Home Version 1703 15063.850 (X64) (2017-03-18 12:08:04)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3128490503-3481064576-2182703944-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-3128490503-3481064576-2182703944-503 - Limited - Disabled)
    Guest (S-1-5-21-3128490503-3481064576-2182703944-501 - Limited - Disabled)
    Home (S-1-5-21-3128490503-3481064576-2182703944-1001 - Administrator - Enabled) => C:\Users\Home

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
    AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-3128490503-3481064576-2182703944-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
    Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
    Adobe Flash Plugins (HKLM\...\Adobe Flash Player) (Version: 26.0.0.131 - oszone.net)
    Adobe Photoshop CC 2015.5 (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF02}) (Version: 17.0 - Adobe Systems Incorporated)
    Apple Application Support (32-bit) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    CalMAN RGB (HKLM-x32\...\{a69b63b0-da55-4fc6-abb7-831e1e8686ad}) (Version: 5.8.1.31 - Portrait Displays, Inc) Hidden
    Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
    CR2 Converter (HKLM-x32\...\{775F32A5-7BA0-4717-89D0-32B3EC25B2C9}_is1) (Version: - cr2converter.com)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
    Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
    Imagenomic Portraiture 3 Plug-in (build 3027) (HKLM\...\Portraiture 3_is1) (Version: 3027 - Team V.R)
    inSSIDer 4 (HKLM-x32\...\{657B6478-2821-4A70-8FB7-996B5611964C}) (Version: 4.2.2.16 - MetaGeek, LLC)
    Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4877 - Intel Corporation)
    Intel® Integrated Sensor Solution (HKLM-x32\...\{b3782b53-1b6c-436a-b0f0-f65d83ae74d9}) (Version: 3.0.30.1119 - Intel Corporation)
    ISS_Drivers_x64 (HKLM\...\{6F91DCD1-30DB-449C-AE79-6948BEB15825}) (Version: 3.0.30.1119 - Intel Corporation) Hidden
    iTunes (HKLM\...\{D7D4465C-B3B6-4BC1-B336-2803FB57BFAF}) (Version: 12.7.2.60 - Apple Inc.)
    Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
    Main Services (HKLM-x32\...\{FDAE3324-375B-40F9-9369-C0F4ABB209B0}) (Version: 1.2.3 - System Native) Hidden
    Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
    Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9179.0 - Waves Audio Ltd.) Hidden
    Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{e9d78d68-c26c-4da7-9158-99355d8ef3ad}) (Version: 14.10.25017.0 - Microsoft Corporation)
    NVIDIA Graphics Driver 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.71 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
    NVIDIA Update 23.23.30.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 23.23.30.0 - NVIDIA Corporation)
    Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
    Plagiarism Checker X (HKLM-x32\...\{B23E0CBF-D5F6-4682-99A0-A32C6FD93B5B}) (Version: 5.1.4 - Plagiarism Checker X, LLC) Hidden
    Plagiarism Checker X (HKLM-x32\...\Plagiarism Checker X 5.1.4) (Version: 5.1.4 - Plagiarism Checker X, LLC)
    qBittorrent 4.0.3 (HKLM-x32\...\qBittorrent) (Version: 4.0.3 - The qBittorrent project)
    QuickGamma 4.0.0.2 (HKLM-x32\...\QuickGamma_is1) (Version: 4.0.0.2 - Eberhard Werle)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8323 - Realtek Semiconductor Corp.)
    Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.16299.11310 - Realtek Semiconductor Corp.)
    RogueKiller version 12.11.32.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.32.0 - Adlice Software)
    SeaTools for Windows 1.4.0.4 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
    SpectraCal C3 Drivers (HKLM-x32\...\{7B906F27-3A5E-40FB-8784-A9D3EF2A3D7B}) (Version: 1.0.0.2 - Portrait Displays, Inc)
    Syncios Data Transfer 1.6.2 (HKLM-x32\...\{6C4BB520-3416-4D67-B7EA-A9FF6662345F}_is1) (Version: 1.6.2 - Anvsoft, Inc.)
    TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.81460 - TeamViewer)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
    Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
    Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
    Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
    Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0-2) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
    WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3128490503-3481064576-2182703944-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Audio Ltd)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ShellIconOverlayIdentifiers: [0TheftProtectionDll] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => -> No File
    ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
    ShellIconOverlayIdentifiers-x32-x32-x32-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
    ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
    ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-19] (Alexander Roshal)
    ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-19] (Alexander Roshal)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
    ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\igfxDTCM.dll [2017-11-07] (Intel Corporation)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-12-16] (NVIDIA Corporation)
    ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
    ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2016-07-30] (IvoSoft)
    ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-19] (Alexander Roshal)
    ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-19] (Alexander Roshal)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {3FACB1A5-BF9C-46B0-9FAA-8BF50BFA2B07} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
    Task: {42B32854-1A42-4C5F-BFAB-AD1C718A726E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
    Task: {4B819D3C-E8C8-46D5-A381-3AC0EF2B14D6} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
    Task: {5CE6DA7E-9190-4E17-923C-E28B916732F2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
    Task: {62153E1A-1E48-4FFD-89FF-FF18F3682009} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
    Task: {67F21AD2-06E6-4AEB-9312-7CEF5F4AD529} - System32\Tasks\Guard => C:\Program Files (x86)\System Native\Main Services\Guard.exe [2018-01-01] ()
    Task: {769BE428-79FD-436D-B513-9FA7ACFB24F9} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic [Argument = path SoftwareLicensingProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate]
    Task: {7D27993D-3B6C-45ED-AC42-B830EA8A74DE} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-12-14] (Realtek Semiconductor)
    Task: {869DDEFB-23E6-4733-ADEC-7D7A3A55FA65} - System32\Tasks\updater => C:\Program Files (x86)\System Native\Main Services\updater.exe [2018-01-10] (System Native)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\BcyoMZkjXMgFaPP.job => C:\Program Files (x86)\umkISPBbU\pAicqM.dll
    Task: C:\Windows\Tasks\plaAVjRQXWCDePSecyr.job => C:\Program Files (x86)\aohGTEheqdnWC\fklFQTu.dll

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    ==================== Loaded Modules (Whitelisted) ==============

    2017-12-08 01:48 - 2017-12-08 01:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2017-12-08 01:48 - 2017-12-08 01:48 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2018-01-10 12:31 - 2018-01-10 12:55 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
    2018-01-10 12:31 - 2018-01-10 12:55 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
    2017-03-19 04:58 - 2017-03-19 04:58 - 000138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
    2017-12-11 11:05 - 2017-12-11 11:05 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
    2017-12-11 11:05 - 2017-12-11 11:05 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
    2017-12-23 22:24 - 2017-12-06 12:24 - 002873688 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\swiftshader\libglesv2.dll
    2017-12-23 22:24 - 2017-12-06 12:24 - 000137048 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\swiftshader\libegl.dll
    2018-01-10 13:57 - 2018-01-10 13:57 - 000852798 _____ () C:\Users\Home\Downloads\SecurityCheck.exe

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-3128490503-3481064576-2182703944-1001\...\sharepoint.com -> hxxps://cnxmail-files.sharepoint.com

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2017-03-19 05:03 - 2018-01-10 12:15 - 000001320 _____ C:\Windows\system32\Drivers\etc\hosts

    127.0.0.1 cpm.paneladmin.pro
    127.0.0.1 publisher.hmdiadmingate.xyz
    127.0.0.1 hmdicrewtracksystem.xyz
    127.0.0.1 mydownloaddomain.com
    127.0.0.1 linkmate.space
    127.0.0.1 space1.adminpressure.space
    127.0.0.1 trackpressure.website
    127.0.0.1 doctorlink.space
    127.0.0.1 plugpackdownload.net
    127.0.0.1 texttotalk.org
    127.0.0.1 gambling577.xyz
    127.0.0.1 htagdownload.space
    127.0.0.1 mybcnmonetize.com
    127.0.0.1 360devtraking.website
    127.0.0.1 dscdn.pw
    127.0.0.1 bcnmonetize.go2affise.com
    127.0.0.1 beautifllink.xyz

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001\Control Panel\Desktop\\Wallpaper ->
    DNS Servers: 8.8.8.8
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AGSService => 2
    MSCONFIG\Services: Apple Mobile Device Service => 2
    MSCONFIG\Services: Bonjour Service => 2
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: ibtsiva => 2
    MSCONFIG\Services: MBAMService => 3
    MSCONFIG\Services: SkypeUpdate => 2
    MSCONFIG\Services: TeamViewer => 2
    MSCONFIG\Services: WsAppService => 2
    HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
    HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001\...\StartupApproved\Run: => "11f86284"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{9542C8AF-A202-4090-B62E-85858490B6A7}] => (Allow) C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{A11F7D9F-62CD-4441-AC74-3A0FC3CFCC4D}] => (Allow) C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{15CD99D4-DF32-44CA-865C-D1B1D7DB5636}] => (Allow) C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{59A605D8-C085-4239-9DAE-08003EA512EC}] => (Allow) C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{C7D0D5FD-B0F2-47D7-BB29-2133CD49D754}] => (Allow) C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{16D6C9C3-E743-4067-9365-59843C988E90}] => (Allow) C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{AA068812-7F31-4F85-A4C6-6BE780EBA4C3}] => (Allow) C:\Windows\explorer.exe
    FirewallRules: [{03CC437B-8AA9-434B-BFFE-C0D93E3C1770}] => (Allow) C:\Windows\system32\rundll32.exe
    FirewallRules: [{72531044-EFE8-47C5-961D-129A06EE4FB0}] => (Allow) C:\Windows\explorer.exe
    FirewallRules: [{FDF057F4-FD20-4537-9E75-AF1039E35983}] => (Allow) %APPDATA%\uTorrent\uTorrent.exe
    FirewallRules: [{E90BD0F5-7387-472D-BF31-8341DBB84F34}] => (Allow) %APPDATA%\uTorrent\uTorrent.exe
    FirewallRules: [{4051956F-062F-4857-998A-E6115E18FBF1}] => (Block) C:\Windows\systemapps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
    FirewallRules: [{F519264F-4B8D-4DF9-948F-B3C2F129C7A6}] => (Block) C:\Windows\systemapps\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\XBox.TCUI.exe
    FirewallRules: [{73BEE30A-524B-4A1A-BC90-6D1D21A37AE3}] => (Allow) C:\Program Files (x86)\PlagiarismCheckerX\Plagiarism Checker X.exe
    FirewallRules: [{C2696103-3D7B-499F-A203-A2839ACDAD84}] => (Allow) C:\Program Files (x86)\PlagiarismCheckerX\Update.exe
    FirewallRules: [{8D5A9A95-C417-44A8-B694-9111DDB063C6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{48196FF5-E2D8-42D3-8DC1-0FEB6DF4ADC3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{B1636E57-E9E7-45C4-A198-5B1C1372304D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{E242D8CC-79F8-4BA6-8A32-C4A3FD0CD8A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{206A96BA-EA9B-4F5A-8901-E54738101CD9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [TCP Query User{C6CADB54-17C3-4640-AAF9-0608262AA132}C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe] => (Allow) C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe
    FirewallRules: [UDP Query User{0FB761A2-635E-4DDC-934A-3913395DE3C6}C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe] => (Allow) C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe
    FirewallRules: [{5084B41C-12F5-4CC4-B23C-725C9D56AD28}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DriverTalent.exe
    FirewallRules: [{D9D2A184-38A6-47A5-B5CF-1419DC40164A}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DTLService.exe
    FirewallRules: [{934A5DD3-46C3-4810-BDE5-9FD3852DC9FA}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\download\MiniThunderPlatform.exe
    FirewallRules: [{13250E6E-E3B8-43FF-863C-F90EFDA10058}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    FirewallRules: [{D2CC57E1-12AE-4BB4-AE9D-C776668A7976}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{26D0804E-049E-473B-A8B7-BDA1BB7633E7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{B3BEDF1F-35E5-4BDB-A8E3-2CEF53BA8DE0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{48BD8C6D-676D-4A65-8B5E-3EE90107DB36}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{33D47129-48AE-446E-B7FA-02919D9D24F1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{31AD12F9-FB16-471F-9882-887F28786D3E}] => (Allow) C:\Program Files (x86)\AnvSoft\Syncios Data Transfer\SynciosTransfer.exe
    FirewallRules: [{C5057683-4008-4977-AE80-ADDB014B9C81}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
    FirewallRules: [{8DF18EB0-103C-497F-8B9B-A3F893B8E6B7}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
    FirewallRules: [{0993E785-4DD7-4E05-9FB5-D040C387DADB}] => (Allow) C:\Program Files (x86)\System Native\Main Services\Guard.exe
    FirewallRules: [{30D879AE-B967-40CB-AABD-17C0325A890F}] => (Allow) C:\Program Files (x86)\System Native\Main Services\service_box.exe
    FirewallRules: [{52ED50F4-5E4D-488F-85A5-DEF2C7CCE28C}] => (Allow) C:\Windows\System32\rundll32.exe
    FirewallRules: [{CDDC7553-D55C-4530-813A-668FE2E20C44}] => (Allow) C:\Windows\System32\rundll32.exe

    ==================== Restore Points =========================

    29-12-2017 14:52:57 Windows Modules Installer
    03-01-2018 14:45:25 Installed iTunes
    07-01-2018 10:54:38 Windows Update
    09-01-2018 18:34:35 Removed Skype™ 7.40

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (01/10/2018 01:33:26 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
    Description: Event-ID 2003

    Error: (01/10/2018 01:33:26 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
    Description: Event-ID 2002

    Error: (01/10/2018 01:33:26 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
    Description: Event-ID 5000

    Error: (01/10/2018 01:33:26 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
    Description: Event-ID 5000

    Error: (01/10/2018 01:33:18 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
    Description: Event-ID 5000

    Error: (01/10/2018 01:33:18 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
    Description: Event-ID 5000

    Error: (01/10/2018 12:30:32 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: girafe.exe, version: 1.0.0.1, time stamp: 0x5a5590be
    Faulting module name: ntdll.dll, version: 10.0.15063.608, time stamp: 0x802f667e
    Exception code: 0xc0000028
    Fault offset: 0x000a38b9
    Faulting process ID: 0x22a0
    Faulting application start time: 0x01d389cbb0e65713
    Faulting application path: C:\Users\Home\AppData\Local\Temp\qarbln1par5\girafe.exe
    Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
    Report ID: 596033a3-8165-4cda-8ba6-a4eb38d249ec
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (01/10/2018 12:30:32 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: linker.exe, version: 1.0.0.1, time stamp: 0x5a5590be
    Faulting module name: ntdll.dll, version: 10.0.15063.608, time stamp: 0x802f667e
    Exception code: 0xc0000028
    Fault offset: 0x000a38b9
    Faulting process ID: 0x1dc4
    Faulting application start time: 0x01d389cba40b3f9b
    Faulting application path: C:\Users\Home\AppData\Local\Temp\ojphx0ijrto\linker.exe
    Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
    Report ID: 0602b236-0d21-4e7b-ae49-753deb32ee9d
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (01/10/2018 12:30:30 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: girafe.exe, version: 1.0.0.1, time stamp: 0x5a5590be
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc00001a5
    Fault offset: 0x02750e2a
    Faulting process ID: 0x22a0
    Faulting application start time: 0x01d389cbb0e65713
    Faulting application path: C:\Users\Home\AppData\Local\Temp\qarbln1par5\girafe.exe
    Faulting module path: unknown
    Report ID: af2db4bf-4fa1-4c69-9b42-4526acfdc506
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (01/10/2018 12:30:29 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: linker.exe, version: 1.0.0.1, time stamp: 0x5a5590be
    Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception code: 0xc00001a5
    Fault offset: 0x00450e2a
    Faulting process ID: 0x1dc4
    Faulting application start time: 0x01d389cba40b3f9b
    Faulting application path: C:\Users\Home\AppData\Local\Temp\ojphx0ijrto\linker.exe
    Faulting module path: unknown
    Report ID: db4edfd3-4baa-4fbe-ab66-65aef83bf60d
    Faulting package full name:
    Faulting package-relative application ID:


    System errors:
    =============
    Error: (01/10/2018 01:50:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (01/10/2018 01:50:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (01/10/2018 01:49:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The CldFlt service failed to start due to the following error:
    The request is not supported.

    Error: (01/10/2018 01:49:23 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
    Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

    Error: (01/10/2018 01:48:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The GMain Services AMD service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

    Error: (01/10/2018 01:48:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (01/10/2018 01:48:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Intel(R) Content Protection HECI Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (01/10/2018 01:48:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

    Error: (01/10/2018 01:48:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The Intel(R) Content Protection HDCP Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (01/10/2018 01:48:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Apple Mobile Device Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.


    CodeIntegrity:
    ===================================
    Date: 2018-01-10 12:55:27.119
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2018-01-10 12:50:17.489
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2018-01-10 12:32:16.369
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2018-01-10 12:11:49.497
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2018-01-10 12:11:49.493
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2018-01-09 18:29:26.217
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2018-01-04 11:42:25.183
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_4308e967c08942e3\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2018-01-04 11:42:24.745
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2017-12-31 17:22:13.853
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_4308e967c08942e3\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2017-12-31 17:22:13.539
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz
    Percentage of memory in use: 23%
    Total physical RAM: 16179.27 MB
    Available physical RAM: 12418.71 MB
    Total Virtual: 19095.27 MB
    Available Virtual: 16039.5 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:931.02 GB) (Free:775.65 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DDABDAAF)
    Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
     
  5. broni

    broni Malware Annihilator Techie7 Moderator Head Security

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    =====================================

    Was the FRST run after running those three:
    RogueKiller
    Malwarebytes
    AdwCleaner
     
  6. ramesh help

    ramesh help Established Techie7 Member

    i did malware as always 1st followed by the rest as usual your steps in providing each flow. during the frst stuck, i skipped and moved to next session. so only this part stuff. I've identified some things that need to be used in the fix list however not sure how to code it for removing it. please help
     
  7. ramesh help

    ramesh help Established Techie7 Member

    i needed immediate assistance cuz machine was running overload suddenly, blue screen & machine kept installing itself the virus file. during removing process almost 10-150 files removed which is infected
     
  8. broni

    broni Malware Annihilator Techie7 Moderator Head Security

    Re-run these three:
    RogueKiller
    Malwarebytes
    AdwCleaner
    Post all logs.
     
  9. ramesh help

    ramesh help Established Techie7 Member

    suprised how malware still detecting the same amount of virus.

    Malwarebytes
    www.malwarebytes.com

    -Log Details-
    Scan Date: 1/14/18
    Scan Time: 12:41 PM
    Log File: 3ccfe69a-f8e5-11e7-8f92-701ce7413de9.json
    Administrator: Yes

    -Software Information-
    Version: 3.3.1.2183
    Components Version: 1.0.262
    Update Package Version: 1.0.3690
    License: Free

    -System Information-
    OS: Windows 10 (Build 15063.850)
    CPU: x64
    File System: NTFS
    User: DESKTOP-AG9DEDH\Home

    -Scan Summary-
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 298646
    Threats Detected: 154
    Threats Quarantined: 154
    Time Elapsed: 2 min, 31 sec

    -Scan Options-
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Detect
    PUM: Detect

    -Scan Details-
    Process: 0
    (No malicious items detected)

    Module: 0
    (No malicious items detected)

    Registry Key: 9
    Adware.NetAdapter, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Guard, Quarantined, [3656], [477458],1.0.3690
    Adware.NetAdapter, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{67F21AD2-06E6-4AEB-9312-7CEF5F4AD529}, Quarantined, [3656], [477458],1.0.3690
    Adware.NetAdapter, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{67F21AD2-06E6-4AEB-9312-7CEF5F4AD529}, Quarantined, [3656], [477458],1.0.3690
    Adware.NetAdapter.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\updater, Quarantined, [7368], [477453],1.0.3690
    Adware.NetAdapter.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{869DDEFB-23E6-4733-ADEC-7D7A3A55FA65}, Quarantined, [7368], [477453],1.0.3690
    Adware.NetAdapter.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{869DDEFB-23E6-4733-ADEC-7D7A3A55FA65}, Quarantined, [7368], [477453],1.0.3690
    Adware.NetAdapter.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\updater, Quarantined, [7368], [-1],0.0.0
    Adware.NetAdapter.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{869DDEFB-23E6-4733-ADEC-7D7A3A55FA65}, Quarantined, [7368], [-1],0.0.0
    Adware.NetAdapter.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{869DDEFB-23E6-4733-ADEC-7D7A3A55FA65}, Quarantined, [7368], [-1],0.0.0

    Registry Value: 3
    Adware.NetAdapter, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{67F21AD2-06E6-4AEB-9312-7CEF5F4AD529}|PATH, Quarantined, [3656], [477456],1.0.3690
    Adware.NetAdapter.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{0993E785-4DD7-4E05-9FB5-D040C387DADB}, Quarantined, [14870], [477452],1.0.3690
    Adware.NetAdapter.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{30D879AE-B967-40CB-AABD-17C0325A890F}, Quarantined, [14870], [477452],1.0.3690

    Registry Data: 0
    (No malicious items detected)

    Data Stream: 0
    (No malicious items detected)

    Folder: 63
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\es_419, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\en_US, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\en_GB, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\pt_BR, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\pt_PT, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\zh_CN, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\zh_TW, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\fil, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\be, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\bg, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\bn, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\ca, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\cs, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\da, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\de, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\el, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\en, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\es, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\et, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\fa, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\fi, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\fr, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\gu, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\he, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\hr, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\hu, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\id, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\it, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\ja, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\kn, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\ko, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\lt, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\lv, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\mk, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\ml, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\mr, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\ms, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\nl, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\no, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\pl, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\pt, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\hi, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\ro, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\ru, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\sk, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\sl, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\sq, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\sr, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\sv, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\sw, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\ta, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\te, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\th, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\tr, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\uk, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\vi, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\am, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\ar, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_metadata, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\icons, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\USERS\HOME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\OACPEGAEGONLMNOBKOEIIEGDCCGCMPNJ, Quarantined, [6839], [443170],1.0.3690

    File: 79
    Adware.NetAdapter, C:\WINDOWS\SYSTEM32\TASKS\GUARD, Quarantined, [3656], [477458],1.0.3690
    Adware.NetAdapter, C:\PROGRAM FILES (X86)\SYSTEM NATIVE\MAIN SERVICES\GUARD.EXE, Quarantined, [3656], [477455],1.0.3690
    Adware.NetAdapter.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\updater, Quarantined, [7368], [477453],1.0.3690
    Adware.NetAdapter.TskLnk, C:\PROGRAM FILES (X86)\SYSTEM NATIVE\MAIN SERVICES\UPDATER.EXE, Quarantined, [7368], [477453],1.0.3690
    Adware.NetAdapter.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\updater, Quarantined, [7368], [-1],0.0.0
    Adware.NeoBar.ChrPRST, C:\USERS\HOME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\USERS\HOME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\USERS\HOME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\OACPEGAEGONLMNOBKOEIIEGDCCGCMPNJ\1.11.2_0\MANIFEST.JSON, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\icons\icon128.png, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\hi\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\am\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\ar\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\be\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\bg\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\bn\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\ca\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\cs\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\da\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\de\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\el\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\en\background.js, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\en\Content.js, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\en\foreground.js, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\en\Kernel.js, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\en\main.css, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\en\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\en_GB\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\en_US\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\es\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\es_419\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\et\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\fa\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\fi\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\fil\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\fr\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\gu\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\he\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\hr\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\hu\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\id\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\it\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\ja\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\kn\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\ko\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\lt\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\lv\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\mk\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\ml\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\mr\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\ms\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\nl\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\no\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\pl\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\pt\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\pt_BR\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\pt_PT\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\ro\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\ru\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\sk\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\sl\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\sq\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\sr\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\sv\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\sw\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\ta\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\te\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\th\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\tr\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\uk\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\vi\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\zh_CN\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_locales\zh_TW\messages.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_metadata\computed_hashes.json, Quarantined, [6839], [443170],1.0.3690
    Adware.NeoBar.ChrPRST, C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacpegaegonlmnobkoeiiegdccgcmpnj\1.11.2_0\_metadata\verified_contents.json, Quarantined, [6839], [443170],1.0.3690
    RiskWare.BitCoinMiner, C:\PROGRAMDATA\ROGUEKILLER\QUARANTINE\43C76F4CE57FB18A.VIR, Quarantined, [81], [440074],1.0.3690
    Adware.Neoreklami, C:\USERS\HOME\APPDATA\LOCAL\TEMP\N2RYSSOYX5S\HHUEIQPII.EXE, Quarantined, [348], [477398],1.0.3690
    PUP.Optional.BundleInstaller, C:\USERS\HOME\APPDATA\LOCAL\TEMP\IS-IID85.TMP\SETUP.EXE, Quarantined, [19], [477958],1.0.3690
    PUP.Optional.DriveTheLife, C:\USERS\HOME\APPDATA\LOCAL\TEMP\SMG8D28.TMP\SMG8D28.TMP, Quarantined, [2251], [478126],1.0.3690
    Adware.Neoreklami, C:\USERS\HOME\APPDATA\LOCAL\TEMP\UUJPY1DDS2A\HHUEIQPII.EXE, Quarantined, [348], [477398],1.0.3690

    Physical Sector: 0
    (No malicious items detected)


    (end)
     
  10. ramesh help

    ramesh help Established Techie7 Member

    # AdwCleaner 7.0.6.0 - Logfile created on Sun Jan 14 04:55:47 2018
    # Updated on 2017/21/12 by Malwarebytes
    # Database: 01-11-2018.1
    # Running on Windows 10 Home (X64)
    # Mode: scan
    # Support: https://www.malwarebytes.com/support

    ***** [ Services ] *****

    No malicious services found.

    ***** [ Folders ] *****

    No malicious folders found.

    ***** [ Files ] *****

    No malicious files found.

    ***** [ DLL ] *****

    No malicious DLLs found.

    ***** [ WMI ] *****

    No malicious WMI found.

    ***** [ Shortcuts ] *****

    No malicious shortcuts found.

    ***** [ Tasks ] *****

    No malicious tasks found.

    ***** [ Registry ] *****

    No malicious registry entries found.

    ***** [ Firefox (and derivatives) ] *****

    No malicious Firefox entries.

    ***** [ Chromium (and derivatives) ] *****

    No malicious Chromium entries.

    *************************



    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
     
  11. broni

    broni Malware Annihilator Techie7 Moderator Head Security

    I still need RogueKiller log.
     
  12. ramesh help

    ramesh help Established Techie7 Member

    RogueKiller V12.11.32.0 (x64) [Jan 8 2018] (Free) by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : https://forum.adlice.com
    Website : http://www.adlice.com/download/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 10 (10.0.15063) 64 bits version
    Started in : Normal mode
    User : Home [Administrator]
    Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
    Mode : Scan -- Date : 01/14/2018 12:50:13 (Duration : 00:46:24)

    ¤¤¤ Processes : 0 ¤¤¤

    ¤¤¤ Registry : 0 ¤¤¤

    ¤¤¤ Tasks : 0 ¤¤¤

    ¤¤¤ Files : 0 ¤¤¤

    ¤¤¤ WMI : 0 ¤¤¤

    ¤¤¤ Hosts File : 0 ¤¤¤

    ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ MBR Check : ¤¤¤
    +++++ PhysicalDrive0: ST1000LM035-1RK172 +++++
    --- User ---
    [MBR] 5a300ed89915fec2e8ea8f76e2f8ef27
    [BSP] b3545eefbebd2d25221724148919ac76 : Windows Vista/7/8|VT.Unknown MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 953367 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    User = LL2 ... OK
     
  13. broni

    broni Malware Annihilator Techie7 Moderator Head Security

    Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

    • Double click to run it.
    • Make sure you checkmark Addition.txt box.
    • Press Scan button.
    • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
     
  14. ramesh help

    ramesh help Established Techie7 Member

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.01.2018
    Ran by Home (administrator) on WORKMACHINE (15-01-2018 12:17:56)
    Running from C:\Users\Home\Downloads
    Loaded Profiles: Home & (Available Profiles: Home)
    Platform: Windows 10 Home Version 1703 15063.850 (X64) Language: English (United Kingdom)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\igfxCUIService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\IntelCpHDCPSvc.exe
    (Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
    (www.example.com) C:\Program Files (x86)\System Native\Main Services\amd\gservice.exe
    (Intel Corporation) C:\Windows\System32\ibtsiva.exe
    (Microsoft Corporation) C:\Windows\System32\Locator.exe
    (Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\IntelCpHeciSvc.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\igfxEM.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
    (Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
    (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    () C:\Program Files (x86)\qBittorrent\qbittorrent.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-19] (Microsoft Corporation)
    HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297272 2017-12-11] (Apple Inc.)
    HKLM\...\Run: [SERVICE] => [X]
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2142328 2017-12-19] (Logitech, Inc.)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2017-11-28] (Adobe Systems Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\logon.scr
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142018124749912\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\logon.scr
    Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-01-10]
    ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation)
    GroupPolicy: Restriction <==== ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    Tcpip\Parameters: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{2932496d-0bdb-11e7-a8ba-806e6f6e6963}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{2eed2ca6-62ae-4832-a2bc-797af511b181}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{3e8cd711-8c03-4497-b0a3-96439e127060}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{3e8cd711-8c03-4497-b0a3-96439e127060}: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{7a0aa4d2-5fbf-425e-bb39-0b8e87787ae0}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{89c7d9d2-b82d-4b12-a174-010c1c2aee99}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{be34f7d1-1aa2-4b2b-ba63-83fc4ecd66c2}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{e5f548e5-804e-4ae0-843c-b0a104b797ae}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{ecc22f3c-39b8-4d25-8211-9310c4b0ac91}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{ecc22f3c-39b8-4d25-8211-9310c4b0ac91}: [DhcpNameServer] 8.8.8.8

    Internet Explorer:
    ==================
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142018124749912\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3128490503-3481064576-2182703944-1001 -> {0CE02FFA-A6B0-46F6-BA2F-BD32C3630126} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
    SearchScopes: HKU\S-1-5-21-3128490503-3481064576-2182703944-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142018124749912 -> {0CE02FFA-A6B0-46F6-BA2F-BD32C3630126} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
    BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
    BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-18] (Adobe Systems Incorporated)
    BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
    BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-18] (Adobe Systems Incorporated)
    BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2018-01-10] (Oracle Corporation)
    BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-18] (Adobe Systems Incorporated)
    BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-02-22] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2018-01-10] (Oracle Corporation)
    BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
    BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-18] (Adobe Systems Incorporated)
    Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
    Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-18] (Adobe Systems Incorporated)
    Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
    Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-18] (Adobe Systems Incorporated)
    Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)
    Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe

    FireFox:
    ========
    FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
    FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-27]
    FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-16] ()
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-16] ()
    FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2018-01-10] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2018-01-10] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
    FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-11-28] (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems)

    Chrome:
    =======
    CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default [2018-01-15]
    CHR Extension: (UROverview) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\amdamgkgchnbaopmphhjapmjcdghdphi [2018-01-09]
    CHR Extension: (Adblock Plus) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-14]
    CHR Extension: (Tampermonkey) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-10-08]
    CHR Extension: (WME JNF) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnjmbmlldgfomcdmflifibpappdadcm [2017-11-24]
    CHR Extension: (Ads Blocker for Facebook ™) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmgjckeibmdfndlflobjhddhmemajjld [2017-12-24]
    CHR Extension: (WME Route Checker) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjnhelaghhdbglpieidncdppchpnlfh [2017-09-14]
    CHR Extension: (AdBlock) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-24]
    CHR Extension: (Lazada Price Tracker) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbffioiakemflkglioiijpfddgahchaf [2018-01-10]
    CHR Extension: (Video Adblocker for Youtube™ Extension) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2017-11-24]
    CHR Extension: (Social Fixer for Facebook) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2017-12-25]
    CHR Extension: (WME Toolbox) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihebciailciabdiknfomleeccodkdejn [2017-12-24]
    CHR Extension: (WME Color Highlights) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijnldkoicbhinlgnoigchihmegdjobjc [2017-07-28]
    CHR Extension: (Waze - Google Maps™ link) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jblojdkgpamepmiammlgkkhknojnlmai [2017-08-20]
    CHR Extension: (Torrentz2 Magnet Links +) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldknhpjddofdohocbhakahagoepainmo [2017-12-30]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
    CHR Extension: (Chrome Media Router) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-24]
    CHR Extension: (RightToCopy) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmcimdddlobkphnofejmeidjblideca [2018-01-04]
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
    R4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
    R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-09] (Intel Corporation)
    R4 gservice.exe; C:\Program Files (x86)\System Native\Main Services\amd\gservice.exe [5931776 2018-01-10] (www.example.com) <==== ATTENTION
    R4 ibtsiva; C:\Windows\system32\ibtsiva.exe [542392 2017-10-18] (Intel Corporation)
    R4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324544 2017-12-14] (Realtek Semiconductor)
    S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-07-27] (TeamViewer GmbH)
    R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [592776 2017-05-08] (Waves Audio Ltd.)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-19] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
    S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492256 2017-06-14] (Wondershare)
    R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
    R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [74144 2017-11-09] (Intel Corporation)
    R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [69536 2017-11-09] (Intel Corporation)
    R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [382880 2017-11-09] (Intel Corporation)
    R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [54816 2016-10-28] (Intel Corporation)
    R3 HID_PCI; C:\Windows\System32\drivers\HID_PCI.sys [31328 2016-08-10] (Intel)
    R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [98976 2017-06-28] (Intel Corporation)
    R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [132104 2017-10-18] (Intel Corporation)
    R3 ISH; C:\Windows\System32\drivers\ISH.sys [143984 2016-09-20] (Intel)
    R3 ISH_BusDriver; C:\Windows\System32\drivers\ISH_BusDriver.sys [80496 2016-08-18] (Intel)
    R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-01-10] (Malwarebytes)
    R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7638536 2017-10-30] (Intel Corporation)
    R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_4308e967c08942e3\nvlddmkm.sys [17028552 2017-12-19] (NVIDIA Corporation)
    R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3237312 2017-12-11] (Realtek Semiconductor Corp.)
    S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-19] ()
    S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
    R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [42000 2017-01-12] (Intel Corporation)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44632 2017-03-19] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [294816 2017-03-19] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-19] (Microsoft Corporation)
    S2 WinDivert1.2; C:\Windows\system32\drivers\WinDivert64.sys [37552 2018-01-10] (Basil)
    R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2018-01-14] (Zemana Ltd.)
    S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-01-15 12:17 - 2018-01-15 12:18 - 000021718 _____ C:\Users\Home\Downloads\FRST.txt
    2018-01-15 12:17 - 2018-01-15 12:17 - 002393088 _____ (Farbar) C:\Users\Home\Downloads\FRST64.exe
    2018-01-15 12:17 - 2018-01-15 12:17 - 000000000 ____D C:\FRST
    2018-01-14 19:41 - 2018-01-14 19:50 - 000000000 ____D C:\Users\Home\AppData\Roaming\FreeFixer
    2018-01-14 19:41 - 2018-01-14 19:50 - 000000000 ____D C:\Users\Home\AppData\Local\FreeFixer
    2018-01-14 19:41 - 2018-01-14 19:50 - 000000000 ____D C:\Program Files\FreeFixer
    2018-01-14 19:40 - 2018-01-14 19:40 - 002736190 _____ (Kephyr) C:\Users\Home\Downloads\freefixersetup.exe
    2018-01-14 19:34 - 2018-01-14 19:34 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
    2018-01-14 19:33 - 2018-01-14 19:34 - 031622688 _____ (SUPERAntiSpyware) C:\Users\Home\Downloads\SUPERAntiSpyware.exe
    2018-01-14 19:26 - 2018-01-14 19:26 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\Home\Downloads\rkill.exe
    2018-01-14 19:20 - 2018-01-14 19:26 - 744487671 _____ C:\Users\Home\Desktop\www.TamilRockers.st - Annadurai (2017)[HDRip - x264 - 700MB - Tamil].mkv
    2018-01-14 19:01 - 2018-01-15 12:18 - 000161611 _____ C:\Windows\ZAM_Guard.krnl.trace
    2018-01-14 19:01 - 2018-01-14 19:36 - 000231206 _____ C:\Windows\ZAM.krnl.trace
    2018-01-14 19:00 - 2018-01-14 19:36 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
    2018-01-14 19:00 - 2018-01-14 19:00 - 006625600 _____ (Zemana Ltd. ) C:\Users\Home\Downloads\Zemana.AntiMalware.Setup.exe
    2018-01-14 19:00 - 2018-01-14 19:00 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
    2018-01-14 19:00 - 2018-01-14 19:00 - 000000000 ____D C:\Users\Home\AppData\Local\Zemana
    2018-01-14 18:59 - 2018-01-14 18:59 - 008198432 _____ (Malwarebytes) C:\Users\Home\Downloads\adwcleaner_7.0.6.0 (1).exe
    2018-01-14 18:51 - 2018-01-14 18:58 - 730658583 _____ C:\Users\Home\Desktop\www.TamilRockers.st - Spyder (2017) Tamil HDRip x264 700MB.mkv
    2018-01-14 18:51 - 2018-01-14 18:57 - 742894207 _____ C:\Users\Home\Desktop\www.TamilRockers.st - Sakka Podu Podu Raja (2017)[HDRip - x264 - 700MB - ESubs - Tamil].mkv
    2018-01-14 18:51 - 2018-01-14 18:51 - 000014844 _____ C:\Users\Home\Downloads\www.TamilRockers.st - Sakka Podu Podu Raja (2017)HDRip - x264 - 700MB - ESubs - Tamil.mkv.torrent
    2018-01-14 18:50 - 2018-01-14 18:50 - 000014324 _____ C:\Users\Home\Downloads\www.TamilRockers.st - Spyder (2017) Tamil HDRip x264 700MB.mkv.torrent
    2018-01-14 16:34 - 2018-01-14 16:34 - 004288071 _____ C:\Users\Home\Downloads\MGT5000_S3_2017_Ramesh_Kasi.docx.pdf
    2018-01-14 14:38 - 2018-01-14 14:38 - 000000000 ____D C:\Users\Home\AppData\Local\SolidDocuments
    2018-01-14 14:09 - 2018-01-14 14:12 - 810299834 _____ C:\Users\Home\Downloads\IZOFILE.COM - Adobe Acrobat Pro DC 2018.009.20044.rar
    2018-01-14 14:08 - 2018-01-14 14:08 - 000586327 _____ ( ) C:\Users\Home\Downloads\Adobe_Acrobat_Pro_Dc_18.009.20050_Crack_2018.exe
    2018-01-14 14:08 - 2018-01-14 14:08 - 000045110 _____ C:\Users\Home\Downloads\Adobe_Acrobat_Pro_DC_2018_Crack.xht
    2018-01-14 14:05 - 2018-01-14 14:05 - 000045111 _____ C:\Users\Home\Downloads\Adobe_Acrobat_Pro_DC_Crack.xht
    2018-01-14 14:05 - 2018-01-14 14:05 - 000023867 _____ C:\Users\Home\Downloads\adobe-acrobat-pro-dc-crack.xht
    2018-01-14 12:53 - 2018-01-14 19:01 - 000000000 ____D C:\AdwCleaner
    2018-01-14 12:50 - 2018-01-14 12:51 - 008198432 _____ (Malwarebytes) C:\Users\Home\Downloads\adwcleaner_7.0.6.0.exe
    2018-01-14 12:49 - 2018-01-14 12:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
    2018-01-14 12:49 - 2018-01-14 12:49 - 000000000 ____D C:\Program Files\RogueKiller
    2018-01-14 12:42 - 2018-01-14 12:42 - 033463072 _____ (Adlice Software ) C:\Users\Home\Downloads\setup.exe
    2018-01-14 11:54 - 2018-01-14 11:54 - 000000000 ____D C:\Users\Home\AppData\Roaming\Logishrd
    2018-01-14 11:54 - 2018-01-14 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
    2018-01-14 11:53 - 2018-01-14 11:53 - 000000000 ____D C:\ProgramData\Logishrd
    2018-01-14 11:53 - 2018-01-14 11:53 - 000000000 ____D C:\Program Files\Logitech
    2018-01-14 11:20 - 2018-01-14 11:30 - 000000000 ____D C:\Program Files\rempl
    2018-01-14 11:17 - 2018-01-14 11:24 - 153191304 _____ (Logitech Inc.) C:\Users\Home\Downloads\Options_6.72.344.exe
    2018-01-10 18:58 - 2018-01-10 18:58 - 000037561 _____ C:\Users\Home\Downloads\1027637329.pdf
    2018-01-10 18:44 - 2018-01-10 18:44 - 000057410 _____ C:\Users\Home\Downloads\KASIK.L.PALANIAPPAN.pdf
    2018-01-10 16:47 - 2018-01-10 16:47 - 000000000 ____D C:\Users\Home\AppData\Roaming\OpenOffice
    2018-01-10 16:41 - 2018-01-10 16:41 - 000000000 ____D C:\Users\Home\Desktop\OpenOffice 4.1.5 (en-US) Installation Files
    2018-01-10 16:37 - 2018-01-10 16:38 - 140756235 _____ C:\Users\Home\Downloads\Apache_OpenOffice_4.1.5_Win_x86_install_en-US.exe
    2018-01-10 16:36 - 2018-01-10 16:36 - 000157455 _____ C:\Users\Home\Downloads\competition_rejection 2018-01-10.csv
    2018-01-10 16:03 - 2018-01-10 16:03 - 003022784 _____ C:\Users\Home\Downloads\finance.export.payout 2018-01-10.csv
    2018-01-10 15:23 - 2018-01-10 15:23 - 000003654 _____ C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask
    2018-01-10 15:23 - 2018-01-10 15:23 - 000001358 _____ C:\DelFix.txt
    2018-01-10 15:23 - 2018-01-10 15:23 - 000000000 ____D C:\Windows\ERUNT
    2018-01-10 14:05 - 2018-01-10 14:05 - 001852992 _____ (Oracle Corporation) C:\Users\Home\Downloads\JavaSetup8u151.exe
    2018-01-10 12:49 - 2018-01-14 12:50 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
    2018-01-10 12:49 - 2018-01-10 15:22 - 000000000 ____D C:\ProgramData\RogueKiller
    2018-01-10 12:32 - 2018-01-10 13:49 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
    2018-01-10 12:32 - 2018-01-10 12:32 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2018-01-10 12:32 - 2018-01-10 12:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2018-01-10 12:31 - 2018-01-10 12:55 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
    2018-01-10 12:31 - 2018-01-10 12:31 - 083316440 _____ (Malwarebytes ) C:\Users\Home\Downloads\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3374.exe
    2018-01-10 12:31 - 2018-01-10 12:31 - 000000000 ____D C:\ProgramData\Malwarebytes
    2018-01-10 12:31 - 2018-01-10 12:31 - 000000000 ____D C:\Program Files\Malwarebytes
    2018-01-10 12:29 - 2018-01-10 12:43 - 000000000 ____D C:\Users\Home\AppData\Roaming\herfhhze0fk
    2018-01-10 12:28 - 2018-01-10 12:28 - 000000000 ____D C:\ProgramData\System Native
    2018-01-10 12:26 - 2018-01-10 12:26 - 000003621 _____ C:\Users\Public\Desktop\R@1n.txt
    2018-01-10 12:26 - 2018-01-10 12:26 - 000000000 ____D C:\Windows\System32\Tasks\R@1n-KMS
    2018-01-10 12:26 - 2018-01-10 12:26 - 000000000 ____D C:\Users\Home\AppData\Local\mpress
    2018-01-10 12:25 - 2018-01-10 12:25 - 000004096 _____ C:\Windows\KMS-R@1nHook.dll
    2018-01-10 12:18 - 2018-01-10 12:43 - 000000328 _____ C:\Windows\Tasks\plaAVjRQXWCDePSecyr.job
    2018-01-10 12:17 - 2018-01-10 12:43 - 000000318 _____ C:\Windows\Tasks\BcyoMZkjXMgFaPP.job
    2018-01-10 12:17 - 2018-01-10 12:17 - 000037552 _____ (Basil) C:\Windows\system32\Drivers\WinDivert64.sys
    2018-01-10 12:16 - 2018-01-10 13:45 - 000000000 ____D C:\Disk
    2018-01-10 12:16 - 2018-01-10 12:43 - 000000000 ____D C:\Users\Home\AppData\Roaming\ka10kqmgpts
    2018-01-10 12:16 - 2018-01-10 12:16 - 000140800 _____ C:\Users\Home\AppData\Local\installer.dat
    2018-01-10 12:16 - 2018-01-10 12:16 - 000000000 ____D C:\Windat
    2018-01-10 12:15 - 2018-01-10 12:43 - 000000000 ____D C:\Program Files (x86)\Multitimer
    2018-01-10 12:14 - 2018-01-10 12:38 - 000000000 ____D C:\WinSys
    2018-01-10 12:14 - 2018-01-10 12:38 - 000000000 ____D C:\Applications
    2018-01-10 12:14 - 2018-01-10 12:28 - 000000258 __RSH C:\ProgramData\ntuser.pol
    2018-01-10 12:14 - 2018-01-10 12:14 - 000000000 ____D C:\Users\Home\AppData\Roaming\System Native
    2018-01-10 12:14 - 2018-01-10 12:14 - 000000000 ____D C:\Program Files (x86)\System Native
    2018-01-10 12:12 - 2018-01-10 12:41 - 000000000 ____D C:\Program Files (x86)\KMSPico 10.2.2 Final
    2018-01-09 11:17 - 2018-01-09 11:17 - 000000000 ____D C:\Users\Home\Downloads\temp
    2018-01-09 11:16 - 2018-01-14 19:26 - 000000000 ____D C:\Users\Home\Desktop\torrent incomplete
    2018-01-09 11:01 - 2018-01-09 11:05 - 000000000 ____D C:\Users\Home\Downloads\Ferdinand 2017
    2018-01-08 20:54 - 2018-01-08 20:54 - 000037171 _____ C:\Windows\uninstaller.dat
    2018-01-08 10:33 - 2018-01-15 12:15 - 000000000 ____D C:\Users\Home\AppData\Roaming\qBittorrent
    2018-01-08 10:33 - 2018-01-08 10:33 - 000000000 ____D C:\Users\Home\AppData\Local\qBittorrent
    2018-01-08 10:33 - 2018-01-08 10:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
    2018-01-08 10:33 - 2018-01-08 10:33 - 000000000 ____D C:\Program Files (x86)\qBittorrent
    2018-01-07 16:48 - 2018-01-07 17:08 - 000001855 _____ C:\Users\Home\Desktop\dsfsdfdsfd.txt
    2018-01-07 10:53 - 2018-01-01 14:03 - 000891904 _____ (Microsoft Corporation) C:\Windows\system32\Spectrum.exe
    2018-01-07 10:53 - 2018-01-01 10:27 - 000074648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
    2018-01-07 10:53 - 2018-01-01 10:26 - 000107416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
    2018-01-07 10:53 - 2018-01-01 10:24 - 000135576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2018-01-07 10:53 - 2018-01-01 10:24 - 000102808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
    2018-01-07 10:53 - 2018-01-01 10:24 - 000052632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys
    2018-01-07 10:53 - 2018-01-01 10:22 - 001239448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
    2018-01-07 10:53 - 2018-01-01 10:22 - 001194784 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2018-01-07 10:53 - 2018-01-01 10:22 - 000181912 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2018-01-07 10:53 - 2018-01-01 10:22 - 000119704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2018-01-07 10:53 - 2018-01-01 10:21 - 000587160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
    2018-01-07 10:53 - 2018-01-01 10:20 - 000036760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys
    2018-01-07 10:53 - 2018-01-01 10:19 - 000730008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
    2018-01-07 10:53 - 2018-01-01 10:19 - 000164760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
    2018-01-07 10:53 - 2018-01-01 10:19 - 000047512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys
    2018-01-07 10:53 - 2018-01-01 10:19 - 000027456 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
    2018-01-07 10:53 - 2018-01-01 10:18 - 000110600 _____ (Microsoft Corporation) C:\Windows\system32\rmclient.dll
    2018-01-07 10:53 - 2018-01-01 10:18 - 000057752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
    2018-01-07 10:53 - 2018-01-01 10:16 - 002672024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2018-01-07 10:53 - 2018-01-01 10:16 - 000610712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2018-01-07 10:53 - 2018-01-01 10:15 - 000083352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
    2018-01-07 10:53 - 2018-01-01 10:09 - 000070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WindowsTrustedRT.sys
    2018-01-07 10:53 - 2018-01-01 10:07 - 000583688 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_win.dll
    2018-01-07 10:53 - 2018-01-01 10:03 - 000627584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
    2018-01-07 10:53 - 2018-01-01 10:03 - 000311704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2018-01-07 10:53 - 2018-01-01 09:52 - 000195768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
    2018-01-07 10:53 - 2018-01-01 09:50 - 000787704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2018-01-07 10:53 - 2018-01-01 09:49 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
    2018-01-07 10:53 - 2018-01-01 09:48 - 005828768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
    2018-01-07 10:53 - 2018-01-01 09:48 - 002167320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2018-01-07 10:53 - 2018-01-01 09:48 - 000073896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wwapi.dll
    2018-01-07 10:53 - 2018-01-01 09:47 - 001998416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2018-01-07 10:53 - 2018-01-01 09:47 - 000433888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
    2018-01-07 10:53 - 2018-01-01 09:47 - 000186520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
    2018-01-07 10:53 - 2018-01-01 09:47 - 000016592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshhyperv.dll
    2018-01-07 10:53 - 2018-01-01 09:46 - 000702032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
    2018-01-07 10:53 - 2018-01-01 09:46 - 000087352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll
    2018-01-07 10:53 - 2018-01-01 09:45 - 020374424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2018-01-07 10:53 - 2018-01-01 09:45 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
    2018-01-07 10:53 - 2018-01-01 09:43 - 000558080 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2018-01-07 10:53 - 2018-01-01 09:42 - 000480912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2018-01-07 10:53 - 2018-01-01 09:42 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
    2018-01-07 10:53 - 2018-01-01 09:41 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenanceClient.dll
    2018-01-07 10:53 - 2018-01-01 09:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgid.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
    2018-01-07 10:53 - 2018-01-01 09:40 - 000130560 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
    2018-01-07 10:53 - 2018-01-01 09:40 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storqosflt.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Synth3dVsc.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
    2018-01-07 10:53 - 2018-01-01 09:40 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dmvsc.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RfxVmt.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerSvc.dll
    2018-01-07 10:53 - 2018-01-01 09:39 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
    2018-01-07 10:53 - 2018-01-01 09:39 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
    2018-01-07 10:53 - 2018-01-01 09:39 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
    2018-01-07 10:53 - 2018-01-01 09:38 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
    2018-01-07 10:53 - 2018-01-01 09:38 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2018-01-07 10:53 - 2018-01-01 09:38 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
    2018-01-07 10:53 - 2018-01-01 09:38 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
    2018-01-07 10:53 - 2018-01-01 09:37 - 002953216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
    2018-01-07 10:53 - 2018-01-01 09:37 - 000473600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2018-01-07 10:53 - 2018-01-01 09:37 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2018-01-07 10:53 - 2018-01-01 09:37 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2018-01-07 10:53 - 2018-01-01 09:37 - 000038912 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2018-01-07 10:53 - 2018-01-01 09:36 - 000548864 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
    2018-01-07 10:53 - 2018-01-01 09:36 - 000328704 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
    2018-01-07 10:53 - 2018-01-01 09:36 - 000209920 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
    2018-01-07 10:53 - 2018-01-01 09:35 - 000421888 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
    2018-01-07 10:53 - 2018-01-01 09:35 - 000343040 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
    2018-01-07 10:53 - 2018-01-01 09:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
    2018-01-07 10:53 - 2018-01-01 09:35 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PimIndexMaintenanceClient.dll
    2018-01-07 10:53 - 2018-01-01 09:35 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\virtdisk.dll
    2018-01-07 10:53 - 2018-01-01 09:34 - 000203264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\container.dll
    2018-01-07 10:53 - 2018-01-01 09:34 - 000132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
    2018-01-07 10:53 - 2018-01-01 09:34 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
    2018-01-07 10:53 - 2018-01-01 09:34 - 000049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tetheringclient.dll
    2018-01-07 10:53 - 2018-01-01 09:34 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2018-01-07 10:53 - 2018-01-01 09:34 - 000010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2018-01-07 10:53 - 2018-01-01 09:33 - 001627648 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
    2018-01-07 10:53 - 2018-01-01 09:33 - 001177600 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
    2018-01-07 10:53 - 2018-01-01 09:33 - 000175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
    2018-01-07 10:53 - 2018-01-01 09:33 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2018-01-07 10:53 - 2018-01-01 09:33 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ssdpapi.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 001094656 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 000365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2018-01-07 10:53 - 2018-01-01 09:32 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 000253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
    2018-01-07 10:53 - 2018-01-01 09:32 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 000069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\keyiso.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3dlg.dll
    2018-01-07 10:53 - 2018-01-01 09:31 - 000934912 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
    2018-01-07 10:53 - 2018-01-01 09:31 - 000757760 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
    2018-01-07 10:53 - 2018-01-01 09:31 - 000370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
    2018-01-07 10:53 - 2018-01-01 09:31 - 000242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
    2018-01-07 10:53 - 2018-01-01 09:31 - 000232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppLockerCSP.dll
    2018-01-07 10:53 - 2018-01-01 09:31 - 000173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
    2018-01-07 10:53 - 2018-01-01 09:30 - 020514304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
    2018-01-07 10:53 - 2018-01-01 09:30 - 019337216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2018-01-07 10:53 - 2018-01-01 09:30 - 000815616 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
    2018-01-07 10:53 - 2018-01-01 09:30 - 000432640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
    2018-01-07 10:53 - 2018-01-01 09:30 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2018-01-07 10:53 - 2018-01-01 09:30 - 000304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
    2018-01-07 10:53 - 2018-01-01 09:29 - 002516480 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2018-01-07 10:53 - 2018-01-01 09:29 - 001628672 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
    2018-01-07 10:53 - 2018-01-01 09:29 - 000969728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
    2018-01-07 10:53 - 2018-01-01 09:29 - 000664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2018-01-07 10:53 - 2018-01-01 09:29 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2018-01-07 10:53 - 2018-01-01 09:29 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
    2018-01-07 10:53 - 2018-01-01 09:28 - 001452544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
    2018-01-07 10:53 - 2018-01-01 09:28 - 000754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2018-01-07 10:53 - 2018-01-01 09:28 - 000522752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
    2018-01-07 10:53 - 2018-01-01 09:28 - 000260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2018-01-07 10:53 - 2018-01-01 09:27 - 000946176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
    2018-01-07 10:53 - 2018-01-01 09:27 - 000879104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2018-01-07 10:53 - 2018-01-01 09:27 - 000267264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
    2018-01-07 10:53 - 2018-01-01 09:26 - 005964288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
    2018-01-07 10:53 - 2018-01-01 09:26 - 000750592 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
    2018-01-07 10:53 - 2018-01-01 09:26 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
    2018-01-07 10:53 - 2018-01-01 09:26 - 000385536 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
    2018-01-07 10:53 - 2018-01-01 09:26 - 000183296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
    2018-01-07 10:53 - 2018-01-01 09:26 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\rdvvmtransport.dll
    2018-01-07 10:53 - 2018-01-01 09:26 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys
    2018-01-07 10:53 - 2018-01-01 09:24 - 003651072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2018-01-07 10:53 - 2018-01-01 09:24 - 002859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2018-01-07 10:53 - 2018-01-01 09:24 - 000658944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2018-01-07 10:53 - 2018-01-01 09:23 - 001627136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2018-01-07 10:53 - 2018-01-01 09:23 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
    2018-01-07 10:53 - 2018-01-01 09:22 - 000367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
    2018-01-07 10:53 - 2018-01-01 09:21 - 000337920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
    2018-01-07 10:53 - 2018-01-01 09:21 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvvmtransport.dll
    2018-01-07 10:53 - 2018-01-01 09:20 - 000708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
    2018-01-07 10:53 - 2018-01-01 09:20 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
    2018-01-07 10:53 - 2018-01-01 09:19 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscproxystub.dll
    2018-01-07 10:53 - 2018-01-01 09:18 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
    2018-01-07 10:53 - 2018-01-01 09:18 - 000048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdPnp.dll
    2018-01-07 10:53 - 2018-01-01 09:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmiprop.dll
    2018-01-07 10:53 - 2018-01-01 09:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWNet.dll
    2018-01-07 10:52 - 2018-01-01 10:27 - 001021336 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
    2018-01-07 10:52 - 2018-01-01 10:27 - 000751576 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
    2018-01-07 10:52 - 2018-01-01 10:27 - 000544152 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
    2018-01-07 10:52 - 2018-01-01 10:27 - 000382864 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2018-01-07 10:52 - 2018-01-01 10:27 - 000264536 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
    2018-01-07 10:52 - 2018-01-01 10:27 - 000074648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
    2018-01-07 10:52 - 2018-01-01 10:27 - 000066712 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
    2018-01-07 10:52 - 2018-01-01 10:27 - 000022800 _____ (Microsoft Corporation) C:\Windows\system32\iumbase.dll
    2018-01-07 10:52 - 2018-01-01 10:27 - 000022208 _____ (Microsoft Corporation) C:\Windows\system32\IumSdk.dll
    2018-01-07 10:52 - 2018-01-01 10:27 - 000020376 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
     
  15. ramesh help

    ramesh help Established Techie7 Member

    2018-01-07 10:52 - 2018-01-01 10:27 - 000015632 _____ (Microsoft Corporation) C:\Windows\system32\iumdll.dll
    2018-01-07 10:52 - 2018-01-01 10:25 - 001065608 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2018-01-07 10:52 - 2018-01-01 10:25 - 000900880 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
    2018-01-07 10:52 - 2018-01-01 10:24 - 008345496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2018-01-07 10:52 - 2018-01-01 10:24 - 002327448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2018-01-07 10:52 - 2018-01-01 10:24 - 001188544 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2018-01-07 10:52 - 2018-01-01 10:24 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
    2018-01-07 10:52 - 2018-01-01 10:24 - 000105880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2018-01-07 10:52 - 2018-01-01 10:24 - 000033688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
    2018-01-07 10:52 - 2018-01-01 10:23 - 000456088 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
    2018-01-07 10:52 - 2018-01-01 10:23 - 000386456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
    2018-01-07 10:52 - 2018-01-01 10:22 - 000503704 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
    2018-01-07 10:52 - 2018-01-01 10:21 - 000328616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
    2018-01-07 10:52 - 2018-01-01 10:21 - 000063896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys
    2018-01-07 10:52 - 2018-01-01 10:20 - 007319912 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
    2018-01-07 10:52 - 2018-01-01 10:20 - 002647216 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2018-01-07 10:52 - 2018-01-01 10:20 - 000524760 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
    2018-01-07 10:52 - 2018-01-01 10:20 - 000459160 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
    2018-01-07 10:52 - 2018-01-01 10:19 - 002466392 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2018-01-07 10:52 - 2018-01-01 10:19 - 000870896 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
    2018-01-07 10:52 - 2018-01-01 10:19 - 000714648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000643704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000546712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000282520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000247472 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
    2018-01-07 10:52 - 2018-01-01 10:19 - 000184728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000123800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000118680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvsocket.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000082328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000054168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000031640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000018672 _____ (Microsoft Corporation) C:\Windows\system32\wshhyperv.dll
    2018-01-07 10:52 - 2018-01-01 10:18 - 021354736 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2018-01-07 10:52 - 2018-01-01 10:18 - 001146776 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
    2018-01-07 10:52 - 2018-01-01 10:18 - 000966040 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
    2018-01-07 10:52 - 2018-01-01 10:18 - 000822680 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
    2018-01-07 10:52 - 2018-01-01 10:18 - 000316240 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2018-01-07 10:52 - 2018-01-01 10:18 - 000175800 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
    2018-01-07 10:52 - 2018-01-01 10:18 - 000059800 _____ (Microsoft Corporation) C:\Windows\system32\hvhostsvc.dll
    2018-01-07 10:52 - 2018-01-01 10:17 - 000154520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2018-01-07 10:52 - 2018-01-01 10:16 - 001107352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2018-01-07 10:52 - 2018-01-01 10:15 - 001396680 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2018-01-07 10:52 - 2018-01-01 10:15 - 000644696 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2018-01-07 10:52 - 2018-01-01 10:14 - 000159640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
    2018-01-07 10:52 - 2018-01-01 10:10 - 000100800 _____ (Microsoft Corporation) C:\Windows\system32\wwapi.dll
    2018-01-07 10:52 - 2018-01-01 10:09 - 000434072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
    2018-01-07 10:52 - 2018-01-01 10:09 - 000142744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
    2018-01-07 10:52 - 2018-01-01 10:09 - 000114584 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
    2018-01-07 10:52 - 2018-01-01 10:08 - 001325960 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2018-01-07 10:52 - 2018-01-01 09:52 - 023680512 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
    2018-01-07 10:52 - 2018-01-01 09:44 - 000411184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_win.dll
    2018-01-07 10:52 - 2018-01-01 09:43 - 003670016 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
    2018-01-07 10:52 - 2018-01-01 09:42 - 000122880 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2018-01-07 10:52 - 2018-01-01 09:42 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys
    2018-01-07 10:52 - 2018-01-01 09:42 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys
    2018-01-07 10:52 - 2018-01-01 09:42 - 000047104 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2018-01-07 10:52 - 2018-01-01 09:41 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
    2018-01-07 10:52 - 2018-01-01 09:41 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\sysntfy.dll
    2018-01-07 10:52 - 2018-01-01 09:41 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll
    2018-01-07 10:52 - 2018-01-01 09:41 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\VmApplicationHealthMonitorProxy.dll
    2018-01-07 10:52 - 2018-01-01 09:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hyperkbd.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgencounter.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys
    2018-01-07 10:52 - 2018-01-01 09:40 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\container.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000133632 _____ (Microsoft Corporation) C:\Windows\system32\wificonnapi.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\container_xml.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2018-01-07 10:52 - 2018-01-01 09:40 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\efslsaext.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcnfs.sys
    2018-01-07 10:52 - 2018-01-01 09:40 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys
    2018-01-07 10:52 - 2018-01-01 09:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\tetheringclient.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\efssvc.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\virtdisk.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2018-01-07 10:52 - 2018-01-01 09:40 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\gpuenergydrv.sys
    2018-01-07 10:52 - 2018-01-01 09:39 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\ACPBackgroundManagerPolicy.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2018-01-07 10:52 - 2018-01-01 09:39 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
    2018-01-07 10:52 - 2018-01-01 09:39 - 000144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2018-01-07 10:52 - 2018-01-01 09:39 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\rasauto.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\SCardDlg.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\ssdpapi.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2018-01-07 10:52 - 2018-01-01 09:38 - 000457728 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000304640 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
    2018-01-07 10:52 - 2018-01-01 09:38 - 000283648 _____ (Microsoft Corporation) C:\Windows\system32\icsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\WPTaskScheduler.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000165888 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2018-01-07 10:52 - 2018-01-01 09:38 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
    2018-01-07 10:52 - 2018-01-01 09:38 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\keyiso.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\dot3dlg.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 023683072 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\PhoneProviders.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000723968 _____ (Microsoft Corporation) C:\Windows\system32\NaturalAuth.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000582656 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000434176 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000424960 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000342528 _____ (Microsoft Corporation) C:\Windows\system32\APHostService.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000336384 _____ (Microsoft Corporation) C:\Windows\system32\AppLockerCSP.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000305152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
    2018-01-07 10:52 - 2018-01-01 09:37 - 000250368 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000250368 _____ (Microsoft Corporation) C:\Windows\system32\BrokerLib.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000232960 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000189952 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000626176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000457728 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000388096 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000310784 _____ (Microsoft Corporation) C:\Windows\system32\wifiprofilessettinghandler.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000307712 _____ (Microsoft Corporation) C:\Windows\system32\icsvcext.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000996864 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000847360 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000741376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
    2018-01-07 10:52 - 2018-01-01 09:35 - 000692736 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000538624 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000422912 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000365568 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000292352 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000973312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000805888 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000752640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000399872 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000239616 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2018-01-07 10:52 - 2018-01-01 09:34 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2018-01-07 10:52 - 2018-01-01 09:34 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2018-01-07 10:52 - 2018-01-01 09:34 - 000013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2018-01-07 10:52 - 2018-01-01 09:33 - 003306496 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000877568 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000583168 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000365568 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2018-01-07 10:52 - 2018-01-01 09:33 - 000120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2018-01-07 10:52 - 2018-01-01 09:32 - 002078720 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2018-01-07 10:52 - 2018-01-01 09:32 - 001028608 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
    2018-01-07 10:52 - 2018-01-01 09:32 - 000970752 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2018-01-07 10:52 - 2018-01-01 09:32 - 000922112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2018-01-07 10:52 - 2018-01-01 09:32 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2018-01-07 10:52 - 2018-01-01 09:32 - 000123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2018-01-07 10:52 - 2018-01-01 09:32 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2018-01-07 10:52 - 2018-01-01 09:32 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2018-01-07 10:52 - 2018-01-01 09:31 - 008188928 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
    2018-01-07 10:52 - 2018-01-01 09:31 - 007339520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
    2018-01-07 10:52 - 2018-01-01 09:31 - 001736704 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:31 - 001398272 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
    2018-01-07 10:52 - 2018-01-01 09:31 - 001355264 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
    2018-01-07 10:52 - 2018-01-01 09:31 - 000266240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 012803584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 004719104 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 003206656 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 000706560 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2018-01-07 10:52 - 2018-01-01 09:30 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 000397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 000397312 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 002426368 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 001583616 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000877568 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000755200 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000272384 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2018-01-07 10:52 - 2018-01-01 09:28 - 001802752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2018-01-07 10:52 - 2018-01-01 09:28 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2018-01-07 10:52 - 2018-01-01 09:27 - 006249472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
    2018-01-07 10:52 - 2018-01-01 09:26 - 011888640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2018-01-07 10:52 - 2018-01-01 09:26 - 000722944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2018-01-07 10:52 - 2018-01-01 09:26 - 000502272 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
    2018-01-07 10:52 - 2018-01-01 09:25 - 002010112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2018-01-07 10:52 - 2018-01-01 09:25 - 000824832 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
    2018-01-07 10:52 - 2018-01-01 09:25 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll
    2018-01-07 10:52 - 2018-01-01 09:25 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys
    2018-01-07 10:52 - 2018-01-01 09:24 - 001463296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2018-01-07 10:52 - 2018-01-01 09:24 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\wscproxystub.dll
    2018-01-07 10:52 - 2018-01-01 09:23 - 000239616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
    2018-01-07 10:52 - 2018-01-01 09:23 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
    2018-01-07 10:52 - 2018-01-01 09:23 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
    2018-01-07 10:52 - 2018-01-01 09:23 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\fdPnp.dll
    2018-01-07 10:52 - 2018-01-01 09:23 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
    2018-01-07 10:52 - 2018-01-01 09:23 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
    2018-01-07 10:52 - 2018-01-01 09:23 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
    2018-01-07 10:52 - 2018-01-01 09:23 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\fdWNet.dll
    2018-01-07 10:52 - 2018-01-01 09:23 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\wmiprop.dll
    2018-01-07 10:52 - 2018-01-01 09:23 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys
    2018-01-07 10:52 - 2018-01-01 09:18 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
    2018-01-05 10:52 - 2018-01-10 11:59 - 000000000 ____D C:\Users\Home\Desktop\chap 2
    2018-01-04 21:18 - 2018-01-04 21:18 - 000142783 _____ C:\Users\Home\Desktop\4D, 5D, 6D Forecast table.pdf
    2018-01-03 15:42 - 2018-01-03 15:42 - 000000000 ____D C:\Users\Home\AppData\Local\VirtualStore
    2018-01-03 14:56 - 2018-01-07 10:06 - 000000000 ____D C:\Users\Home\AppData\Roaming\Syncios Data Transfer
    2018-01-03 14:56 - 2018-01-03 14:56 - 000000000 ____D C:\Users\Home\Documents\Syncios Data Transfer
    2018-01-03 14:56 - 2018-01-03 14:56 - 000000000 ____D C:\Users\Home\.android
    2018-01-03 14:53 - 2018-01-14 20:30 - 000001332 _____ C:\Users\Home\Desktop\Syncios Data Transfer.lnk
    2018-01-03 14:53 - 2018-01-03 14:53 - 000000000 ____D C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Syncios
    2018-01-03 14:53 - 2018-01-03 14:53 - 000000000 ____D C:\Program Files (x86)\AnvSoft
    2018-01-03 14:46 - 2018-01-03 14:46 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
    2018-01-03 14:46 - 2018-01-03 14:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2018-01-03 14:46 - 2018-01-03 14:46 - 000000000 ____D C:\Program Files\iTunes
    2018-01-03 14:46 - 2018-01-03 14:46 - 000000000 ____D C:\Program Files\iPod
    2018-01-03 14:45 - 2018-01-03 14:45 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
    2018-01-03 14:45 - 2018-01-03 14:45 - 000000000 ____D C:\Windows\System32\Tasks\Apple
    2018-01-03 14:45 - 2018-01-03 14:45 - 000000000 ____D C:\Users\Home\AppData\Local\Apple
    2018-01-03 14:45 - 2018-01-03 14:45 - 000000000 ____D C:\Program Files\Common Files\Apple
    2018-01-03 14:45 - 2018-01-03 14:45 - 000000000 ____D C:\Program Files\Bonjour
    2018-01-03 14:45 - 2018-01-03 14:45 - 000000000 ____D C:\Program Files (x86)\Bonjour
    2018-01-03 14:45 - 2018-01-03 14:45 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
    2018-01-03 10:00 - 2018-01-07 09:32 - 000000000 ____D C:\Users\Home\Desktop\exam
    2018-01-03 09:34 - 2018-01-14 14:20 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
    2018-01-03 09:31 - 2018-01-03 09:31 - 000076484 _____ C:\Users\Home\Desktop\0061066798_MGT5000_Coversheet
    2018-01-03 09:26 - 2018-01-03 09:26 - 000009774 _____ C:\Users\Home\Desktop\USQ Transcirpts score.pdf
    2018-01-02 10:49 - 2018-01-02 10:49 - 000185428 _____ C:\Users\Home\Desktop\AIS Form v21.pdf
    2018-01-02 10:49 - 2018-01-02 10:49 - 000000000 ____D C:\Users\Home\AppData\Local\CEF
    2017-12-31 16:45 - 2017-12-31 16:45 - 000000279 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin (2).lnk
    2017-12-30 17:03 - 2017-12-30 17:03 - 000000000 ____D C:\ProgramData\VS Revo Group
    2017-12-29 14:57 - 2017-12-29 14:57 - 000000000 ____D C:\Program Files\Reference Assemblies
    2017-12-29 14:57 - 2017-12-29 14:57 - 000000000 ____D C:\Program Files\MSBuild
    2017-12-29 14:57 - 2017-12-29 14:57 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
    2017-12-29 14:57 - 2017-12-29 14:57 - 000000000 ____D C:\Program Files (x86)\MSBuild
    2017-12-29 14:55 - 2017-02-10 11:26 - 001166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
    2017-12-29 14:55 - 2017-02-10 11:26 - 000124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2017-12-29 14:55 - 2017-02-10 11:26 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
    2017-12-29 14:55 - 2017-02-10 11:21 - 000778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
    2017-12-29 14:55 - 2017-02-10 11:21 - 000103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2017-12-29 14:55 - 2017-02-10 11:21 - 000035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
    2017-12-27 21:59 - 2017-12-27 21:59 - 000000000 __SHD C:\ProgramData\ms-drivers
    2017-12-27 21:59 - 2017-12-27 21:59 - 000000000 __SHD C:\ProgramData\icsxml
    2017-12-27 21:55 - 2017-12-27 22:01 - 000000000 ____D C:\Users\Home\AppData\Local\MetaGeek,_LLC
    2017-12-27 21:55 - 2017-12-27 21:55 - 000000000 __SHD C:\Users\Home\AppData\Local\icsxml
    2017-12-27 21:54 - 2017-12-27 21:54 - 000000000 __SHD C:\Users\Home\AppData\Local\ms-drivers
    2017-12-27 21:54 - 2017-12-27 21:54 - 000000000 __SHD C:\ProgramData\DIBsection
    2017-12-27 21:54 - 2017-12-27 21:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
    2017-12-27 21:54 - 2017-12-27 21:54 - 000000000 ____D C:\Program Files (x86)\MetaGeek
    2017-12-27 09:07 - 2017-12-27 09:07 - 000000000 ___SD C:\Windows\UpdateAssistantV2
    2017-12-26 21:16 - 2017-12-26 21:16 - 000000371 _____ C:\Users\Home\Desktop\job report.txt
    2017-12-26 12:09 - 2018-01-07 09:37 - 000000000 ____D C:\Users\Home\Desktop\job files important documents
    2017-12-26 10:31 - 2017-12-26 10:31 - 000000279 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
    2017-12-26 10:20 - 2017-12-26 10:20 - 000000000 ____D C:\Users\Home\Tracing
    2017-12-25 08:44 - 2017-11-30 10:58 - 006763128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2017-12-25 08:44 - 2017-11-30 10:57 - 001123968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
    2017-12-25 08:44 - 2017-11-30 10:43 - 000095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
    2017-12-25 08:44 - 2017-11-30 10:43 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2017-12-25 08:44 - 2017-11-30 10:42 - 000148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
    2017-12-25 08:44 - 2017-11-30 10:42 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscript.ocx
    2017-12-25 08:44 - 2017-11-30 10:41 - 000146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
    2017-12-25 08:44 - 2017-11-30 10:40 - 000528384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
    2017-12-25 08:44 - 2017-11-30 10:40 - 000206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
    2017-12-25 08:44 - 2017-11-30 10:40 - 000143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
    2017-12-25 08:44 - 2017-11-30 10:38 - 001248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
    2017-12-25 08:44 - 2017-11-30 10:38 - 000636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
    2017-12-25 08:44 - 2017-11-30 10:36 - 001019904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
    2017-12-25 08:44 - 2017-11-30 10:34 - 004559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
    2017-12-25 08:44 - 2017-11-17 17:31 - 000223640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
    2017-12-25 08:44 - 2017-11-02 13:04 - 001292360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2017-12-25 08:44 - 2017-11-02 12:49 - 001838848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2017-12-25 08:44 - 2017-11-02 12:45 - 000613136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2017-12-25 08:44 - 2017-11-02 12:45 - 000362144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
    2017-12-25 08:44 - 2017-11-02 12:45 - 000354360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
    2017-12-25 08:44 - 2017-11-02 12:45 - 000283544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
    2017-12-25 08:44 - 2017-11-02 12:45 - 000172952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
    2017-12-25 08:44 - 2017-11-02 12:45 - 000133896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
    2017-12-25 08:44 - 2017-11-02 12:44 - 005808640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
    2017-12-25 08:44 - 2017-11-02 12:44 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
    2017-12-25 08:44 - 2017-11-02 12:30 - 000407040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
    2017-12-25 08:44 - 2017-11-02 12:30 - 000155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
    2017-12-25 08:44 - 2017-11-02 12:27 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2017-12-25 08:44 - 2017-11-02 12:27 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertPKICmdlet.dll
    2017-12-25 08:44 - 2017-11-02 12:26 - 002671616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
    2017-12-25 08:44 - 2017-11-02 12:26 - 000371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
    2017-12-25 08:44 - 2017-11-02 12:26 - 000068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll
    2017-12-25 08:44 - 2017-11-02 12:25 - 012227072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
    2017-12-25 08:44 - 2017-11-02 12:24 - 007598080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2017-12-25 08:44 - 2017-11-02 12:24 - 000463872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
    2017-12-25 08:44 - 2017-11-02 12:24 - 000444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Launcher.dll
    2017-12-25 08:44 - 2017-11-02 12:23 - 000680960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
    2017-12-25 08:44 - 2017-11-02 12:23 - 000590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
    2017-12-25 08:44 - 2017-11-02 12:23 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
    2017-12-25 08:44 - 2017-11-02 12:22 - 001884160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
    2017-12-25 08:44 - 2017-11-02 12:22 - 001494528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
    2017-12-25 08:44 - 2017-11-02 12:21 - 004417024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
    2017-12-25 08:44 - 2017-11-02 12:21 - 000787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2017-12-25 08:44 - 2017-10-25 15:40 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
    2017-12-25 08:44 - 2017-10-15 23:09 - 002259760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
    2017-12-25 08:44 - 2017-10-15 23:01 - 000583160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
    2017-12-25 08:44 - 2017-10-15 22:51 - 000584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
    2017-12-25 08:44 - 2017-10-15 22:49 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
    2017-12-25 08:44 - 2017-10-15 22:45 - 001292288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
    2017-12-25 08:44 - 2017-10-15 22:44 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
    2017-12-25 08:44 - 2017-10-15 22:42 - 005225984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
    2017-12-25 08:44 - 2017-10-15 22:42 - 003667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
    2017-12-25 08:44 - 2017-10-15 22:38 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
    2017-12-25 08:41 - 2017-11-30 11:23 - 007910960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
    2017-12-25 08:41 - 2017-11-30 10:45 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
    2017-12-25 08:41 - 2017-11-30 10:44 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
    2017-12-25 08:41 - 2017-11-30 10:42 - 001878016 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
    2017-12-25 08:41 - 2017-11-30 10:37 - 001293824 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
    2017-12-25 08:41 - 2017-11-30 10:36 - 005557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
    2017-12-25 08:41 - 2017-11-17 16:59 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2017-12-25 08:41 - 2017-11-02 13:20 - 000469568 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2017-12-25 08:41 - 2017-11-02 13:13 - 001345600 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2017-12-25 08:41 - 2017-11-02 13:13 - 000095640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
    2017-12-25 08:41 - 2017-11-02 13:12 - 000026472 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2017-12-25 08:41 - 2017-11-02 12:37 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
    2017-12-25 08:41 - 2017-11-02 12:35 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
    2017-12-25 08:41 - 2017-11-02 12:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
    2017-12-25 08:41 - 2017-11-02 12:35 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2017-12-25 08:41 - 2017-11-02 12:34 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\SharedPCCSP.dll
    2017-12-25 08:41 - 2017-11-02 12:34 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
    2017-12-25 08:41 - 2017-11-02 12:34 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2017-12-25 08:41 - 2017-11-02 12:34 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wuautoappupdate.dll
    2017-12-25 08:41 - 2017-11-02 12:33 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\CertPKICmdlet.dll
    2017-12-25 08:41 - 2017-11-02 12:32 - 008213504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2017-12-25 08:41 - 2017-11-02 12:32 - 000255488 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
    2017-12-25 08:41 - 2017-11-02 12:32 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Storage.dll
    2017-12-25 08:41 - 2017-11-02 12:30 - 000601088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Launcher.dll
    2017-12-25 08:41 - 2017-11-02 12:30 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
    2017-12-25 08:41 - 2017-11-02 12:29 - 000415232 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
    2017-12-25 08:41 - 2017-11-02 12:27 - 000565248 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll
    2017-12-25 08:41 - 2017-11-02 12:27 - 000537600 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
    2017-12-25 08:41 - 2017-11-02 12:26 - 001937408 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2017-12-25 08:41 - 2017-11-02 12:26 - 000986624 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2017-12-25 08:41 - 2017-11-02 12:25 - 003377664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
    2017-12-25 08:41 - 2017-11-02 12:25 - 002052608 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
    2017-12-25 08:41 - 2017-11-02 12:23 - 002449408 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2017-12-25 08:41 - 2017-11-02 12:23 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
    2017-12-25 08:41 - 2017-10-15 22:15 - 000584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
    2017-12-25 08:41 - 2017-10-15 22:08 - 001260544 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
    2017-12-25 08:41 - 2017-10-15 22:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
    2017-12-25 08:40 - 2017-11-30 11:33 - 000038808 _____ (Microsoft Corporation) C:\Windows\system32\OOBEUpdater.exe
    2017-12-25 08:40 - 2017-11-30 11:23 - 001194248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
    2017-12-25 08:40 - 2017-11-30 10:45 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2017-12-25 08:40 - 2017-11-30 10:44 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
    2017-12-25 08:40 - 2017-11-30 10:43 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
    2017-12-25 08:40 - 2017-11-30 10:42 - 000560640 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
    2017-12-25 08:40 - 2017-11-30 10:42 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
    2017-12-25 08:40 - 2017-11-30 10:41 - 000527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
    2017-12-25 08:40 - 2017-11-30 10:41 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
    2017-12-25 08:40 - 2017-11-30 10:41 - 000222208 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
    2017-12-25 08:40 - 2017-11-30 10:39 - 000925696 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
    2017-12-25 08:40 - 2017-11-17 17:46 - 000678808 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2017-12-25 08:40 - 2017-11-17 17:46 - 000484248 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
    2017-12-25 08:40 - 2017-11-17 17:46 - 000136088 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2017-12-25 08:40 - 2017-11-17 17:46 - 000034712 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
    2017-12-25 08:40 - 2017-11-17 17:39 - 005477088 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
    2017-12-25 08:40 - 2017-11-17 16:56 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
    2017-12-25 08:40 - 2017-11-02 13:16 - 002398696 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2017-12-25 08:40 - 2017-11-02 13:13 - 002443672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2017-12-25 08:40 - 2017-11-02 13:12 - 000727336 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2017-12-25 08:40 - 2017-11-02 13:12 - 000412752 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
    2017-12-25 08:40 - 2017-11-02 13:12 - 000319384 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
    2017-12-25 08:40 - 2017-11-02 13:12 - 000144248 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
    2017-12-25 08:40 - 2017-11-02 13:12 - 000038808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
    2017-12-25 08:40 - 2017-11-02 13:10 - 006557520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
    2017-12-25 08:40 - 2017-11-02 13:05 - 000187800 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
    2017-12-25 08:40 - 2017-11-02 12:37 - 001278976 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
    2017-12-25 08:40 - 2017-11-02 12:37 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
    2017-12-25 08:40 - 2017-11-02 12:37 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
    2017-12-25 08:40 - 2017-11-02 12:36 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
    2017-12-25 08:40 - 2017-11-02 12:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpstorport.sys
    2017-12-25 08:40 - 2017-11-02 12:34 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\DataUsageLiveTileTask.exe
    2017-12-25 08:40 - 2017-11-02 12:33 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\DataUsageHandlers.dll
    2017-12-25 08:40 - 2017-11-02 12:33 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\OnDemandConnRouteHelper.dll
    2017-12-25 08:40 - 2017-11-02 12:31 - 000411648 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2017-12-25 08:40 - 2017-11-02 12:31 - 000153088 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
    2017-12-25 08:40 - 2017-11-02 12:30 - 013381120 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
    2017-12-25 08:40 - 2017-11-02 12:30 - 000719872 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
    2017-12-25 08:40 - 2017-11-02 12:30 - 000635392 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
    2017-12-25 08:40 - 2017-11-02 12:30 - 000165888 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
    2017-12-25 08:40 - 2017-11-02 12:28 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
    2017-12-25 08:40 - 2017-11-02 12:27 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
    2017-12-25 08:40 - 2017-11-02 12:26 - 004445696 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
    2017-12-25 08:40 - 2017-11-02 12:26 - 003060224 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
    2017-12-25 08:40 - 2017-11-02 12:25 - 001713664 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
    2017-12-25 08:40 - 2017-11-02 12:24 - 004707840 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
    2017-12-25 08:40 - 2017-11-02 12:19 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
    2017-12-25 08:40 - 2017-10-15 22:57 - 000712600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
    2017-12-25 08:40 - 2017-10-15 22:57 - 000409496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
    2017-12-25 08:40 - 2017-10-15 22:53 - 002969880 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
    2017-12-25 08:40 - 2017-10-15 22:53 - 000387928 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
    2017-12-25 08:40 - 2017-10-15 22:49 - 000094616 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2017-12-25 08:40 - 2017-10-15 22:14 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\SEMgrPS.dll
    2017-12-25 08:40 - 2017-10-15 22:13 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
    2017-12-25 08:40 - 2017-10-15 22:10 - 001303040 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
    2017-12-25 08:40 - 2017-10-15 22:05 - 004396032 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
    2017-12-25 08:40 - 2017-10-15 22:02 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\LocationFrameworkInternalPS.dll
    2017-12-25 08:39 - 2017-11-30 10:39 - 002809344 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 002032536 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2017-12-25 08:39 - 2017-11-17 17:46 - 001578904 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 000613784 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 000612248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 000379288 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 000259992 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 000190360 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 000067992 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
    2017-12-25 08:39 - 2017-11-02 13:14 - 000667040 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
    2017-12-25 08:39 - 2017-11-02 13:13 - 000212888 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
    2017-12-25 08:39 - 2017-11-02 13:12 - 000654976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
    2017-12-25 08:39 - 2017-11-02 13:12 - 000430848 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
    2017-12-25 08:39 - 2017-11-02 12:33 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
    2017-12-25 08:39 - 2017-11-02 12:28 - 001468416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
    2017-12-25 08:39 - 2017-11-02 12:28 - 000939008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
    2017-12-25 08:39 - 2017-11-02 12:25 - 001886208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
    2017-12-25 08:39 - 2017-10-15 22:59 - 000923040 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
    2017-12-25 08:39 - 2017-10-15 22:56 - 000872464 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
    2017-12-25 08:39 - 2017-10-15 22:08 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
    2017-12-25 00:59 - 2017-12-25 00:59 - 000000043 _____ C:\Users\Home\AppData\Roaming\WB.CFG
    2017-12-24 18:03 - 2017-12-24 18:03 - 000012214 _____ C:\Users\Home\Desktop\ideas.txt
    2017-12-24 14:21 - 2018-01-14 20:30 - 000001313 _____ C:\Users\Home\Desktop\resmon.lnk
    2017-12-24 13:55 - 2017-12-24 13:55 - 000001400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
    2017-12-24 13:54 - 2017-12-24 13:55 - 000000000 ____D C:\ProgramData\PlugCache
    2017-12-24 13:54 - 2017-12-24 13:54 - 000000000 ____D C:\Users\Home\AppData\Local\DBG
    2017-12-24 13:44 - 2017-12-24 13:44 - 000000000 ____D C:\Users\Home\AppData\Local\ElevatedDiagnostics
    2017-12-24 09:22 - 2018-01-14 12:47 - 000328320 _____ C:\Windows\system32\FNTCACHE.DAT
    2017-12-24 09:01 - 2017-12-24 09:01 - 000000000 _____ C:\Windows\SysWOW64\last.dump
    2017-12-24 08:54 - 2017-12-24 08:54 - 000000000 ____D C:\Program Files\Common Files\Avast Software
    2017-12-24 08:53 - 2017-12-24 08:53 - 000061304 _____ () C:\Windows\system32\Drivers\lpsport.sys
    2017-12-24 08:21 - 2017-12-24 08:21 - 000000000 ____D C:\Users\Home\AppData\Local\NVIDIA Corporation
    2017-12-24 00:47 - 2017-12-24 00:47 - 000000000 ____D C:\Program Files\AVAST Software
    2017-12-24 00:46 - 2017-12-24 08:52 - 000000000 ____D C:\ProgramData\AVAST Software
    2017-12-24 00:35 - 2017-12-24 00:35 - 000000000 ____D C:\Users\Home\AppData\Local\Intel
    2017-12-24 00:34 - 2017-12-24 00:34 - 000000000 ____D C:\ProgramData\Intel
    2017-12-24 00:31 - 2017-12-24 00:31 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
    2017-12-24 00:31 - 2017-12-24 00:31 - 000000000 ____D C:\Program Files\Waves
    2017-12-24 00:25 - 2017-12-24 00:25 - 000002446 _____ C:\Users\Home\Desktop\driver udpaet.txt
    2017-12-23 23:41 - 2017-12-23 23:41 - 000000000 ____D C:\Users\Home\Documents\System Report
    2017-12-23 23:38 - 2017-12-23 23:44 - 000000000 ____D C:\Users\Home\AppData\Roaming\FreshDiagnose
    2017-12-23 22:08 - 2017-12-23 22:08 - 000000000 ____D C:\Users\Home\Desktop\New Folder (2)
    2017-12-22 16:23 - 2017-06-28 04:55 - 000191648 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaLPSS2_I2C.sys
    2017-12-22 16:23 - 2017-06-28 04:55 - 000098976 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaLPSS2_GPIO2.sys
    2017-12-22 16:23 - 2017-05-08 19:39 - 001730296 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
    2017-12-22 16:23 - 2017-05-08 19:39 - 000038480 _____ (Intel Corporation) C:\Windows\system32\Drivers\ICCWDT.sys
    2017-12-22 16:21 - 2017-10-17 00:08 - 000906240 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
    2017-12-22 16:13 - 2017-12-16 08:23 - 040237456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 036350960 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 035157488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 029381936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 023267096 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 019040512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 013867656 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 013255032 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 011781912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 010883744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 004202992 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 003817584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 003615032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001990128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438871.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001674736 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438871.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001321448 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001135464 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001101104 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001038496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001032688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000980880 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000933360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000885680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000794392 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000634224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000616240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000506864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
    2017-12-22 16:12 - 2017-12-16 08:23 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
    2017-12-22 16:12 - 2017-12-16 08:23 - 000000669 _____ C:\Windows\system32\nv-vk64.json
    2017-12-22 16:05 - 2017-12-14 03:52 - 003677120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
    2017-12-22 16:05 - 2017-12-13 23:08 - 015292305 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
    2017-12-22 16:04 - 2017-12-14 03:55 - 000343672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
    2017-12-22 16:04 - 2017-12-14 03:54 - 003509168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
    2017-12-22 16:04 - 2017-12-14 03:54 - 001353288 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
    2017-12-22 16:04 - 2017-12-14 03:54 - 000691640 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
    2017-12-22 16:04 - 2017-12-14 03:53 - 024910440 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioCapture64.dll
    2017-12-22 16:04 - 2017-12-14 03:53 - 024034024 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRenderAVX64.dll
    2017-12-22 16:04 - 2017-12-14 03:52 - 003786672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioMeters64.exe
    2017-12-22 16:04 - 2017-12-14 03:52 - 003205568 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
    2017-12-22 16:04 - 2017-12-14 03:52 - 002922944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
    2017-12-22 15:37 - 2017-10-30 04:06 - 013334260 _____ C:\Windows\system32\Drivers\Netwfw04.dat
    2017-12-22 15:24 - 2017-12-11 06:49 - 001132760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsMFT0.dll
    2017-12-22 15:24 - 2017-12-11 06:48 - 002650328 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCamU64.exe
    2017-12-22 15:24 - 2017-12-11 06:48 - 001980632 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsDecode.dll
    2017-12-22 15:24 - 2017-12-11 06:48 - 000666048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamP64.dll
    2017-12-22 15:24 - 2017-12-11 06:48 - 000577472 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtCamP.dll

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-01-15 12:01 - 2017-03-18 20:13 - 000000000 ____D C:\Users\Home\AppData\Local\Packages
    2018-01-15 11:58 - 2017-07-13 17:12 - 000000000 ____D C:\Users\Home\AppData\Local\ClassicShell
    2018-01-15 11:51 - 2017-03-18 20:02 - 000000000 ____D C:\Windows\system32\SleepStudy
    2018-01-14 20:30 - 2017-07-15 11:16 - 000001104 _____ C:\Users\Home\Desktop\QuickGamma.lnk
    2018-01-14 19:38 - 2017-07-16 12:34 - 000000000 ____D C:\Users\Home\AppData\Roaming\vlc
    2018-01-14 19:16 - 2017-03-18 20:12 - 000000000 ____D C:\Users\Home
    2018-01-14 14:38 - 2017-03-18 20:13 - 000000000 ____D C:\Users\Home\AppData\Roaming\Adobe
    2018-01-14 12:54 - 2017-03-19 05:01 - 000000000 ____D C:\Windows\INF
    2018-01-14 12:48 - 2017-07-14 03:37 - 000000000 __SHD C:\Users\Home\IntelGraphicsProfiles
    2018-01-14 12:47 - 2017-07-14 03:19 - 000000000 ____D C:\ProgramData\NVIDIA
    2018-01-14 12:47 - 2017-03-18 20:03 - 000000006 ____H C:\Windows\Tasks\SA.DAT
    2018-01-14 12:46 - 2017-03-18 19:40 - 000262144 _____ C:\Windows\system32\config\BBI
    2018-01-14 11:25 - 2017-03-19 05:03 - 000000000 ___HD C:\Program Files\WindowsApps
    2018-01-14 11:25 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\AppReadiness
    2018-01-10 15:50 - 2017-03-19 04:51 - 000000000 ____D C:\Windows\CbsTemp
    2018-01-10 14:13 - 2017-09-07 20:05 - 000000000 ____D C:\ProgramData\Oracle
    2018-01-10 14:10 - 2017-09-07 20:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2018-01-10 14:10 - 2017-09-07 20:05 - 000000000 ____D C:\Program Files (x86)\Java
    2018-01-10 14:06 - 2017-09-07 20:06 - 000097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2018-01-10 12:41 - 2017-07-13 17:33 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2018-01-10 12:41 - 2017-03-19 05:03 - 000000000 ____D C:\Program Files\IP Address Messenger
    2018-01-10 12:35 - 2017-03-18 20:11 - 001722872 _____ C:\Windows\system32\PerfStringBackup.INI
    2018-01-10 12:14 - 2017-03-19 05:03 - 000000000 ___HD C:\Windows\system32\GroupPolicy
    2018-01-09 21:08 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\rescache
    2018-01-09 19:19 - 2017-03-18 20:13 - 000000000 __RHD C:\Users\Public\AccountPictures
    2018-01-09 19:12 - 2017-03-19 05:03 - 000000000 ___SD C:\Windows\SysWOW64\F12
    2018-01-09 19:12 - 2017-03-19 05:03 - 000000000 ___SD C:\Windows\system32\F12
    2018-01-09 19:12 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\system32\en-GB
    2018-01-09 18:35 - 2017-07-14 22:54 - 000000000 ____D C:\ProgramData\Skype
    2018-01-09 18:30 - 2017-07-26 18:34 - 000000000 ____D C:\Users\Home\Documents\PlagiarismCheckerX
    2018-01-09 18:04 - 2017-07-14 03:25 - 000000000 ____D C:\Users\Home\AppData\Roaming\Skype
    2018-01-08 08:22 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\system32\NDF
    2018-01-05 09:32 - 2017-07-14 03:37 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
    2018-01-05 09:32 - 2017-07-14 03:20 - 000000000 ____D C:\Program Files (x86)\VulkanRT
    2018-01-04 15:25 - 2017-07-14 05:46 - 000000000 ____D C:\Users\Home\AppData\LocalLow\uTorrent
    2018-01-04 15:25 - 2017-07-14 05:45 - 000000000 ____D C:\Users\Home\AppData\Roaming\uTorrent
    2018-01-03 15:50 - 2017-07-14 06:09 - 000007582 _____ C:\Users\Home\AppData\Local\Resmon.ResmonCfg
    2018-01-03 15:31 - 2017-07-29 16:21 - 000000000 ____D C:\Users\Home\AppData\Roaming\TeamViewer
    2018-01-03 14:44 - 2017-08-02 21:52 - 000000000 ____D C:\ProgramData\Apple
    2018-01-03 09:37 - 2017-07-13 18:02 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
    2018-01-03 09:37 - 2017-07-13 18:02 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
    2017-12-31 16:39 - 2017-08-18 12:53 - 000000000 ____D C:\Users\Home\Desktop\movies
    2017-12-31 16:39 - 2017-07-21 13:23 - 000000000 ____D C:\Users\Home\Desktop\[backup] edit pics
    2017-12-31 16:32 - 2017-08-03 17:53 - 000000000 ____D C:\Users\Home\Desktop\resume
    2017-12-31 15:26 - 2017-07-14 03:34 - 000000000 ____D C:\Users\Home\Documents\Dell Downloads
    2017-12-29 15:00 - 2017-07-14 03:30 - 000000000 ____D C:\Users\Home\AppData\Local\Deployment
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\SysWOW64\en-GB
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\system32\oobe
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\system32\appraiser
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\ShellExperiences
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\Provisioning
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
    2017-12-25 08:24 - 2017-07-14 03:38 - 000000000 ____D C:\ProgramData\Package Cache
    2017-12-25 08:24 - 2017-07-14 03:37 - 000000000 ____D C:\Program Files\Intel
    2017-12-24 12:21 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\LiveKernelReports
    2017-12-24 09:43 - 2017-07-14 09:17 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
    2017-12-24 09:43 - 2017-07-14 09:17 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
    2017-12-24 09:43 - 2017-07-14 09:17 - 000002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
    2017-12-24 09:43 - 2017-07-14 09:17 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
    2017-12-24 09:20 - 2017-07-13 18:13 - 000000000 ____D C:\Windows\Minidump
    2017-12-24 09:19 - 2017-07-21 23:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
    2017-12-24 09:10 - 2017-07-29 16:21 - 000000000 ____D C:\Program Files (x86)\TeamViewer
    2017-12-24 08:21 - 2017-08-02 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
    2017-12-24 08:21 - 2017-08-02 21:36 - 000000000 ____D C:\Program Files (x86)\Wondershare
    2017-12-24 08:20 - 2017-07-22 16:50 - 000000000 ____D C:\Users\Home\AppData\Roaming\Opera Software
    2017-12-24 08:15 - 2017-03-18 20:13 - 000000000 ____D C:\Users\Home\AppData\Local\ConnectedDevicesPlatform
    2017-12-24 00:41 - 2017-07-14 03:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2017-12-24 00:41 - 2017-07-14 03:18 - 000000000 ____D C:\Program Files\NVIDIA Corporation
    2017-12-24 00:39 - 2017-07-14 03:18 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
    2017-12-24 00:32 - 2017-07-14 03:34 - 000000000 ____D C:\Windows\system32\RTCOM
    2017-12-24 00:32 - 2017-07-14 03:33 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
    2017-12-24 00:30 - 2017-07-14 03:33 - 000110423 _____ C:\Windows\system32\Drivers\rtkhdasetting.zip
    2017-12-24 00:01 - 2017-07-14 04:05 - 000000000 ____D C:\Windows\system32\MRT
    2017-12-23 23:58 - 2017-10-15 16:39 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
    2017-12-23 23:58 - 2017-07-14 04:04 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2017-12-23 23:56 - 2017-07-14 03:36 - 000000000 ____D C:\Intel
    2017-12-21 12:35 - 2017-10-22 17:41 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2017-12-21 12:35 - 2017-10-22 17:41 - 000177648 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2017-12-19 21:18 - 2017-12-10 19:13 - 000000000 ____D C:\Users\Home\Desktop\mba files
    2017-12-16 08:23 - 2017-07-14 03:17 - 000048442 _____ C:\Windows\system32\nvinfo.pb
    2017-12-16 08:23 - 2017-07-14 03:13 - 004485376 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
    2017-12-16 07:15 - 2017-07-14 03:19 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
    2017-12-16 06:34 - 2017-07-14 03:19 - 005964688 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
    2017-12-16 06:34 - 2017-07-14 03:19 - 002589168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
    2017-12-16 06:34 - 2017-07-14 03:19 - 001767408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
    2017-12-16 06:34 - 2017-07-14 03:19 - 000608056 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
    2017-12-16 06:34 - 2017-07-14 03:19 - 000450544 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
    2017-12-16 06:34 - 2017-07-14 03:19 - 000123704 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
    2017-12-16 06:34 - 2017-07-14 03:19 - 000082928 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll

    ==================== Files in the root of some directories =======

    2017-12-25 00:59 - 2017-12-25 00:59 - 000000043 _____ () C:\Users\Home\AppData\Roaming\WB.CFG
    2017-07-14 19:46 - 2017-07-14 19:46 - 331479536 _____ () C:\Users\Home\AppData\Local\ACCCx4_1_1_202.zip.aamdownload
    2017-07-14 19:46 - 2017-07-14 19:46 - 000003693 _____ () C:\Users\Home\AppData\Local\ACCCx4_1_1_202.zip.aamdownload.aamd
    2018-01-10 12:16 - 2018-01-10 12:16 - 000140800 _____ () C:\Users\Home\AppData\Local\installer.dat
    2017-07-14 06:09 - 2018-01-03 15:50 - 000007582 _____ () C:\Users\Home\AppData\Local\Resmon.ResmonCfg
    2017-07-25 12:45 - 2017-07-25 12:45 - 000000358 _____ () C:\Users\Home\AppData\Local\winconf.pxt

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2018-01-14 20:41

    ==================== End of FRST.txt ============================
     
  16. ramesh help

    ramesh help Established Techie7 Member

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.01.2018
    Ran by Home (15-01-2018 12:18:51)
    Running from C:\Users\Home\Downloads
    Windows 10 Home Version 1703 15063.850 (X64) (2017-03-18 12:08:04)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3128490503-3481064576-2182703944-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-3128490503-3481064576-2182703944-503 - Limited - Disabled)
    Guest (S-1-5-21-3128490503-3481064576-2182703944-501 - Limited - Disabled)
    Home (S-1-5-21-3128490503-3481064576-2182703944-1001 - Administrator - Enabled) => C:\Users\Home

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    µTorrent (HKU\S-1-5-21-3128490503-3481064576-2182703944-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
    µTorrent (HKU\S-1-5-21-3128490503-3481064576-2182703944-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142018124749912\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
    Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
    Adobe Flash Plugins (HKLM\...\Adobe Flash Player) (Version: 26.0.0.131 - oszone.net)
    Adobe Photoshop CC 2015.5 (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF02}) (Version: 17.0 - Adobe Systems Incorporated)
    Apple Application Support (32-bit) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    CalMAN RGB (HKLM-x32\...\{a69b63b0-da55-4fc6-abb7-831e1e8686ad}) (Version: 5.8.1.31 - Portrait Displays, Inc) Hidden
    Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
    CR2 Converter (HKLM-x32\...\{775F32A5-7BA0-4717-89D0-32B3EC25B2C9}_is1) (Version: - cr2converter.com)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
    Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
    Imagenomic Portraiture 3 Plug-in (build 3027) (HKLM\...\Portraiture 3_is1) (Version: 3027 - Team V.R)
    inSSIDer 4 (HKLM-x32\...\{657B6478-2821-4A70-8FB7-996B5611964C}) (Version: 4.2.2.16 - MetaGeek, LLC)
    Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4877 - Intel Corporation)
    Intel® Integrated Sensor Solution (HKLM-x32\...\{b3782b53-1b6c-436a-b0f0-f65d83ae74d9}) (Version: 3.0.30.1119 - Intel Corporation)
    ISS_Drivers_x64 (HKLM\...\{6F91DCD1-30DB-449C-AE79-6948BEB15825}) (Version: 3.0.30.1119 - Intel Corporation) Hidden
    iTunes (HKLM\...\{D7D4465C-B3B6-4BC1-B336-2803FB57BFAF}) (Version: 12.7.2.60 - Apple Inc.)
    Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
    Logitech Options (HKLM\...\LogiOptions) (Version: 6.72.344 - Logitech)
    Main Services (HKLM-x32\...\{FDAE3324-375B-40F9-9369-C0F4ABB209B0}) (Version: 1.2.3 - System Native) Hidden <==== ATTENTION
    Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
    Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9179.0 - Waves Audio Ltd.) Hidden
    Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{e9d78d68-c26c-4da7-9158-99355d8ef3ad}) (Version: 14.10.25017.0 - Microsoft Corporation)
    NVIDIA Graphics Driver 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.71 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
    NVIDIA Update 23.23.30.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 23.23.30.0 - NVIDIA Corporation)
    Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
    Plagiarism Checker X (HKLM-x32\...\{B23E0CBF-D5F6-4682-99A0-A32C6FD93B5B}) (Version: 5.1.4 - Plagiarism Checker X, LLC) Hidden
    Plagiarism Checker X (HKLM-x32\...\Plagiarism Checker X 5.1.4) (Version: 5.1.4 - Plagiarism Checker X, LLC)
    qBittorrent 4.0.3 (HKLM-x32\...\qBittorrent) (Version: 4.0.3 - The qBittorrent project)
    QuickGamma 4.0.0.2 (HKLM-x32\...\QuickGamma_is1) (Version: 4.0.0.2 - Eberhard Werle)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8323 - Realtek Semiconductor Corp.)
    Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.16299.11310 - Realtek Semiconductor Corp.)
    RogueKiller version 12.11.32.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.32.0 - Adlice Software)
    SeaTools for Windows 1.4.0.4 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
    SpectraCal C3 Drivers (HKLM-x32\...\{7B906F27-3A5E-40FB-8784-A9D3EF2A3D7B}) (Version: 1.0.0.2 - Portrait Displays, Inc)
    Syncios Data Transfer 1.6.2 (HKLM-x32\...\{6C4BB520-3416-4D67-B7EA-A9FF6662345F}_is1) (Version: 1.6.2 - Anvsoft, Inc.)
    TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.81460 - TeamViewer)
    Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1F3E59DD-7DCE-4103-9528-57DA43134312}) (Version: 2.9.0.0 - Microsoft Corporation)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
    Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
    Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
    Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
    Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0-2) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
    WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-3128490503-3481064576-2182703944-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Audio Ltd)
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
    ShellIconOverlayIdentifiers: [0TheftProtectionDll] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => -> No File
    ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
    ShellIconOverlayIdentifiers-x32-x32-x32-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
    ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
    ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-19] (Alexander Roshal)
    ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-19] (Alexander Roshal)
    ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
    ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\igfxDTCM.dll [2017-11-07] (Intel Corporation)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-12-16] (NVIDIA Corporation)
    ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
    ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
    ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2016-07-30] (IvoSoft)
    ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-19] (Alexander Roshal)
    ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-19] (Alexander Roshal)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0EE83E87-D115-40C1-8BB2-79A3A2010273} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
    Task: {3FACB1A5-BF9C-46B0-9FAA-8BF50BFA2B07} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
    Task: {4B819D3C-E8C8-46D5-A381-3AC0EF2B14D6} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
    Task: {5CE6DA7E-9190-4E17-923C-E28B916732F2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
    Task: {62153E1A-1E48-4FFD-89FF-FF18F3682009} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
    Task: {769BE428-79FD-436D-B513-9FA7ACFB24F9} - System32\Tasks\R@1n-KMS\Office16ProPlus => wmic [Argument = path SoftwareLicensingProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate]
    Task: {7D27993D-3B6C-45ED-AC42-B830EA8A74DE} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-12-14] (Realtek Semiconductor)
    Task: {947B5735-D72C-4505-A3C4-9E6F09744DC7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\BcyoMZkjXMgFaPP.job => C:\Program Files (x86)\umkISPBbU\pAicqM.dll
    Task: C:\Windows\Tasks\plaAVjRQXWCDePSecyr.job => C:\Program Files (x86)\aohGTEheqdnWC\fklFQTu.dll

    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    ==================== Loaded Modules (Whitelisted) ==============

    2017-12-08 01:48 - 2017-12-08 01:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2017-12-08 01:48 - 2017-12-08 01:48 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2018-01-10 12:31 - 2018-01-10 12:55 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
    2017-03-19 04:58 - 2017-03-19 04:58 - 000138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
    2017-12-11 11:05 - 2017-12-11 11:05 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
    2017-12-11 11:05 - 2017-12-11 11:05 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
    2017-12-18 05:54 - 2017-12-18 05:54 - 017831424 _____ () C:\Program Files (x86)\qBittorrent\qbittorrent.exe
    2017-12-23 22:24 - 2017-12-06 12:24 - 002873688 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\swiftshader\libglesv2.dll
    2017-12-23 22:24 - 2017-12-06 12:24 - 000137048 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\swiftshader\libegl.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)

    IE trusted site: HKU\S-1-5-21-3128490503-3481064576-2182703944-1001\...\sharepoint.com -> hxxps://cnxmail-files.sharepoint.com
    IE trusted site: HKU\S-1-5-21-3128490503-3481064576-2182703944-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142018124749912\...\sharepoint.com -> hxxps://cnxmail-files.sharepoint.com

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2017-03-19 05:03 - 2018-01-10 12:15 - 000001320 _____ C:\Windows\system32\Drivers\etc\hosts

    127.0.0.1 cpm.paneladmin.pro
    127.0.0.1 publisher.hmdiadmingate.xyz
    127.0.0.1 hmdicrewtracksystem.xyz
    127.0.0.1 mydownloaddomain.com
    127.0.0.1 linkmate.space
    127.0.0.1 space1.adminpressure.space
    127.0.0.1 trackpressure.website
    127.0.0.1 doctorlink.space
    127.0.0.1 plugpackdownload.net
    127.0.0.1 texttotalk.org
    127.0.0.1 gambling577.xyz
    127.0.0.1 htagdownload.space
    127.0.0.1 mybcnmonetize.com
    127.0.0.1 360devtraking.website
    127.0.0.1 dscdn.pw
    127.0.0.1 bcnmonetize.go2affise.com
    127.0.0.1 beautifllink.xyz

    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142018124749834\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
    HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142018124749865\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001\Control Panel\Desktop\\Wallpaper ->
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142018124749912\Control Panel\Desktop\\Wallpaper ->
    DNS Servers: 8.8.8.8
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    MSCONFIG\Services: !SASCORE => 2
    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AGSService => 2
    MSCONFIG\Services: Apple Mobile Device Service => 2
    MSCONFIG\Services: Bonjour Service => 2
    MSCONFIG\Services: gservice.exe => 2
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: ibtsiva => 2
    MSCONFIG\Services: iPod Service => 3
    MSCONFIG\Services: MBAMService => 2
    MSCONFIG\Services: SkypeUpdate => 2
    MSCONFIG\Services: TeamViewer => 2
    MSCONFIG\Services: WsAppService => 2
    HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
    HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001\...\StartupApproved\Run: => "11f86284"
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142018124749912\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142018124749912\...\StartupApproved\Run: => "Skype"
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142018124749912\...\StartupApproved\Run: => "11f86284"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{9542C8AF-A202-4090-B62E-85858490B6A7}] => (Allow) C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{A11F7D9F-62CD-4441-AC74-3A0FC3CFCC4D}] => (Allow) C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{15CD99D4-DF32-44CA-865C-D1B1D7DB5636}] => (Allow) C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{59A605D8-C085-4239-9DAE-08003EA512EC}] => (Allow) C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{C7D0D5FD-B0F2-47D7-BB29-2133CD49D754}] => (Allow) C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{16D6C9C3-E743-4067-9365-59843C988E90}] => (Allow) C:\Users\Home\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{AA068812-7F31-4F85-A4C6-6BE780EBA4C3}] => (Allow) C:\Windows\explorer.exe
    FirewallRules: [{03CC437B-8AA9-434B-BFFE-C0D93E3C1770}] => (Allow) C:\Windows\system32\rundll32.exe
    FirewallRules: [{72531044-EFE8-47C5-961D-129A06EE4FB0}] => (Allow) C:\Windows\explorer.exe
    FirewallRules: [{FDF057F4-FD20-4537-9E75-AF1039E35983}] => (Allow) %APPDATA%\uTorrent\uTorrent.exe
    FirewallRules: [{E90BD0F5-7387-472D-BF31-8341DBB84F34}] => (Allow) %APPDATA%\uTorrent\uTorrent.exe
    FirewallRules: [{4051956F-062F-4857-998A-E6115E18FBF1}] => (Block) C:\Windows\systemapps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
    FirewallRules: [{F519264F-4B8D-4DF9-948F-B3C2F129C7A6}] => (Block) C:\Windows\systemapps\Microsoft.XboxGameCallableUI_cw5n1h2txyewy\XBox.TCUI.exe
    FirewallRules: [{73BEE30A-524B-4A1A-BC90-6D1D21A37AE3}] => (Allow) C:\Program Files (x86)\PlagiarismCheckerX\Plagiarism Checker X.exe
    FirewallRules: [{C2696103-3D7B-499F-A203-A2839ACDAD84}] => (Allow) C:\Program Files (x86)\PlagiarismCheckerX\Update.exe
    FirewallRules: [{8D5A9A95-C417-44A8-B694-9111DDB063C6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{48196FF5-E2D8-42D3-8DC1-0FEB6DF4ADC3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{B1636E57-E9E7-45C4-A198-5B1C1372304D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{E242D8CC-79F8-4BA6-8A32-C4A3FD0CD8A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{206A96BA-EA9B-4F5A-8901-E54738101CD9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [TCP Query User{C6CADB54-17C3-4640-AAF9-0608262AA132}C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe] => (Allow) C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe
    FirewallRules: [UDP Query User{0FB761A2-635E-4DDC-934A-3913395DE3C6}C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe] => (Allow) C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe
    FirewallRules: [{5084B41C-12F5-4CC4-B23C-725C9D56AD28}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DriverTalent.exe
    FirewallRules: [{D9D2A184-38A6-47A5-B5CF-1419DC40164A}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DTLService.exe
    FirewallRules: [{934A5DD3-46C3-4810-BDE5-9FD3852DC9FA}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\download\MiniThunderPlatform.exe
    FirewallRules: [{13250E6E-E3B8-43FF-863C-F90EFDA10058}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    FirewallRules: [{D2CC57E1-12AE-4BB4-AE9D-C776668A7976}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{26D0804E-049E-473B-A8B7-BDA1BB7633E7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{B3BEDF1F-35E5-4BDB-A8E3-2CEF53BA8DE0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{48BD8C6D-676D-4A65-8B5E-3EE90107DB36}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{33D47129-48AE-446E-B7FA-02919D9D24F1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{31AD12F9-FB16-471F-9882-887F28786D3E}] => (Allow) C:\Program Files (x86)\AnvSoft\Syncios Data Transfer\SynciosTransfer.exe
    FirewallRules: [{C5057683-4008-4977-AE80-ADDB014B9C81}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
    FirewallRules: [{8DF18EB0-103C-497F-8B9B-A3F893B8E6B7}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
    FirewallRules: [{52ED50F4-5E4D-488F-85A5-DEF2C7CCE28C}] => (Allow) C:\Windows\System32\rundll32.exe
    FirewallRules: [{CDDC7553-D55C-4530-813A-668FE2E20C44}] => (Allow) C:\Windows\System32\rundll32.exe
    FirewallRules: [{4B6B5652-1D62-4196-96F3-3BAFBFD1E135}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE

    ==================== Restore Points =========================

    10-01-2018 15:50:03 Windows Update
    10-01-2018 16:41:31 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    10-01-2018 16:42:03 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    10-01-2018 16:43:57 Installed OpenOffice 4.1.5
    10-01-2018 19:06:36 Removed OpenOffice 4.1.5
    14-01-2018 11:19:34 Windows Update

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (01/14/2018 09:35:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 620953

    Error: (01/14/2018 09:35:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 620953

    Error: (01/14/2018 09:35:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (01/14/2018 09:25:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 1312

    Error: (01/14/2018 09:25:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 1312

    Error: (01/14/2018 09:25:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (01/14/2018 07:27:50 PM) (Source: ESENT) (EventID: 490) (User: )
    Description: svchost (3536) SRUJet: An attempt to open the file "C:\Windows\system32\SRU\SRUDB.dat" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

    Error: (01/14/2018 07:27:40 PM) (Source: ESENT) (EventID: 490) (User: )
    Description: svchost (3536) SRUJet: An attempt to open the file "C:\Windows\system32\SRU\SRUDB.dat" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

    Error: (01/14/2018 07:27:30 PM) (Source: ESENT) (EventID: 490) (User: )
    Description: svchost (3536) SRUJet: An attempt to open the file "C:\Windows\system32\SRU\SRUDB.dat" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

    Error: (01/14/2018 07:27:20 PM) (Source: ESENT) (EventID: 490) (User: )
    Description: svchost (3536) SRUJet: An attempt to open the file "C:\Windows\system32\SRU\SRUDB.dat" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).


    System errors:
    =============
    Error: (01/15/2018 11:27:13 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (01/15/2018 09:58:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (01/15/2018 09:58:20 AM) (Source: TPM) (EventID: 15) (User: )
    Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

    Error: (01/14/2018 09:35:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (01/14/2018 07:36:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The ZAM Controller Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (01/14/2018 06:20:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (01/14/2018 12:47:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (01/14/2018 12:47:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
    and APPID
    {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
    to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (01/14/2018 12:47:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The CldFlt service failed to start due to the following error:
    The request is not supported.

    Error: (01/14/2018 12:47:11 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
    Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.


    CodeIntegrity:
    ===================================
    Date: 2018-01-10 12:55:27.119
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2018-01-10 12:50:17.489
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2018-01-10 12:32:16.369
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2018-01-10 12:11:49.497
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2018-01-10 12:11:49.493
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2018-01-09 18:29:26.217
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

    Date: 2018-01-04 11:42:25.183
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_4308e967c08942e3\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2018-01-04 11:42:24.745
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2017-12-31 17:22:13.853
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_4308e967c08942e3\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

    Date: 2017-12-31 17:22:13.539
    Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz
    Percentage of memory in use: 28%
    Total physical RAM: 16179.27 MB
    Available physical RAM: 11505.16 MB
    Total Virtual: 19095.27 MB
    Available Virtual: 14979.07 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:931.02 GB) (Free:774.75 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DDABDAAF)
    Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
     
  17. broni

    broni Malware Annihilator Techie7 Moderator Head Security

    We need to run fix in two steps.

    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST(FRST64) and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

    After running the above fix uninstall this unwanted program:

    Main Services

    Then re-run FRST and post fresh logs.
     

    Attached Files:

  18. ramesh help

    ramesh help Established Techie7 Member

    Fix result of Farbar Recovery Scan Tool (x64) Version: 14.01.2018
    Ran by Home (15-01-2018 14:18:14) Run:2
    Running from C:\Users\Home\Downloads
    Loaded Profiles: Home & (Available Profiles: Home)
    Boot Mode: Normal
    ==============================================

    fixlist content:
    *****************
    Main Services (HKLM-x32\...\{FDAE3324-375B-40F9-9369-C0F4ABB209B0}) (Version: 1.2.3 - System Native) Hidden <==== ATTENTION

    *****************

    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FDAE3324-375B-40F9-9369-C0F4ABB209B0}\\SystemComponent" => not found

    ==== End of Fixlog 14:18:14 ====
     
  19. ramesh help

    ramesh help Established Techie7 Member

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.01.2018
    Ran by Home (administrator) on WORKMACHINE (15-01-2018 14:23:36)
    Running from C:\Users\Home\Downloads
    Loaded Profiles: Home & (Available Profiles: Home)
    Platform: Windows 10 Home Version 1703 15063.850 (X64) Language: English (United Kingdom)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\igfxCUIService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\IntelCpHDCPSvc.exe
    (Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
    (Intel Corporation) C:\Windows\System32\ibtsiva.exe
    (Microsoft Corporation) C:\Windows\System32\Locator.exe
    (Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\IntelCpHeciSvc.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
    (Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
    (Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\igfxEM.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
    (Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
    (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
    () C:\Program Files (x86)\qBittorrent\qbittorrent.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\WINWORD.EXE
    () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Calculator.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\msiexec.exe
    (Microsoft Corporation) C:\Windows\System32\SrTasks.exe
    (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-19] (Microsoft Corporation)
    HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297272 2017-12-11] (Apple Inc.)
    HKLM\...\Run: [SERVICE] => [X]
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2142328 2017-12-19] (Logitech, Inc.)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2017-11-28] (Adobe Systems Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\logon.scr
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142018124749912\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\logon.scr
    Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-01-10]
    ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation)
    GroupPolicy: Restriction <==== ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    Tcpip\Parameters: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{2932496d-0bdb-11e7-a8ba-806e6f6e6963}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{2eed2ca6-62ae-4832-a2bc-797af511b181}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{3e8cd711-8c03-4497-b0a3-96439e127060}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{3e8cd711-8c03-4497-b0a3-96439e127060}: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{7a0aa4d2-5fbf-425e-bb39-0b8e87787ae0}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{89c7d9d2-b82d-4b12-a174-010c1c2aee99}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{be34f7d1-1aa2-4b2b-ba63-83fc4ecd66c2}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{e5f548e5-804e-4ae0-843c-b0a104b797ae}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{ecc22f3c-39b8-4d25-8211-9310c4b0ac91}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{ecc22f3c-39b8-4d25-8211-9310c4b0ac91}: [DhcpNameServer] 8.8.8.8

    Internet Explorer:
    ==================
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
    HKU\S-1-5-21-3128490503-3481064576-2182703944-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142018124749912\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-3128490503-3481064576-2182703944-1001 -> {0CE02FFA-A6B0-46F6-BA2F-BD32C3630126} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
    SearchScopes: HKU\S-1-5-21-3128490503-3481064576-2182703944-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01142018124749912 -> {0CE02FFA-A6B0-46F6-BA2F-BD32C3630126} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
    BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
    BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-18] (Adobe Systems Incorporated)
    BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
    BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-18] (Adobe Systems Incorporated)
    BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2018-01-10] (Oracle Corporation)
    BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-18] (Adobe Systems Incorporated)
    BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-02-22] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2018-01-10] (Oracle Corporation)
    BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
    BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-18] (Adobe Systems Incorporated)
    Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
    Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-18] (Adobe Systems Incorporated)
    Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
    Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-18] (Adobe Systems Incorporated)
    Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)
    Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe

    FireFox:
    ========
    FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
    FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-27]
    FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-16] ()
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-16] ()
    FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2018-01-10] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2018-01-10] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
    FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-11-28] (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems)

    Chrome:
    =======
    CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default [2018-01-15]
    CHR Extension: (UROverview) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\amdamgkgchnbaopmphhjapmjcdghdphi [2018-01-09]
    CHR Extension: (Adblock Plus) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-14]
    CHR Extension: (Tampermonkey) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-10-08]
    CHR Extension: (WME JNF) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnjmbmlldgfomcdmflifibpappdadcm [2017-11-24]
    CHR Extension: (Ads Blocker for Facebook ™) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmgjckeibmdfndlflobjhddhmemajjld [2017-12-24]
    CHR Extension: (WME Route Checker) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjnhelaghhdbglpieidncdppchpnlfh [2017-09-14]
    CHR Extension: (AdBlock) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-24]
    CHR Extension: (Lazada Price Tracker) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbffioiakemflkglioiijpfddgahchaf [2018-01-10]
    CHR Extension: (Video Adblocker for Youtube™ Extension) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2017-11-24]
    CHR Extension: (Social Fixer for Facebook) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2017-12-25]
    CHR Extension: (WME Toolbox) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihebciailciabdiknfomleeccodkdejn [2017-12-24]
    CHR Extension: (WME Color Highlights) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijnldkoicbhinlgnoigchihmegdjobjc [2017-07-28]
    CHR Extension: (Waze - Google Maps™ link) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jblojdkgpamepmiammlgkkhknojnlmai [2017-08-20]
    CHR Extension: (Torrentz2 Magnet Links +) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldknhpjddofdohocbhakahagoepainmo [2017-12-30]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
    CHR Extension: (Chrome Media Router) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-24]
    CHR Extension: (RightToCopy) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmcimdddlobkphnofejmeidjblideca [2018-01-04]
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
    R4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
    R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-09] (Intel Corporation)
    R4 ibtsiva; C:\Windows\system32\ibtsiva.exe [542392 2017-10-18] (Intel Corporation)
    R4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324544 2017-12-14] (Realtek Semiconductor)
    S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-07-27] (TeamViewer GmbH)
    R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [592776 2017-05-08] (Waves Audio Ltd.)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-19] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
    S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492256 2017-06-14] (Wondershare)
    R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
    R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [74144 2017-11-09] (Intel Corporation)
    R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [69536 2017-11-09] (Intel Corporation)
    R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [382880 2017-11-09] (Intel Corporation)
    R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [54816 2016-10-28] (Intel Corporation)
    R3 HID_PCI; C:\Windows\System32\drivers\HID_PCI.sys [31328 2016-08-10] (Intel)
    R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [98976 2017-06-28] (Intel Corporation)
    R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [132104 2017-10-18] (Intel Corporation)
    R3 ISH; C:\Windows\System32\drivers\ISH.sys [143984 2016-09-20] (Intel)
    R3 ISH_BusDriver; C:\Windows\System32\drivers\ISH_BusDriver.sys [80496 2016-08-18] (Intel)
    R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-01-10] (Malwarebytes)
    R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7638536 2017-10-30] (Intel Corporation)
    R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_4308e967c08942e3\nvlddmkm.sys [17028552 2017-12-19] (NVIDIA Corporation)
    R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3237312 2017-12-11] (Realtek Semiconductor Corp.)
    S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-19] ()
    S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
    R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [42000 2017-01-12] (Intel Corporation)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44632 2017-03-19] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [294816 2017-03-19] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-19] (Microsoft Corporation)
    S2 WinDivert1.2; C:\Windows\system32\drivers\WinDivert64.sys [37552 2018-01-10] (Basil)
    R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2018-01-14] (Zemana Ltd.)
    S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-01-15 14:19 - 2018-01-15 14:23 - 000021785 _____ C:\Users\Home\Downloads\FRST.txt
    2018-01-15 14:19 - 2018-01-15 14:20 - 000036957 _____ C:\Users\Home\Downloads\Addition.txt
    2018-01-15 14:17 - 2018-01-15 14:18 - 000000628 _____ C:\Users\Home\Downloads\Fixlog.txt
    2018-01-15 12:17 - 2018-01-15 14:23 - 000000000 ____D C:\FRST
    2018-01-15 12:17 - 2018-01-15 12:17 - 002393088 _____ (Farbar) C:\Users\Home\Downloads\FRST64.exe
    2018-01-14 19:41 - 2018-01-14 19:50 - 000000000 ____D C:\Users\Home\AppData\Roaming\FreeFixer
    2018-01-14 19:41 - 2018-01-14 19:50 - 000000000 ____D C:\Users\Home\AppData\Local\FreeFixer
    2018-01-14 19:41 - 2018-01-14 19:50 - 000000000 ____D C:\Program Files\FreeFixer
    2018-01-14 19:40 - 2018-01-14 19:40 - 002736190 _____ (Kephyr) C:\Users\Home\Downloads\freefixersetup.exe
    2018-01-14 19:34 - 2018-01-14 19:34 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
    2018-01-14 19:33 - 2018-01-14 19:34 - 031622688 _____ (SUPERAntiSpyware) C:\Users\Home\Downloads\SUPERAntiSpyware.exe
    2018-01-14 19:26 - 2018-01-14 19:26 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\Home\Downloads\rkill.exe
    2018-01-14 19:20 - 2018-01-14 19:26 - 744487671 _____ C:\Users\Home\Desktop\www.TamilRockers.st - Annadurai (2017)[HDRip - x264 - 700MB - Tamil].mkv
    2018-01-14 19:01 - 2018-01-15 14:23 - 000225215 _____ C:\Windows\ZAM_Guard.krnl.trace
    2018-01-14 19:01 - 2018-01-14 19:36 - 000231206 _____ C:\Windows\ZAM.krnl.trace
    2018-01-14 19:00 - 2018-01-14 19:36 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
    2018-01-14 19:00 - 2018-01-14 19:00 - 006625600 _____ (Zemana Ltd. ) C:\Users\Home\Downloads\Zemana.AntiMalware.Setup.exe
    2018-01-14 19:00 - 2018-01-14 19:00 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
    2018-01-14 19:00 - 2018-01-14 19:00 - 000000000 ____D C:\Users\Home\AppData\Local\Zemana
    2018-01-14 18:59 - 2018-01-14 18:59 - 008198432 _____ (Malwarebytes) C:\Users\Home\Downloads\adwcleaner_7.0.6.0 (1).exe
    2018-01-14 18:51 - 2018-01-14 18:58 - 730658583 _____ C:\Users\Home\Desktop\www.TamilRockers.st - Spyder (2017) Tamil HDRip x264 700MB.mkv
    2018-01-14 18:51 - 2018-01-14 18:57 - 742894207 _____ C:\Users\Home\Desktop\www.TamilRockers.st - Sakka Podu Podu Raja (2017)[HDRip - x264 - 700MB - ESubs - Tamil].mkv
    2018-01-14 18:51 - 2018-01-14 18:51 - 000014844 _____ C:\Users\Home\Downloads\www.TamilRockers.st - Sakka Podu Podu Raja (2017)HDRip - x264 - 700MB - ESubs - Tamil.mkv.torrent
    2018-01-14 18:50 - 2018-01-14 18:50 - 000014324 _____ C:\Users\Home\Downloads\www.TamilRockers.st - Spyder (2017) Tamil HDRip x264 700MB.mkv.torrent
    2018-01-14 16:34 - 2018-01-14 16:34 - 004288071 _____ C:\Users\Home\Downloads\MGT5000_S3_2017_Ramesh_Kasi.docx.pdf
    2018-01-14 14:38 - 2018-01-14 14:38 - 000000000 ____D C:\Users\Home\AppData\Local\SolidDocuments
    2018-01-14 14:09 - 2018-01-14 14:12 - 810299834 _____ C:\Users\Home\Downloads\IZOFILE.COM - Adobe Acrobat Pro DC 2018.009.20044.rar
    2018-01-14 14:08 - 2018-01-14 14:08 - 000586327 _____ ( ) C:\Users\Home\Downloads\Adobe_Acrobat_Pro_Dc_18.009.20050_Crack_2018.exe
    2018-01-14 14:08 - 2018-01-14 14:08 - 000045110 _____ C:\Users\Home\Downloads\Adobe_Acrobat_Pro_DC_2018_Crack.xht
    2018-01-14 14:05 - 2018-01-14 14:05 - 000045111 _____ C:\Users\Home\Downloads\Adobe_Acrobat_Pro_DC_Crack.xht
    2018-01-14 14:05 - 2018-01-14 14:05 - 000023867 _____ C:\Users\Home\Downloads\adobe-acrobat-pro-dc-crack.xht
    2018-01-14 12:53 - 2018-01-14 19:01 - 000000000 ____D C:\AdwCleaner
    2018-01-14 12:50 - 2018-01-14 12:51 - 008198432 _____ (Malwarebytes) C:\Users\Home\Downloads\adwcleaner_7.0.6.0.exe
    2018-01-14 12:49 - 2018-01-14 12:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
    2018-01-14 12:49 - 2018-01-14 12:49 - 000000000 ____D C:\Program Files\RogueKiller
    2018-01-14 12:42 - 2018-01-14 12:42 - 033463072 _____ (Adlice Software ) C:\Users\Home\Downloads\setup.exe
    2018-01-14 11:54 - 2018-01-14 11:54 - 000000000 ____D C:\Users\Home\AppData\Roaming\Logishrd
    2018-01-14 11:54 - 2018-01-14 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
    2018-01-14 11:53 - 2018-01-14 11:53 - 000000000 ____D C:\ProgramData\Logishrd
    2018-01-14 11:53 - 2018-01-14 11:53 - 000000000 ____D C:\Program Files\Logitech
    2018-01-14 11:20 - 2018-01-14 11:30 - 000000000 ____D C:\Program Files\rempl
    2018-01-14 11:17 - 2018-01-14 11:24 - 153191304 _____ (Logitech Inc.) C:\Users\Home\Downloads\Options_6.72.344.exe
    2018-01-10 18:58 - 2018-01-10 18:58 - 000037561 _____ C:\Users\Home\Downloads\1027637329.pdf
    2018-01-10 18:44 - 2018-01-10 18:44 - 000057410 _____ C:\Users\Home\Downloads\KASIK.L.PALANIAPPAN.pdf
    2018-01-10 16:47 - 2018-01-10 16:47 - 000000000 ____D C:\Users\Home\AppData\Roaming\OpenOffice
    2018-01-10 16:41 - 2018-01-10 16:41 - 000000000 ____D C:\Users\Home\Desktop\OpenOffice 4.1.5 (en-US) Installation Files
    2018-01-10 16:37 - 2018-01-10 16:38 - 140756235 _____ C:\Users\Home\Downloads\Apache_OpenOffice_4.1.5_Win_x86_install_en-US.exe
    2018-01-10 16:36 - 2018-01-10 16:36 - 000157455 _____ C:\Users\Home\Downloads\competition_rejection 2018-01-10.csv
    2018-01-10 16:03 - 2018-01-10 16:03 - 003022784 _____ C:\Users\Home\Downloads\finance.export.payout 2018-01-10.csv
    2018-01-10 15:23 - 2018-01-10 15:23 - 000003654 _____ C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask
    2018-01-10 15:23 - 2018-01-10 15:23 - 000001358 _____ C:\DelFix.txt
    2018-01-10 15:23 - 2018-01-10 15:23 - 000000000 ____D C:\Windows\ERUNT
    2018-01-10 14:05 - 2018-01-10 14:05 - 001852992 _____ (Oracle Corporation) C:\Users\Home\Downloads\JavaSetup8u151.exe
    2018-01-10 12:49 - 2018-01-14 12:50 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
    2018-01-10 12:49 - 2018-01-10 15:22 - 000000000 ____D C:\ProgramData\RogueKiller
    2018-01-10 12:32 - 2018-01-10 13:49 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
    2018-01-10 12:32 - 2018-01-10 12:32 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2018-01-10 12:32 - 2018-01-10 12:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2018-01-10 12:31 - 2018-01-10 12:55 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
    2018-01-10 12:31 - 2018-01-10 12:31 - 083316440 _____ (Malwarebytes ) C:\Users\Home\Downloads\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3374.exe
    2018-01-10 12:31 - 2018-01-10 12:31 - 000000000 ____D C:\ProgramData\Malwarebytes
    2018-01-10 12:31 - 2018-01-10 12:31 - 000000000 ____D C:\Program Files\Malwarebytes
    2018-01-10 12:29 - 2018-01-10 12:43 - 000000000 ____D C:\Users\Home\AppData\Roaming\herfhhze0fk
    2018-01-10 12:28 - 2018-01-10 12:28 - 000000000 ____D C:\ProgramData\System Native
    2018-01-10 12:26 - 2018-01-10 12:26 - 000003621 _____ C:\Users\Public\Desktop\R@1n.txt
    2018-01-10 12:26 - 2018-01-10 12:26 - 000000000 ____D C:\Windows\System32\Tasks\R@1n-KMS
    2018-01-10 12:26 - 2018-01-10 12:26 - 000000000 ____D C:\Users\Home\AppData\Local\mpress
    2018-01-10 12:25 - 2018-01-10 12:25 - 000004096 _____ C:\Windows\KMS-R@1nHook.dll
    2018-01-10 12:18 - 2018-01-10 12:43 - 000000328 _____ C:\Windows\Tasks\plaAVjRQXWCDePSecyr.job
    2018-01-10 12:17 - 2018-01-10 12:43 - 000000318 _____ C:\Windows\Tasks\BcyoMZkjXMgFaPP.job
    2018-01-10 12:17 - 2018-01-10 12:17 - 000037552 _____ (Basil) C:\Windows\system32\Drivers\WinDivert64.sys
    2018-01-10 12:16 - 2018-01-10 13:45 - 000000000 ____D C:\Disk
    2018-01-10 12:16 - 2018-01-10 12:43 - 000000000 ____D C:\Users\Home\AppData\Roaming\ka10kqmgpts
    2018-01-10 12:16 - 2018-01-10 12:16 - 000140800 _____ C:\Users\Home\AppData\Local\installer.dat
    2018-01-10 12:16 - 2018-01-10 12:16 - 000000000 ____D C:\Windat
    2018-01-10 12:15 - 2018-01-10 12:43 - 000000000 ____D C:\Program Files (x86)\Multitimer
    2018-01-10 12:14 - 2018-01-10 12:38 - 000000000 ____D C:\WinSys
    2018-01-10 12:14 - 2018-01-10 12:38 - 000000000 ____D C:\Applications
    2018-01-10 12:14 - 2018-01-10 12:28 - 000000258 __RSH C:\ProgramData\ntuser.pol
    2018-01-10 12:14 - 2018-01-10 12:14 - 000000000 ____D C:\Users\Home\AppData\Roaming\System Native
    2018-01-10 12:14 - 2018-01-10 12:14 - 000000000 ____D C:\Program Files (x86)\System Native
    2018-01-10 12:12 - 2018-01-10 12:41 - 000000000 ____D C:\Program Files (x86)\KMSPico 10.2.2 Final
    2018-01-09 11:17 - 2018-01-09 11:17 - 000000000 ____D C:\Users\Home\Downloads\temp
    2018-01-09 11:16 - 2018-01-14 19:26 - 000000000 ____D C:\Users\Home\Desktop\torrent incomplete
    2018-01-09 11:01 - 2018-01-09 11:05 - 000000000 ____D C:\Users\Home\Downloads\Ferdinand 2017
    2018-01-08 20:54 - 2018-01-08 20:54 - 000037171 _____ C:\Windows\uninstaller.dat
    2018-01-08 10:33 - 2018-01-15 14:17 - 000000000 ____D C:\Users\Home\AppData\Roaming\qBittorrent
    2018-01-08 10:33 - 2018-01-08 10:33 - 000000000 ____D C:\Users\Home\AppData\Local\qBittorrent
    2018-01-08 10:33 - 2018-01-08 10:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
    2018-01-08 10:33 - 2018-01-08 10:33 - 000000000 ____D C:\Program Files (x86)\qBittorrent
    2018-01-07 16:48 - 2018-01-07 17:08 - 000001855 _____ C:\Users\Home\Desktop\dsfsdfdsfd.txt
    2018-01-07 10:53 - 2018-01-01 14:03 - 000891904 _____ (Microsoft Corporation) C:\Windows\system32\Spectrum.exe
    2018-01-07 10:53 - 2018-01-01 10:27 - 000074648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
    2018-01-07 10:53 - 2018-01-01 10:26 - 000107416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
    2018-01-07 10:53 - 2018-01-01 10:24 - 000135576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2018-01-07 10:53 - 2018-01-01 10:24 - 000102808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
    2018-01-07 10:53 - 2018-01-01 10:24 - 000052632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys
    2018-01-07 10:53 - 2018-01-01 10:22 - 001239448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
    2018-01-07 10:53 - 2018-01-01 10:22 - 001194784 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2018-01-07 10:53 - 2018-01-01 10:22 - 000181912 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2018-01-07 10:53 - 2018-01-01 10:22 - 000119704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2018-01-07 10:53 - 2018-01-01 10:21 - 000587160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
    2018-01-07 10:53 - 2018-01-01 10:20 - 000036760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys
    2018-01-07 10:53 - 2018-01-01 10:19 - 000730008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
    2018-01-07 10:53 - 2018-01-01 10:19 - 000164760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
    2018-01-07 10:53 - 2018-01-01 10:19 - 000047512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys
    2018-01-07 10:53 - 2018-01-01 10:19 - 000027456 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
    2018-01-07 10:53 - 2018-01-01 10:18 - 000110600 _____ (Microsoft Corporation) C:\Windows\system32\rmclient.dll
    2018-01-07 10:53 - 2018-01-01 10:18 - 000057752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
    2018-01-07 10:53 - 2018-01-01 10:16 - 002672024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
    2018-01-07 10:53 - 2018-01-01 10:16 - 000610712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2018-01-07 10:53 - 2018-01-01 10:15 - 000083352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
    2018-01-07 10:53 - 2018-01-01 10:09 - 000070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WindowsTrustedRT.sys
    2018-01-07 10:53 - 2018-01-01 10:07 - 000583688 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_win.dll
    2018-01-07 10:53 - 2018-01-01 10:03 - 000627584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
    2018-01-07 10:53 - 2018-01-01 10:03 - 000311704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2018-01-07 10:53 - 2018-01-01 09:52 - 000195768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
    2018-01-07 10:53 - 2018-01-01 09:50 - 000787704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2018-01-07 10:53 - 2018-01-01 09:49 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
    2018-01-07 10:53 - 2018-01-01 09:48 - 005828768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
    2018-01-07 10:53 - 2018-01-01 09:48 - 002167320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2018-01-07 10:53 - 2018-01-01 09:48 - 000073896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wwapi.dll
    2018-01-07 10:53 - 2018-01-01 09:47 - 001998416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
    2018-01-07 10:53 - 2018-01-01 09:47 - 000433888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
    2018-01-07 10:53 - 2018-01-01 09:47 - 000186520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
    2018-01-07 10:53 - 2018-01-01 09:47 - 000016592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshhyperv.dll
    2018-01-07 10:53 - 2018-01-01 09:46 - 000702032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
    2018-01-07 10:53 - 2018-01-01 09:46 - 000087352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll
    2018-01-07 10:53 - 2018-01-01 09:45 - 020374424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2018-01-07 10:53 - 2018-01-01 09:45 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
    2018-01-07 10:53 - 2018-01-01 09:43 - 000558080 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2018-01-07 10:53 - 2018-01-01 09:42 - 000480912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
    2018-01-07 10:53 - 2018-01-01 09:42 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
    2018-01-07 10:53 - 2018-01-01 09:41 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenanceClient.dll
    2018-01-07 10:53 - 2018-01-01 09:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgid.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
    2018-01-07 10:53 - 2018-01-01 09:40 - 000130560 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
    2018-01-07 10:53 - 2018-01-01 09:40 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storqosflt.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Synth3dVsc.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
    2018-01-07 10:53 - 2018-01-01 09:40 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dmvsc.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RfxVmt.sys
    2018-01-07 10:53 - 2018-01-01 09:40 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerSvc.dll
    2018-01-07 10:53 - 2018-01-01 09:39 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
    2018-01-07 10:53 - 2018-01-01 09:39 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
    2018-01-07 10:53 - 2018-01-01 09:39 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
    2018-01-07 10:53 - 2018-01-01 09:38 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
    2018-01-07 10:53 - 2018-01-01 09:38 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2018-01-07 10:53 - 2018-01-01 09:38 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
    2018-01-07 10:53 - 2018-01-01 09:38 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
    2018-01-07 10:53 - 2018-01-01 09:37 - 002953216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
    2018-01-07 10:53 - 2018-01-01 09:37 - 000473600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2018-01-07 10:53 - 2018-01-01 09:37 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2018-01-07 10:53 - 2018-01-01 09:37 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2018-01-07 10:53 - 2018-01-01 09:37 - 000038912 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2018-01-07 10:53 - 2018-01-01 09:36 - 000548864 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
    2018-01-07 10:53 - 2018-01-01 09:36 - 000328704 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
    2018-01-07 10:53 - 2018-01-01 09:36 - 000209920 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
    2018-01-07 10:53 - 2018-01-01 09:35 - 000421888 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
    2018-01-07 10:53 - 2018-01-01 09:35 - 000343040 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
    2018-01-07 10:53 - 2018-01-01 09:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
    2018-01-07 10:53 - 2018-01-01 09:35 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PimIndexMaintenanceClient.dll
    2018-01-07 10:53 - 2018-01-01 09:35 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\virtdisk.dll
    2018-01-07 10:53 - 2018-01-01 09:34 - 000203264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\container.dll
    2018-01-07 10:53 - 2018-01-01 09:34 - 000132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
    2018-01-07 10:53 - 2018-01-01 09:34 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
    2018-01-07 10:53 - 2018-01-01 09:34 - 000049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tetheringclient.dll
    2018-01-07 10:53 - 2018-01-01 09:34 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2018-01-07 10:53 - 2018-01-01 09:34 - 000010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2018-01-07 10:53 - 2018-01-01 09:33 - 001627648 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
    2018-01-07 10:53 - 2018-01-01 09:33 - 001177600 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
    2018-01-07 10:53 - 2018-01-01 09:33 - 000175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
    2018-01-07 10:53 - 2018-01-01 09:33 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
    2018-01-07 10:53 - 2018-01-01 09:33 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ssdpapi.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 001094656 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 000365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2018-01-07 10:53 - 2018-01-01 09:32 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 000253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
    2018-01-07 10:53 - 2018-01-01 09:32 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 000069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\keyiso.dll
    2018-01-07 10:53 - 2018-01-01 09:32 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3dlg.dll
    2018-01-07 10:53 - 2018-01-01 09:31 - 000934912 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
    2018-01-07 10:53 - 2018-01-01 09:31 - 000757760 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
    2018-01-07 10:53 - 2018-01-01 09:31 - 000370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
    2018-01-07 10:53 - 2018-01-01 09:31 - 000242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
    2018-01-07 10:53 - 2018-01-01 09:31 - 000232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppLockerCSP.dll
    2018-01-07 10:53 - 2018-01-01 09:31 - 000173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
    2018-01-07 10:53 - 2018-01-01 09:30 - 020514304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
    2018-01-07 10:53 - 2018-01-01 09:30 - 019337216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2018-01-07 10:53 - 2018-01-01 09:30 - 000815616 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
    2018-01-07 10:53 - 2018-01-01 09:30 - 000432640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
    2018-01-07 10:53 - 2018-01-01 09:30 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2018-01-07 10:53 - 2018-01-01 09:30 - 000304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
    2018-01-07 10:53 - 2018-01-01 09:29 - 002516480 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2018-01-07 10:53 - 2018-01-01 09:29 - 001628672 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
    2018-01-07 10:53 - 2018-01-01 09:29 - 000969728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
    2018-01-07 10:53 - 2018-01-01 09:29 - 000664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2018-01-07 10:53 - 2018-01-01 09:29 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2018-01-07 10:53 - 2018-01-01 09:29 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
    2018-01-07 10:53 - 2018-01-01 09:28 - 001452544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
    2018-01-07 10:53 - 2018-01-01 09:28 - 000754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2018-01-07 10:53 - 2018-01-01 09:28 - 000522752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
    2018-01-07 10:53 - 2018-01-01 09:28 - 000260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2018-01-07 10:53 - 2018-01-01 09:27 - 000946176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
    2018-01-07 10:53 - 2018-01-01 09:27 - 000879104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2018-01-07 10:53 - 2018-01-01 09:27 - 000267264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
    2018-01-07 10:53 - 2018-01-01 09:26 - 005964288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
    2018-01-07 10:53 - 2018-01-01 09:26 - 000750592 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
    2018-01-07 10:53 - 2018-01-01 09:26 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
    2018-01-07 10:53 - 2018-01-01 09:26 - 000385536 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
    2018-01-07 10:53 - 2018-01-01 09:26 - 000183296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
    2018-01-07 10:53 - 2018-01-01 09:26 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\rdvvmtransport.dll
    2018-01-07 10:53 - 2018-01-01 09:26 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys
    2018-01-07 10:53 - 2018-01-01 09:24 - 003651072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2018-01-07 10:53 - 2018-01-01 09:24 - 002859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2018-01-07 10:53 - 2018-01-01 09:24 - 000658944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2018-01-07 10:53 - 2018-01-01 09:23 - 001627136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2018-01-07 10:53 - 2018-01-01 09:23 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
    2018-01-07 10:53 - 2018-01-01 09:22 - 000367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
    2018-01-07 10:53 - 2018-01-01 09:21 - 000337920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
     
    Last edited: Jan 15, 2018
  20. ramesh help

    ramesh help Established Techie7 Member

    2018-01-07 10:53 - 2018-01-01 09:21 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvvmtransport.dll
    2018-01-07 10:53 - 2018-01-01 09:20 - 000708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
    2018-01-07 10:53 - 2018-01-01 09:20 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
    2018-01-07 10:53 - 2018-01-01 09:19 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscproxystub.dll
    2018-01-07 10:53 - 2018-01-01 09:18 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
    2018-01-07 10:53 - 2018-01-01 09:18 - 000048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdPnp.dll
    2018-01-07 10:53 - 2018-01-01 09:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmiprop.dll
    2018-01-07 10:53 - 2018-01-01 09:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWNet.dll
    2018-01-07 10:52 - 2018-01-01 10:27 - 001021336 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
    2018-01-07 10:52 - 2018-01-01 10:27 - 000751576 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
    2018-01-07 10:52 - 2018-01-01 10:27 - 000544152 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
    2018-01-07 10:52 - 2018-01-01 10:27 - 000382864 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2018-01-07 10:52 - 2018-01-01 10:27 - 000264536 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
    2018-01-07 10:52 - 2018-01-01 10:27 - 000074648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
    2018-01-07 10:52 - 2018-01-01 10:27 - 000066712 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
    2018-01-07 10:52 - 2018-01-01 10:27 - 000022800 _____ (Microsoft Corporation) C:\Windows\system32\iumbase.dll
    2018-01-07 10:52 - 2018-01-01 10:27 - 000022208 _____ (Microsoft Corporation) C:\Windows\system32\IumSdk.dll
    2018-01-07 10:52 - 2018-01-01 10:27 - 000020376 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
    2018-01-07 10:52 - 2018-01-01 10:27 - 000015632 _____ (Microsoft Corporation) C:\Windows\system32\iumdll.dll
    2018-01-07 10:52 - 2018-01-01 10:25 - 001065608 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2018-01-07 10:52 - 2018-01-01 10:25 - 000900880 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
    2018-01-07 10:52 - 2018-01-01 10:24 - 008345496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2018-01-07 10:52 - 2018-01-01 10:24 - 002327448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2018-01-07 10:52 - 2018-01-01 10:24 - 001188544 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2018-01-07 10:52 - 2018-01-01 10:24 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
    2018-01-07 10:52 - 2018-01-01 10:24 - 000105880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2018-01-07 10:52 - 2018-01-01 10:24 - 000033688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
    2018-01-07 10:52 - 2018-01-01 10:23 - 000456088 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
    2018-01-07 10:52 - 2018-01-01 10:23 - 000386456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
    2018-01-07 10:52 - 2018-01-01 10:22 - 000503704 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
    2018-01-07 10:52 - 2018-01-01 10:21 - 000328616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
    2018-01-07 10:52 - 2018-01-01 10:21 - 000063896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys
    2018-01-07 10:52 - 2018-01-01 10:20 - 007319912 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
    2018-01-07 10:52 - 2018-01-01 10:20 - 002647216 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2018-01-07 10:52 - 2018-01-01 10:20 - 000524760 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
    2018-01-07 10:52 - 2018-01-01 10:20 - 000459160 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
    2018-01-07 10:52 - 2018-01-01 10:19 - 002466392 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
    2018-01-07 10:52 - 2018-01-01 10:19 - 000870896 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
    2018-01-07 10:52 - 2018-01-01 10:19 - 000714648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000643704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000546712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000282520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000247472 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
    2018-01-07 10:52 - 2018-01-01 10:19 - 000184728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000123800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000118680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvsocket.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000082328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000054168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000031640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys
    2018-01-07 10:52 - 2018-01-01 10:19 - 000018672 _____ (Microsoft Corporation) C:\Windows\system32\wshhyperv.dll
    2018-01-07 10:52 - 2018-01-01 10:18 - 021354736 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2018-01-07 10:52 - 2018-01-01 10:18 - 001146776 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
    2018-01-07 10:52 - 2018-01-01 10:18 - 000966040 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
    2018-01-07 10:52 - 2018-01-01 10:18 - 000822680 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
    2018-01-07 10:52 - 2018-01-01 10:18 - 000316240 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2018-01-07 10:52 - 2018-01-01 10:18 - 000175800 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
    2018-01-07 10:52 - 2018-01-01 10:18 - 000059800 _____ (Microsoft Corporation) C:\Windows\system32\hvhostsvc.dll
    2018-01-07 10:52 - 2018-01-01 10:17 - 000154520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
    2018-01-07 10:52 - 2018-01-01 10:16 - 001107352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
    2018-01-07 10:52 - 2018-01-01 10:15 - 001396680 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2018-01-07 10:52 - 2018-01-01 10:15 - 000644696 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
    2018-01-07 10:52 - 2018-01-01 10:14 - 000159640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
    2018-01-07 10:52 - 2018-01-01 10:10 - 000100800 _____ (Microsoft Corporation) C:\Windows\system32\wwapi.dll
    2018-01-07 10:52 - 2018-01-01 10:09 - 000434072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
    2018-01-07 10:52 - 2018-01-01 10:09 - 000142744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
    2018-01-07 10:52 - 2018-01-01 10:09 - 000114584 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
    2018-01-07 10:52 - 2018-01-01 10:08 - 001325960 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
    2018-01-07 10:52 - 2018-01-01 09:52 - 023680512 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
    2018-01-07 10:52 - 2018-01-01 09:44 - 000411184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_win.dll
    2018-01-07 10:52 - 2018-01-01 09:43 - 003670016 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
    2018-01-07 10:52 - 2018-01-01 09:42 - 000122880 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2018-01-07 10:52 - 2018-01-01 09:42 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys
    2018-01-07 10:52 - 2018-01-01 09:42 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys
    2018-01-07 10:52 - 2018-01-01 09:42 - 000047104 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2018-01-07 10:52 - 2018-01-01 09:41 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
    2018-01-07 10:52 - 2018-01-01 09:41 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\sysntfy.dll
    2018-01-07 10:52 - 2018-01-01 09:41 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll
    2018-01-07 10:52 - 2018-01-01 09:41 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\VmApplicationHealthMonitorProxy.dll
    2018-01-07 10:52 - 2018-01-01 09:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hyperkbd.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgencounter.sys
    2018-01-07 10:52 - 2018-01-01 09:41 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys
    2018-01-07 10:52 - 2018-01-01 09:40 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\container.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000133632 _____ (Microsoft Corporation) C:\Windows\system32\wificonnapi.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\container_xml.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
    2018-01-07 10:52 - 2018-01-01 09:40 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\efslsaext.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcnfs.sys
    2018-01-07 10:52 - 2018-01-01 09:40 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys
    2018-01-07 10:52 - 2018-01-01 09:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\tetheringclient.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\efssvc.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\virtdisk.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
    2018-01-07 10:52 - 2018-01-01 09:40 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2018-01-07 10:52 - 2018-01-01 09:40 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\gpuenergydrv.sys
    2018-01-07 10:52 - 2018-01-01 09:39 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\ACPBackgroundManagerPolicy.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
    2018-01-07 10:52 - 2018-01-01 09:39 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
    2018-01-07 10:52 - 2018-01-01 09:39 - 000144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
    2018-01-07 10:52 - 2018-01-01 09:39 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\rasauto.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\SCardDlg.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\ssdpapi.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
    2018-01-07 10:52 - 2018-01-01 09:39 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
    2018-01-07 10:52 - 2018-01-01 09:38 - 000457728 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000304640 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
    2018-01-07 10:52 - 2018-01-01 09:38 - 000283648 _____ (Microsoft Corporation) C:\Windows\system32\icsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\WPTaskScheduler.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000165888 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2018-01-07 10:52 - 2018-01-01 09:38 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
    2018-01-07 10:52 - 2018-01-01 09:38 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\keyiso.dll
    2018-01-07 10:52 - 2018-01-01 09:38 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\dot3dlg.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 023683072 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\PhoneProviders.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000723968 _____ (Microsoft Corporation) C:\Windows\system32\NaturalAuth.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000582656 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000434176 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000424960 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000342528 _____ (Microsoft Corporation) C:\Windows\system32\APHostService.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000336384 _____ (Microsoft Corporation) C:\Windows\system32\AppLockerCSP.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000305152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
    2018-01-07 10:52 - 2018-01-01 09:37 - 000250368 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000250368 _____ (Microsoft Corporation) C:\Windows\system32\BrokerLib.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000232960 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000189952 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
    2018-01-07 10:52 - 2018-01-01 09:37 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000626176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000457728 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000388096 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000310784 _____ (Microsoft Corporation) C:\Windows\system32\wifiprofilessettinghandler.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000307712 _____ (Microsoft Corporation) C:\Windows\system32\icsvcext.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2018-01-07 10:52 - 2018-01-01 09:36 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000996864 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000847360 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000741376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
    2018-01-07 10:52 - 2018-01-01 09:35 - 000692736 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000538624 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000422912 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000365568 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000292352 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
    2018-01-07 10:52 - 2018-01-01 09:35 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000973312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000805888 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000752640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000399872 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000239616 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
    2018-01-07 10:52 - 2018-01-01 09:34 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
    2018-01-07 10:52 - 2018-01-01 09:34 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2018-01-07 10:52 - 2018-01-01 09:34 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
    2018-01-07 10:52 - 2018-01-01 09:34 - 000013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
    2018-01-07 10:52 - 2018-01-01 09:33 - 003306496 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000877568 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000583168 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000365568 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
    2018-01-07 10:52 - 2018-01-01 09:33 - 000120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
    2018-01-07 10:52 - 2018-01-01 09:33 - 000027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
    2018-01-07 10:52 - 2018-01-01 09:32 - 002078720 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2018-01-07 10:52 - 2018-01-01 09:32 - 001028608 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
    2018-01-07 10:52 - 2018-01-01 09:32 - 000970752 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2018-01-07 10:52 - 2018-01-01 09:32 - 000922112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2018-01-07 10:52 - 2018-01-01 09:32 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2018-01-07 10:52 - 2018-01-01 09:32 - 000123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2018-01-07 10:52 - 2018-01-01 09:32 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2018-01-07 10:52 - 2018-01-01 09:32 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
    2018-01-07 10:52 - 2018-01-01 09:31 - 008188928 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
    2018-01-07 10:52 - 2018-01-01 09:31 - 007339520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
    2018-01-07 10:52 - 2018-01-01 09:31 - 001736704 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:31 - 001398272 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
    2018-01-07 10:52 - 2018-01-01 09:31 - 001355264 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
    2018-01-07 10:52 - 2018-01-01 09:31 - 000266240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 012803584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 004719104 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 003206656 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 000706560 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
    2018-01-07 10:52 - 2018-01-01 09:30 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 000397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 000397312 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
    2018-01-07 10:52 - 2018-01-01 09:30 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 002426368 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 001583616 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000877568 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000755200 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000272384 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
    2018-01-07 10:52 - 2018-01-01 09:29 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2018-01-07 10:52 - 2018-01-01 09:28 - 001802752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2018-01-07 10:52 - 2018-01-01 09:28 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2018-01-07 10:52 - 2018-01-01 09:27 - 006249472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
    2018-01-07 10:52 - 2018-01-01 09:26 - 011888640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2018-01-07 10:52 - 2018-01-01 09:26 - 000722944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
    2018-01-07 10:52 - 2018-01-01 09:26 - 000502272 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
    2018-01-07 10:52 - 2018-01-01 09:25 - 002010112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2018-01-07 10:52 - 2018-01-01 09:25 - 000824832 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
    2018-01-07 10:52 - 2018-01-01 09:25 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll
    2018-01-07 10:52 - 2018-01-01 09:25 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys
    2018-01-07 10:52 - 2018-01-01 09:24 - 001463296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2018-01-07 10:52 - 2018-01-01 09:24 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
    2018-01-07 10:52 - 2018-01-01 09:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\wscproxystub.dll
    2018-01-07 10:52 - 2018-01-01 09:23 - 000239616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
    2018-01-07 10:52 - 2018-01-01 09:23 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
    2018-01-07 10:52 - 2018-01-01 09:23 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
    2018-01-07 10:52 - 2018-01-01 09:23 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\fdPnp.dll
    2018-01-07 10:52 - 2018-01-01 09:23 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
    2018-01-07 10:52 - 2018-01-01 09:23 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
    2018-01-07 10:52 - 2018-01-01 09:23 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
    2018-01-07 10:52 - 2018-01-01 09:23 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\fdWNet.dll
    2018-01-07 10:52 - 2018-01-01 09:23 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\wmiprop.dll
    2018-01-07 10:52 - 2018-01-01 09:23 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys
    2018-01-07 10:52 - 2018-01-01 09:18 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
    2018-01-05 10:52 - 2018-01-10 11:59 - 000000000 ____D C:\Users\Home\Desktop\chap 2
    2018-01-04 21:18 - 2018-01-04 21:18 - 000142783 _____ C:\Users\Home\Desktop\4D, 5D, 6D Forecast table.pdf
    2018-01-03 15:42 - 2018-01-03 15:42 - 000000000 ____D C:\Users\Home\AppData\Local\VirtualStore
    2018-01-03 14:56 - 2018-01-07 10:06 - 000000000 ____D C:\Users\Home\AppData\Roaming\Syncios Data Transfer
    2018-01-03 14:56 - 2018-01-03 14:56 - 000000000 ____D C:\Users\Home\Documents\Syncios Data Transfer
    2018-01-03 14:56 - 2018-01-03 14:56 - 000000000 ____D C:\Users\Home\.android
    2018-01-03 14:53 - 2018-01-14 20:30 - 000001332 _____ C:\Users\Home\Desktop\Syncios Data Transfer.lnk
    2018-01-03 14:53 - 2018-01-03 14:53 - 000000000 ____D C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Syncios
    2018-01-03 14:53 - 2018-01-03 14:53 - 000000000 ____D C:\Program Files (x86)\AnvSoft
    2018-01-03 14:46 - 2018-01-03 14:46 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
    2018-01-03 14:46 - 2018-01-03 14:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2018-01-03 14:46 - 2018-01-03 14:46 - 000000000 ____D C:\Program Files\iTunes
    2018-01-03 14:46 - 2018-01-03 14:46 - 000000000 ____D C:\Program Files\iPod
    2018-01-03 14:45 - 2018-01-03 14:45 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
    2018-01-03 14:45 - 2018-01-03 14:45 - 000000000 ____D C:\Windows\System32\Tasks\Apple
    2018-01-03 14:45 - 2018-01-03 14:45 - 000000000 ____D C:\Users\Home\AppData\Local\Apple
    2018-01-03 14:45 - 2018-01-03 14:45 - 000000000 ____D C:\Program Files\Common Files\Apple
    2018-01-03 14:45 - 2018-01-03 14:45 - 000000000 ____D C:\Program Files\Bonjour
    2018-01-03 14:45 - 2018-01-03 14:45 - 000000000 ____D C:\Program Files (x86)\Bonjour
    2018-01-03 14:45 - 2018-01-03 14:45 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
    2018-01-03 10:00 - 2018-01-07 09:32 - 000000000 ____D C:\Users\Home\Desktop\exam
    2018-01-03 09:34 - 2018-01-14 14:20 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
    2018-01-03 09:31 - 2018-01-03 09:31 - 000076484 _____ C:\Users\Home\Desktop\0061066798_MGT5000_Coversheet
    2018-01-03 09:26 - 2018-01-03 09:26 - 000009774 _____ C:\Users\Home\Desktop\USQ Transcirpts score.pdf
    2018-01-02 10:49 - 2018-01-02 10:49 - 000185428 _____ C:\Users\Home\Desktop\AIS Form v21.pdf
    2018-01-02 10:49 - 2018-01-02 10:49 - 000000000 ____D C:\Users\Home\AppData\Local\CEF
    2017-12-31 16:45 - 2017-12-31 16:45 - 000000279 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin (2).lnk
    2017-12-30 17:03 - 2017-12-30 17:03 - 000000000 ____D C:\ProgramData\VS Revo Group
    2017-12-29 14:57 - 2017-12-29 14:57 - 000000000 ____D C:\Program Files\Reference Assemblies
    2017-12-29 14:57 - 2017-12-29 14:57 - 000000000 ____D C:\Program Files\MSBuild
    2017-12-29 14:57 - 2017-12-29 14:57 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
    2017-12-29 14:57 - 2017-12-29 14:57 - 000000000 ____D C:\Program Files (x86)\MSBuild
    2017-12-29 14:55 - 2017-02-10 11:26 - 001166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
    2017-12-29 14:55 - 2017-02-10 11:26 - 000124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2017-12-29 14:55 - 2017-02-10 11:26 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
    2017-12-29 14:55 - 2017-02-10 11:21 - 000778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
    2017-12-29 14:55 - 2017-02-10 11:21 - 000103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
    2017-12-29 14:55 - 2017-02-10 11:21 - 000035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
    2017-12-27 21:59 - 2017-12-27 21:59 - 000000000 __SHD C:\ProgramData\ms-drivers
    2017-12-27 21:59 - 2017-12-27 21:59 - 000000000 __SHD C:\ProgramData\icsxml
    2017-12-27 21:55 - 2017-12-27 22:01 - 000000000 ____D C:\Users\Home\AppData\Local\MetaGeek,_LLC
    2017-12-27 21:55 - 2017-12-27 21:55 - 000000000 __SHD C:\Users\Home\AppData\Local\icsxml
    2017-12-27 21:54 - 2017-12-27 21:54 - 000000000 __SHD C:\Users\Home\AppData\Local\ms-drivers
    2017-12-27 21:54 - 2017-12-27 21:54 - 000000000 __SHD C:\ProgramData\DIBsection
    2017-12-27 21:54 - 2017-12-27 21:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
    2017-12-27 21:54 - 2017-12-27 21:54 - 000000000 ____D C:\Program Files (x86)\MetaGeek
    2017-12-27 09:07 - 2017-12-27 09:07 - 000000000 ___SD C:\Windows\UpdateAssistantV2
    2017-12-26 21:16 - 2017-12-26 21:16 - 000000371 _____ C:\Users\Home\Desktop\job report.txt
    2017-12-26 12:09 - 2018-01-07 09:37 - 000000000 ____D C:\Users\Home\Desktop\job files important documents
    2017-12-26 10:31 - 2017-12-26 10:31 - 000000279 _____ C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
    2017-12-26 10:20 - 2017-12-26 10:20 - 000000000 ____D C:\Users\Home\Tracing
    2017-12-25 08:44 - 2017-11-30 10:58 - 006763128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2017-12-25 08:44 - 2017-11-30 10:57 - 001123968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
    2017-12-25 08:44 - 2017-11-30 10:43 - 000095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
    2017-12-25 08:44 - 2017-11-30 10:43 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2017-12-25 08:44 - 2017-11-30 10:42 - 000148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
    2017-12-25 08:44 - 2017-11-30 10:42 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscript.ocx
    2017-12-25 08:44 - 2017-11-30 10:41 - 000146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
    2017-12-25 08:44 - 2017-11-30 10:40 - 000528384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
    2017-12-25 08:44 - 2017-11-30 10:40 - 000206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
    2017-12-25 08:44 - 2017-11-30 10:40 - 000143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
    2017-12-25 08:44 - 2017-11-30 10:38 - 001248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
    2017-12-25 08:44 - 2017-11-30 10:38 - 000636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
    2017-12-25 08:44 - 2017-11-30 10:36 - 001019904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
    2017-12-25 08:44 - 2017-11-30 10:34 - 004559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
    2017-12-25 08:44 - 2017-11-17 17:31 - 000223640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
    2017-12-25 08:44 - 2017-11-02 13:04 - 001292360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
    2017-12-25 08:44 - 2017-11-02 12:49 - 001838848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2017-12-25 08:44 - 2017-11-02 12:45 - 000613136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
    2017-12-25 08:44 - 2017-11-02 12:45 - 000362144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
    2017-12-25 08:44 - 2017-11-02 12:45 - 000354360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
    2017-12-25 08:44 - 2017-11-02 12:45 - 000283544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
    2017-12-25 08:44 - 2017-11-02 12:45 - 000172952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
    2017-12-25 08:44 - 2017-11-02 12:45 - 000133896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
    2017-12-25 08:44 - 2017-11-02 12:44 - 005808640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
    2017-12-25 08:44 - 2017-11-02 12:44 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
    2017-12-25 08:44 - 2017-11-02 12:30 - 000407040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
    2017-12-25 08:44 - 2017-11-02 12:30 - 000155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
    2017-12-25 08:44 - 2017-11-02 12:27 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
    2017-12-25 08:44 - 2017-11-02 12:27 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertPKICmdlet.dll
    2017-12-25 08:44 - 2017-11-02 12:26 - 002671616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
    2017-12-25 08:44 - 2017-11-02 12:26 - 000371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
    2017-12-25 08:44 - 2017-11-02 12:26 - 000068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll
    2017-12-25 08:44 - 2017-11-02 12:25 - 012227072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
    2017-12-25 08:44 - 2017-11-02 12:24 - 007598080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
    2017-12-25 08:44 - 2017-11-02 12:24 - 000463872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
    2017-12-25 08:44 - 2017-11-02 12:24 - 000444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Launcher.dll
    2017-12-25 08:44 - 2017-11-02 12:23 - 000680960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
    2017-12-25 08:44 - 2017-11-02 12:23 - 000590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
    2017-12-25 08:44 - 2017-11-02 12:23 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
    2017-12-25 08:44 - 2017-11-02 12:22 - 001884160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
    2017-12-25 08:44 - 2017-11-02 12:22 - 001494528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
    2017-12-25 08:44 - 2017-11-02 12:21 - 004417024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
    2017-12-25 08:44 - 2017-11-02 12:21 - 000787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
    2017-12-25 08:44 - 2017-10-25 15:40 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
    2017-12-25 08:44 - 2017-10-15 23:09 - 002259760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
    2017-12-25 08:44 - 2017-10-15 23:01 - 000583160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
    2017-12-25 08:44 - 2017-10-15 22:51 - 000584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
    2017-12-25 08:44 - 2017-10-15 22:49 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
    2017-12-25 08:44 - 2017-10-15 22:45 - 001292288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
    2017-12-25 08:44 - 2017-10-15 22:44 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
    2017-12-25 08:44 - 2017-10-15 22:42 - 005225984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
    2017-12-25 08:44 - 2017-10-15 22:42 - 003667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
    2017-12-25 08:44 - 2017-10-15 22:38 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
    2017-12-25 08:41 - 2017-11-30 11:23 - 007910960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
    2017-12-25 08:41 - 2017-11-30 10:45 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
    2017-12-25 08:41 - 2017-11-30 10:44 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
    2017-12-25 08:41 - 2017-11-30 10:42 - 001878016 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
    2017-12-25 08:41 - 2017-11-30 10:37 - 001293824 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
    2017-12-25 08:41 - 2017-11-30 10:36 - 005557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
    2017-12-25 08:41 - 2017-11-17 16:59 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2017-12-25 08:41 - 2017-11-02 13:20 - 000469568 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2017-12-25 08:41 - 2017-11-02 13:13 - 001345600 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
    2017-12-25 08:41 - 2017-11-02 13:13 - 000095640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
    2017-12-25 08:41 - 2017-11-02 13:12 - 000026472 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2017-12-25 08:41 - 2017-11-02 12:37 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
    2017-12-25 08:41 - 2017-11-02 12:35 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
    2017-12-25 08:41 - 2017-11-02 12:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
    2017-12-25 08:41 - 2017-11-02 12:35 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2017-12-25 08:41 - 2017-11-02 12:34 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\SharedPCCSP.dll
    2017-12-25 08:41 - 2017-11-02 12:34 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
    2017-12-25 08:41 - 2017-11-02 12:34 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2017-12-25 08:41 - 2017-11-02 12:34 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wuautoappupdate.dll
    2017-12-25 08:41 - 2017-11-02 12:33 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\CertPKICmdlet.dll
    2017-12-25 08:41 - 2017-11-02 12:32 - 008213504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
    2017-12-25 08:41 - 2017-11-02 12:32 - 000255488 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
    2017-12-25 08:41 - 2017-11-02 12:32 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Storage.dll
    2017-12-25 08:41 - 2017-11-02 12:30 - 000601088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Launcher.dll
    2017-12-25 08:41 - 2017-11-02 12:30 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
    2017-12-25 08:41 - 2017-11-02 12:29 - 000415232 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
    2017-12-25 08:41 - 2017-11-02 12:27 - 000565248 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll
    2017-12-25 08:41 - 2017-11-02 12:27 - 000537600 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
    2017-12-25 08:41 - 2017-11-02 12:26 - 001937408 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
    2017-12-25 08:41 - 2017-11-02 12:26 - 000986624 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2017-12-25 08:41 - 2017-11-02 12:25 - 003377664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
    2017-12-25 08:41 - 2017-11-02 12:25 - 002052608 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
    2017-12-25 08:41 - 2017-11-02 12:23 - 002449408 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2017-12-25 08:41 - 2017-11-02 12:23 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
    2017-12-25 08:41 - 2017-10-15 22:15 - 000584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
    2017-12-25 08:41 - 2017-10-15 22:08 - 001260544 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
    2017-12-25 08:41 - 2017-10-15 22:00 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
    2017-12-25 08:40 - 2017-11-30 11:33 - 000038808 _____ (Microsoft Corporation) C:\Windows\system32\OOBEUpdater.exe
    2017-12-25 08:40 - 2017-11-30 11:23 - 001194248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
    2017-12-25 08:40 - 2017-11-30 10:45 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2017-12-25 08:40 - 2017-11-30 10:44 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
    2017-12-25 08:40 - 2017-11-30 10:43 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
    2017-12-25 08:40 - 2017-11-30 10:42 - 000560640 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
    2017-12-25 08:40 - 2017-11-30 10:42 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
    2017-12-25 08:40 - 2017-11-30 10:41 - 000527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
    2017-12-25 08:40 - 2017-11-30 10:41 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
    2017-12-25 08:40 - 2017-11-30 10:41 - 000222208 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
    2017-12-25 08:40 - 2017-11-30 10:39 - 000925696 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
    2017-12-25 08:40 - 2017-11-17 17:46 - 000678808 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2017-12-25 08:40 - 2017-11-17 17:46 - 000484248 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
    2017-12-25 08:40 - 2017-11-17 17:46 - 000136088 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
    2017-12-25 08:40 - 2017-11-17 17:46 - 000034712 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
    2017-12-25 08:40 - 2017-11-17 17:39 - 005477088 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
    2017-12-25 08:40 - 2017-11-17 16:56 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
    2017-12-25 08:40 - 2017-11-02 13:16 - 002398696 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2017-12-25 08:40 - 2017-11-02 13:13 - 002443672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
    2017-12-25 08:40 - 2017-11-02 13:12 - 000727336 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
    2017-12-25 08:40 - 2017-11-02 13:12 - 000412752 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
    2017-12-25 08:40 - 2017-11-02 13:12 - 000319384 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
    2017-12-25 08:40 - 2017-11-02 13:12 - 000144248 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
    2017-12-25 08:40 - 2017-11-02 13:12 - 000038808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
    2017-12-25 08:40 - 2017-11-02 13:10 - 006557520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
    2017-12-25 08:40 - 2017-11-02 13:05 - 000187800 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
    2017-12-25 08:40 - 2017-11-02 12:37 - 001278976 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
    2017-12-25 08:40 - 2017-11-02 12:37 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
    2017-12-25 08:40 - 2017-11-02 12:37 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
    2017-12-25 08:40 - 2017-11-02 12:36 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
    2017-12-25 08:40 - 2017-11-02 12:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpstorport.sys
    2017-12-25 08:40 - 2017-11-02 12:34 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\DataUsageLiveTileTask.exe
    2017-12-25 08:40 - 2017-11-02 12:33 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\DataUsageHandlers.dll
    2017-12-25 08:40 - 2017-11-02 12:33 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\OnDemandConnRouteHelper.dll
    2017-12-25 08:40 - 2017-11-02 12:31 - 000411648 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2017-12-25 08:40 - 2017-11-02 12:31 - 000153088 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
    2017-12-25 08:40 - 2017-11-02 12:30 - 013381120 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
    2017-12-25 08:40 - 2017-11-02 12:30 - 000719872 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
    2017-12-25 08:40 - 2017-11-02 12:30 - 000635392 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
    2017-12-25 08:40 - 2017-11-02 12:30 - 000165888 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
    2017-12-25 08:40 - 2017-11-02 12:28 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
    2017-12-25 08:40 - 2017-11-02 12:27 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
    2017-12-25 08:40 - 2017-11-02 12:26 - 004445696 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
    2017-12-25 08:40 - 2017-11-02 12:26 - 003060224 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
    2017-12-25 08:40 - 2017-11-02 12:25 - 001713664 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
    2017-12-25 08:40 - 2017-11-02 12:24 - 004707840 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
    2017-12-25 08:40 - 2017-11-02 12:19 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
    2017-12-25 08:40 - 2017-10-15 22:57 - 000712600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
    2017-12-25 08:40 - 2017-10-15 22:57 - 000409496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
    2017-12-25 08:40 - 2017-10-15 22:53 - 002969880 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
    2017-12-25 08:40 - 2017-10-15 22:53 - 000387928 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
    2017-12-25 08:40 - 2017-10-15 22:49 - 000094616 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2017-12-25 08:40 - 2017-10-15 22:14 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\SEMgrPS.dll
    2017-12-25 08:40 - 2017-10-15 22:13 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
    2017-12-25 08:40 - 2017-10-15 22:10 - 001303040 _____ (Microsoft Corporation) C:\Windows\system32\MSVPXENC.dll
    2017-12-25 08:40 - 2017-10-15 22:05 - 004396032 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
    2017-12-25 08:40 - 2017-10-15 22:02 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\LocationFrameworkInternalPS.dll
    2017-12-25 08:39 - 2017-11-30 10:39 - 002809344 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 002032536 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2017-12-25 08:39 - 2017-11-17 17:46 - 001578904 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 000613784 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 000612248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 000379288 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 000259992 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 000190360 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2017-12-25 08:39 - 2017-11-17 17:46 - 000067992 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
    2017-12-25 08:39 - 2017-11-02 13:14 - 000667040 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
    2017-12-25 08:39 - 2017-11-02 13:13 - 000212888 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
    2017-12-25 08:39 - 2017-11-02 13:12 - 000654976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
    2017-12-25 08:39 - 2017-11-02 13:12 - 000430848 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
    2017-12-25 08:39 - 2017-11-02 12:33 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
    2017-12-25 08:39 - 2017-11-02 12:28 - 001468416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
    2017-12-25 08:39 - 2017-11-02 12:28 - 000939008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
    2017-12-25 08:39 - 2017-11-02 12:25 - 001886208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
    2017-12-25 08:39 - 2017-10-15 22:59 - 000923040 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
    2017-12-25 08:39 - 2017-10-15 22:56 - 000872464 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
    2017-12-25 08:39 - 2017-10-15 22:08 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
    2017-12-25 00:59 - 2017-12-25 00:59 - 000000043 _____ C:\Users\Home\AppData\Roaming\WB.CFG
    2017-12-24 18:03 - 2017-12-24 18:03 - 000012214 _____ C:\Users\Home\Desktop\ideas.txt
    2017-12-24 14:21 - 2018-01-14 20:30 - 000001313 _____ C:\Users\Home\Desktop\resmon.lnk
    2017-12-24 13:55 - 2017-12-24 13:55 - 000001400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
    2017-12-24 13:54 - 2017-12-24 13:55 - 000000000 ____D C:\ProgramData\PlugCache
    2017-12-24 13:54 - 2017-12-24 13:54 - 000000000 ____D C:\Users\Home\AppData\Local\DBG
    2017-12-24 13:44 - 2017-12-24 13:44 - 000000000 ____D C:\Users\Home\AppData\Local\ElevatedDiagnostics
    2017-12-24 09:22 - 2018-01-14 12:47 - 000328320 _____ C:\Windows\system32\FNTCACHE.DAT
    2017-12-24 09:01 - 2017-12-24 09:01 - 000000000 _____ C:\Windows\SysWOW64\last.dump
    2017-12-24 08:54 - 2017-12-24 08:54 - 000000000 ____D C:\Program Files\Common Files\Avast Software
    2017-12-24 08:53 - 2017-12-24 08:53 - 000061304 _____ () C:\Windows\system32\Drivers\lpsport.sys
    2017-12-24 08:21 - 2017-12-24 08:21 - 000000000 ____D C:\Users\Home\AppData\Local\NVIDIA Corporation
    2017-12-24 00:47 - 2017-12-24 00:47 - 000000000 ____D C:\Program Files\AVAST Software
    2017-12-24 00:46 - 2017-12-24 08:52 - 000000000 ____D C:\ProgramData\AVAST Software
    2017-12-24 00:35 - 2017-12-24 00:35 - 000000000 ____D C:\Users\Home\AppData\Local\Intel
    2017-12-24 00:34 - 2017-12-24 00:34 - 000000000 ____D C:\ProgramData\Intel
    2017-12-24 00:31 - 2017-12-24 00:31 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
    2017-12-24 00:31 - 2017-12-24 00:31 - 000000000 ____D C:\Program Files\Waves
    2017-12-24 00:25 - 2017-12-24 00:25 - 000002446 _____ C:\Users\Home\Desktop\driver udpaet.txt
    2017-12-23 23:41 - 2017-12-23 23:41 - 000000000 ____D C:\Users\Home\Documents\System Report
    2017-12-23 23:38 - 2017-12-23 23:44 - 000000000 ____D C:\Users\Home\AppData\Roaming\FreshDiagnose
    2017-12-23 22:08 - 2017-12-23 22:08 - 000000000 ____D C:\Users\Home\Desktop\New Folder (2)
    2017-12-22 16:23 - 2017-06-28 04:55 - 000191648 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaLPSS2_I2C.sys
    2017-12-22 16:23 - 2017-06-28 04:55 - 000098976 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaLPSS2_GPIO2.sys
    2017-12-22 16:23 - 2017-05-08 19:39 - 001730296 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
    2017-12-22 16:23 - 2017-05-08 19:39 - 000038480 _____ (Intel Corporation) C:\Windows\system32\Drivers\ICCWDT.sys
    2017-12-22 16:21 - 2017-10-17 00:08 - 000906240 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
    2017-12-22 16:13 - 2017-12-16 08:23 - 040237456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 036350960 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 035157488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 029381936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 023267096 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 019040512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 013867656 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 013255032 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 011781912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 010883744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 004202992 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 003817584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 003615032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001990128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438871.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001674736 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438871.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001321448 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001135464 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001101104 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001038496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 001032688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000980880 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000933360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000885680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000794392 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000634224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000616240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
    2017-12-22 16:13 - 2017-12-16 08:23 - 000506864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
    2017-12-22 16:12 - 2017-12-16 08:23 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
    2017-12-22 16:12 - 2017-12-16 08:23 - 000000669 _____ C:\Windows\system32\nv-vk64.json
    2017-12-22 16:05 - 2017-12-14 03:52 - 003677120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
    2017-12-22 16:05 - 2017-12-13 23:08 - 015292305 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
    2017-12-22 16:04 - 2017-12-14 03:55 - 000343672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
    2017-12-22 16:04 - 2017-12-14 03:54 - 003509168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
    2017-12-22 16:04 - 2017-12-14 03:54 - 001353288 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
    2017-12-22 16:04 - 2017-12-14 03:54 - 000691640 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
    2017-12-22 16:04 - 2017-12-14 03:53 - 024910440 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioCapture64.dll
    2017-12-22 16:04 - 2017-12-14 03:53 - 024034024 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRenderAVX64.dll
    2017-12-22 16:04 - 2017-12-14 03:52 - 003786672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioMeters64.exe
    2017-12-22 16:04 - 2017-12-14 03:52 - 003205568 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
    2017-12-22 16:04 - 2017-12-14 03:52 - 002922944 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
    2017-12-22 15:37 - 2017-10-30 04:06 - 013334260 _____ C:\Windows\system32\Drivers\Netwfw04.dat
    2017-12-22 15:24 - 2017-12-11 06:49 - 001132760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsMFT0.dll
    2017-12-22 15:24 - 2017-12-11 06:48 - 002650328 _____ (Realtek Semiconductor Corp.) C:\Windows\RtCamU64.exe
    2017-12-22 15:24 - 2017-12-11 06:48 - 001980632 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsDecode.dll
    2017-12-22 15:24 - 2017-12-11 06:48 - 000666048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtCamP64.dll
    2017-12-22 15:24 - 2017-12-11 06:48 - 000577472 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtCamP.dll

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-01-15 14:22 - 2017-07-13 17:12 - 000000000 ____D C:\Users\Home\AppData\Local\ClassicShell
    2018-01-15 13:42 - 2017-03-18 20:02 - 000000000 ____D C:\Windows\system32\SleepStudy
    2018-01-15 12:48 - 2017-03-18 20:13 - 000000000 ____D C:\Users\Home\AppData\Local\Packages
    2018-01-14 20:30 - 2017-07-15 11:16 - 000001104 _____ C:\Users\Home\Desktop\QuickGamma.lnk
    2018-01-14 19:38 - 2017-07-16 12:34 - 000000000 ____D C:\Users\Home\AppData\Roaming\vlc
    2018-01-14 19:16 - 2017-03-18 20:12 - 000000000 ____D C:\Users\Home
    2018-01-14 14:38 - 2017-03-18 20:13 - 000000000 ____D C:\Users\Home\AppData\Roaming\Adobe
    2018-01-14 12:54 - 2017-03-19 05:01 - 000000000 ____D C:\Windows\INF
    2018-01-14 12:48 - 2017-07-14 03:37 - 000000000 __SHD C:\Users\Home\IntelGraphicsProfiles
    2018-01-14 12:47 - 2017-07-14 03:19 - 000000000 ____D C:\ProgramData\NVIDIA
    2018-01-14 12:47 - 2017-03-18 20:03 - 000000006 ____H C:\Windows\Tasks\SA.DAT
    2018-01-14 12:46 - 2017-03-18 19:40 - 000262144 _____ C:\Windows\system32\config\BBI
    2018-01-14 11:25 - 2017-03-19 05:03 - 000000000 ___HD C:\Program Files\WindowsApps
    2018-01-14 11:25 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\AppReadiness
    2018-01-10 15:50 - 2017-03-19 04:51 - 000000000 ____D C:\Windows\CbsTemp
    2018-01-10 14:13 - 2017-09-07 20:05 - 000000000 ____D C:\ProgramData\Oracle
    2018-01-10 14:10 - 2017-09-07 20:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2018-01-10 14:10 - 2017-09-07 20:05 - 000000000 ____D C:\Program Files (x86)\Java
    2018-01-10 14:06 - 2017-09-07 20:06 - 000097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2018-01-10 12:41 - 2017-07-13 17:33 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2018-01-10 12:41 - 2017-03-19 05:03 - 000000000 ____D C:\Program Files\IP Address Messenger
    2018-01-10 12:35 - 2017-03-18 20:11 - 001722872 _____ C:\Windows\system32\PerfStringBackup.INI
    2018-01-10 12:14 - 2017-03-19 05:03 - 000000000 ___HD C:\Windows\system32\GroupPolicy
    2018-01-09 21:08 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\rescache
    2018-01-09 19:19 - 2017-03-18 20:13 - 000000000 __RHD C:\Users\Public\AccountPictures
    2018-01-09 19:12 - 2017-03-19 05:03 - 000000000 ___SD C:\Windows\SysWOW64\F12
    2018-01-09 19:12 - 2017-03-19 05:03 - 000000000 ___SD C:\Windows\system32\F12
    2018-01-09 19:12 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\system32\en-GB
    2018-01-09 18:35 - 2017-07-14 22:54 - 000000000 ____D C:\ProgramData\Skype
    2018-01-09 18:30 - 2017-07-26 18:34 - 000000000 ____D C:\Users\Home\Documents\PlagiarismCheckerX
    2018-01-09 18:04 - 2017-07-14 03:25 - 000000000 ____D C:\Users\Home\AppData\Roaming\Skype
    2018-01-08 08:22 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\system32\NDF
    2018-01-05 09:32 - 2017-07-14 03:37 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
    2018-01-05 09:32 - 2017-07-14 03:20 - 000000000 ____D C:\Program Files (x86)\VulkanRT
    2018-01-04 15:25 - 2017-07-14 05:46 - 000000000 ____D C:\Users\Home\AppData\LocalLow\uTorrent
    2018-01-04 15:25 - 2017-07-14 05:45 - 000000000 ____D C:\Users\Home\AppData\Roaming\uTorrent
    2018-01-03 15:50 - 2017-07-14 06:09 - 000007582 _____ C:\Users\Home\AppData\Local\Resmon.ResmonCfg
    2018-01-03 15:31 - 2017-07-29 16:21 - 000000000 ____D C:\Users\Home\AppData\Roaming\TeamViewer
    2018-01-03 14:44 - 2017-08-02 21:52 - 000000000 ____D C:\ProgramData\Apple
    2018-01-03 09:37 - 2017-07-13 18:02 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
    2018-01-03 09:37 - 2017-07-13 18:02 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
    2017-12-31 16:39 - 2017-08-18 12:53 - 000000000 ____D C:\Users\Home\Desktop\movies
    2017-12-31 16:39 - 2017-07-21 13:23 - 000000000 ____D C:\Users\Home\Desktop\[backup] edit pics
    2017-12-31 16:32 - 2017-08-03 17:53 - 000000000 ____D C:\Users\Home\Desktop\resume
    2017-12-31 15:26 - 2017-07-14 03:34 - 000000000 ____D C:\Users\Home\Documents\Dell Downloads
    2017-12-29 15:00 - 2017-07-14 03:30 - 000000000 ____D C:\Users\Home\AppData\Local\Deployment
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\SysWOW64\en-GB
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\system32\oobe
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\system32\appraiser
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\ShellExperiences
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\Provisioning
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
    2017-12-27 09:07 - 2017-03-19 05:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
    2017-12-25 08:24 - 2017-07-14 03:38 - 000000000 ____D C:\ProgramData\Package Cache
    2017-12-25 08:24 - 2017-07-14 03:37 - 000000000 ____D C:\Program Files\Intel
    2017-12-24 12:21 - 2017-03-19 05:03 - 000000000 ____D C:\Windows\LiveKernelReports
    2017-12-24 09:43 - 2017-07-14 09:17 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
    2017-12-24 09:43 - 2017-07-14 09:17 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
    2017-12-24 09:43 - 2017-07-14 09:17 - 000002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
    2017-12-24 09:43 - 2017-07-14 09:17 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
    2017-12-24 09:20 - 2017-07-13 18:13 - 000000000 ____D C:\Windows\Minidump
    2017-12-24 09:19 - 2017-07-21 23:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
    2017-12-24 09:10 - 2017-07-29 16:21 - 000000000 ____D C:\Program Files (x86)\TeamViewer
    2017-12-24 08:21 - 2017-08-02 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
    2017-12-24 08:21 - 2017-08-02 21:36 - 000000000 ____D C:\Program Files (x86)\Wondershare
    2017-12-24 08:20 - 2017-07-22 16:50 - 000000000 ____D C:\Users\Home\AppData\Roaming\Opera Software
    2017-12-24 08:15 - 2017-03-18 20:13 - 000000000 ____D C:\Users\Home\AppData\Local\ConnectedDevicesPlatform
    2017-12-24 00:41 - 2017-07-14 03:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2017-12-24 00:41 - 2017-07-14 03:18 - 000000000 ____D C:\Program Files\NVIDIA Corporation
    2017-12-24 00:39 - 2017-07-14 03:18 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
    2017-12-24 00:32 - 2017-07-14 03:34 - 000000000 ____D C:\Windows\system32\RTCOM
    2017-12-24 00:32 - 2017-07-14 03:33 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
    2017-12-24 00:30 - 2017-07-14 03:33 - 000110423 _____ C:\Windows\system32\Drivers\rtkhdasetting.zip
    2017-12-24 00:01 - 2017-07-14 04:05 - 000000000 ____D C:\Windows\system32\MRT
    2017-12-23 23:58 - 2017-10-15 16:39 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
    2017-12-23 23:58 - 2017-07-14 04:04 - 133326408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2017-12-23 23:56 - 2017-07-14 03:36 - 000000000 ____D C:\Intel
    2017-12-21 12:35 - 2017-10-22 17:41 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2017-12-21 12:35 - 2017-10-22 17:41 - 000177648 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2017-12-19 21:18 - 2017-12-10 19:13 - 000000000 ____D C:\Users\Home\Desktop\mba files
    2017-12-16 08:23 - 2017-07-14 03:17 - 000048442 _____ C:\Windows\system32\nvinfo.pb
    2017-12-16 08:23 - 2017-07-14 03:13 - 004485376 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
    2017-12-16 07:15 - 2017-07-14 03:19 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
    2017-12-16 06:34 - 2017-07-14 03:19 - 005964688 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
    2017-12-16 06:34 - 2017-07-14 03:19 - 002589168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
    2017-12-16 06:34 - 2017-07-14 03:19 - 001767408 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
    2017-12-16 06:34 - 2017-07-14 03:19 - 000608056 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
    2017-12-16 06:34 - 2017-07-14 03:19 - 000450544 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
    2017-12-16 06:34 - 2017-07-14 03:19 - 000123704 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
    2017-12-16 06:34 - 2017-07-14 03:19 - 000082928 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll

    ==================== Files in the root of some directories =======

    2017-12-25 00:59 - 2017-12-25 00:59 - 000000043 _____ () C:\Users\Home\AppData\Roaming\WB.CFG
    2017-07-14 19:46 - 2017-07-14 19:46 - 331479536 _____ () C:\Users\Home\AppData\Local\ACCCx4_1_1_202.zip.aamdownload
    2017-07-14 19:46 - 2017-07-14 19:46 - 000003693 _____ () C:\Users\Home\AppData\Local\ACCCx4_1_1_202.zip.aamdownload.aamd
    2018-01-10 12:16 - 2018-01-10 12:16 - 000140800 _____ () C:\Users\Home\AppData\Local\installer.dat
    2017-07-14 06:09 - 2018-01-03 15:50 - 000007582 _____ () C:\Users\Home\AppData\Local\Resmon.ResmonCfg
    2017-07-25 12:45 - 2017-07-25 12:45 - 000000358 _____ () C:\Users\Home\AppData\Local\winconf.pxt

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2018-01-14 20:41

    ==================== End of FRST.txt ============================