1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

In Progress Identity Fraud: Security concerns regarding PC

Discussion in 'Virus & Other Malware Removal' started by migolfergirl, May 29, 2019.

Advertisement
  1. migolfergirl

    migolfergirl Thread Starter

    Joined:
    Oct 17, 2006
    Messages:
    171
    Hello. I have had some identity fraud to deal with this week. According to the banking security/fraud teams I've been working with, my entire SSN is out there. And every bank we do business with was attacked by a group using my personal information.

    A couple of the bank fraud groups asked me to make sure my computer is secure. Shoot! I have no idea how do find that out. Is there anyone that can take a look and see if I have deficiencies? Do I need to run a malware scan?

    I'm sorry... I sound clueless, and I probably am. I'm upset, confused and want to make sure if they are getting information directly via my computer or wifi system that I fix it so that cannot happen. I've got all sorts of stuff set up via the banks and all our accounts are locked down to the extent we can protect them. And the credit reporting companies have been contacted and the accounts are frozen.

    Thank you for any help or advice you might be able to offer. I'm in way over my head. :-/

    Here is the info on my system:

    Tech Support Guy System Info Utility version 1.0.0.4
    OS Version: Microsoft Windows 10 Pro, 64 bit
    Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz, Intel64 Family 6 Model 60 Stepping 3
    Processor Count: 4
    RAM: 8143 Mb
    Graphics Card: NVIDIA GeForce GT 720, 1024 Mb
    Hard Drives: C: 445 GB (239 GB Free); D: 931 GB (931 GB Free);
    Motherboard: Dell Inc., 0KWVT8
    Antivirus: Windows Defender, Enabled and Updated
     
  2. DaveA

    DaveA Trusted Advisor Spam Fighter

    Joined:
    Nov 16, 1999
    Messages:
    15,908
    First Name:
    David
    How did you get in contact with these " banking security/fraud teams I've been working with"?
     
  3. migolfergirl

    migolfergirl Thread Starter

    Joined:
    Oct 17, 2006
    Messages:
    171
    Hi! I got a voicemail and emails to please call... That fraud had been detected on my account. I called the main contact number for the bank and got him verified, and then got the call forwarded to him. With our new main account, I called the main phone number and asked to be connected to the fraud department. The fraud people went back to voice recordings and verified to me that they had my full social security number.
     
  4. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    79,262
    First Name:
    Frank
    Did you call the phone numbers that were given to you in those emails and voice messages, or did you call the actual phone numbers of your banks?

    ---------------------------------------------------------------
     
    Last edited: May 30, 2019
  5. migolfergirl

    migolfergirl Thread Starter

    Joined:
    Oct 17, 2006
    Messages:
    171
    The genuine, bonafide, bank numbers.
     
  6. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    112,952
    Unfortunately, this goes beyond the scope of the assistance we can provide here. We could never guarantee that the system is 100% secure. The only thing I would suggest is to have an expert technician back up anything important and reinstall Windows and then change all passwords. Now that your SSN is out there's not much you can do to prevent its use short of having it cancelled and replaced by another one. Also place fraud watches on all of your accounts, credit cards, etc. as it seems you already have and have the credit score companies watch for suspicious activity as well. I assume you've contacted the police as well as other bodies of authority. See this link for tips on how to handle identity theft:

    https://www.usa.gov/identity-theft#item-208988
     
  7. migolfergirl

    migolfergirl Thread Starter

    Joined:
    Oct 17, 2006
    Messages:
    171
    Yep. Done and done. The police officer that came to take the police report told me that this type of fraud is rampant.

    Can I move this to the malware side and get my machine checked out? I'm not going to have time to get someone in here to help for awhile....

    Best,
     
  8. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    112,952
    You can but, as I said, there can be no guarantee that everything will be detected. For the most part, malware can be cleaned but not in every instance. Also, since we're talking about a serious matter here, a reinstall of Windows is always the preferred method.

    However, I will move this to the Virus & Other Malware Removal for a clean up, as requested.
     
  9. migolfergirl

    migolfergirl Thread Starter

    Joined:
    Oct 17, 2006
    Messages:
    171
    Hi Cookie!

    I have not gotten any help. Could we delete this and let me re-write a beg for someone to take a look and see if they see any evidence of malware, spying, or weaknesses in my system?

    Thank you!

    Deni
     
  10. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    414
    Sorry for the delay.

    Since this is a serious matter my suggestion would be to back up your files and reformat/reinstall Windows.
    As Cookiegal stated, we can't guarantee your computer would be completely, 100% secure and malware free.
     
  11. migolfergirl

    migolfergirl Thread Starter

    Joined:
    Oct 17, 2006
    Messages:
    171
    Hi G3!

    Thank you! If you could take a look here and if you see anything suspicious, I'd sure appreciate it.

    Thank you so much!

    Deni
     
  12. Cookiegal

    Cookiegal Administrator Malware Specialist Coordinator

    Joined:
    Aug 27, 2003
    Messages:
    112,952
    I think we both gave you the best advice possible in this situation.
     
  13. migolfergirl

    migolfergirl Thread Starter

    Joined:
    Oct 17, 2006
    Messages:
    171
    Is it possible for someone to take a look? I'd really like to understand what may have happened here. I do not know if my computer is vulnerable, and it's like to know. Even with a search and scrub, I do understand that I may still need to save files and reinstall Windows. Not exactly sure how I would do that. I had Windows 7 and converted to W10 when MS offered. I don't have the W10 program.

    In any event, I'd really like someone to take a peek and just let me know what they see, what my security deficiencies are and how to make sure I'm not vulnerable IF my PC was attacked.
     
  14. iMacg3

    iMacg3 Malware Specialist

    Joined:
    Nov 3, 2018
    Messages:
    414
    Hi,

    Reformatting/reinstalling Windows would be my recommendation, as this is a serious situation and we can't guarantee your computer is completely clear of malware.

    However, if you would like us to take a look, please do this:

    ---------------------------------------------------
    Farbar Recovery Scan Tool (FRST)
    • Download FRST64 to your Desktop. (for 64 bit systems)
    • Double click Frst64.exe to launch it.
    • FRST will start to run.
      • When the tool opens click Yes to the disclaimer.
      • Press the Scan button.
      • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
      • Please post them in your next reply.
     
  15. migolfergirl

    migolfergirl Thread Starter

    Joined:
    Oct 17, 2006
    Messages:
    171
    Thank you, G3.

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-06-2019 01
    Ran by Deni (administrator) on DESKTOP-BM812G3 (Dell Inc. XPS 8700) (13-06-2019 16:03:44)
    Running from C:\Users\Deni\Downloads
    Loaded Profiles: Deni (Available Profiles: defaultuser0 & Deni)
    Platform: Windows 10 Pro Version 1803 17134.829 (X64) Language: English (United States)
    Default browser: FF
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    () [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
    () [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
    () [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
    (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
    (Creative Home) [File not signed] C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2015 Deluxe\Planner\PLNRnote.exe
    (Dell Inc. -> Dell) C:\Users\Deni\AppData\Local\Apps\2.0\GLZ7R0EP.D41\KYEW3RP7.25X\dell..tion_6d0a76327dca4869_0007.000b_df227eeaae3cac0d\DellSystemDetect.exe
    (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    (Hewlett Packard -> Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Users\Deni\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe
    (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
    (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
    (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe\HxOutlook.exe
    (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe\HxTsr.exe
    (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
    (Microsoft Windows -> ) C:\Windows\System32\Windows.WARP.JITService.exe
    (Microsoft Windows -> ) C:\Windows\System32\Windows.WARP.JITService.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
    (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
    (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8801024 2016-12-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008 2016-12-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795912 2015-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-03-24] (Apple Inc. -> Apple Inc.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
    HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
    HKU\S-1-5-21-2564990741-4111462134-2844926404-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-03-13] (Apple Inc. -> Apple Inc.)
    HKU\S-1-5-21-2564990741-4111462134-2844926404-1001\...\Run: [DellSystemDetect] => C:\Users\Deni\AppData\Local\Apps\2.0\GLZ7R0EP.D41\KYEW3RP7.25X\dell..tion_6d0a76327dca4869_0007.000b_df227eeaae3cac0d\DellSystemDetect.exe [310728 2016-12-17] (Dell Inc. -> Dell)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Planner Reminder.lnk [2018-02-06]
    ShortcutTarget: Event Planner Reminder.lnk -> C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2015 Deluxe\Planner\PLNRnote.exe (Creative Home) [File not signed]
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2019-02-11]
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {02DEB001-ED82-4C91-940D-6B1CE698E389} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: {18E1A8EF-E187-48DF-83EC-6CE663BBA50B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
    Task: {2FFCFCD9-F8B8-48E0-A781-D14487433F5F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {32698EBF-3820-4DBC-89CD-1021B2C07AE8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {3DC47BB0-766C-46CB-B0FD-4D2934D3479E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {3E91B812-5501-4E06-8F1A-67571F21E61F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208 2019-06-11] (Adobe Inc. -> Adobe)
    Task: {4FF52304-FA0D-4BA8-9530-D79D3E9C30E7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
    Task: {5C4B74FF-09E4-44C1-94DA-84C1F83DF942} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-11] (Adobe Inc. -> Adobe)
    Task: {890163E5-7CB2-407B-BD14-3AB1388C3EC6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
    Task: {89EAC8A8-D60B-4F6F-B587-E61FD5675BEF} - System32\Tasks\{6D565B26-F750-4334-80DB-29F54DBDB257} => C:\Windows\system32\pcalua.exe -a I:\setup.exe -d I:\
    Task: {96D30448-3ECC-4CE2-BF57-24CA5B0A50EC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
    Task: {A035B1EB-E49E-4698-B3A2-541E5A3BDD81} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {BDF5C3DF-7232-4A97-8405-632BA8586DBC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{28f6ecf3-f4bc-4c1b-a73d-b61f7b56ee6b}: [DhcpNameServer] 10.108.38.136 10.232.125.180 10.232.127.175 10.232.125.184 10.232.127.177
    Tcpip\..\Interfaces\{dbfafc93-695d-4622-bbb4-1e61396ec232}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-05-04] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2019-05-04] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2018-01-16] (Microsoft Corporation -> Microsoft Corporation)

    FireFox:
    ========
    FF DefaultProfile: a83s0d8i.default-1526436504024
    FF ProfilePath: C:\Users\Deni\AppData\Roaming\Mozilla\Firefox\Profiles\a83s0d8i.default-1526436504024 [2019-06-13]
    FF Extension: (ETP Search Volume Study) - C:\Users\Deni\AppData\Roaming\Mozilla\Firefox\Profiles\a83s0d8i.default-1526436504024\Extensions\[email protected] [2019-05-15]
    FF Extension: (Honey) - C:\Users\Deni\AppData\Roaming\Mozilla\Firefox\Profiles\a83s0d8i.default-1526436504024\Extensions\[email protected] [2019-05-15]
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> )
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> )
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.) [File not signed]
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2018-01-16] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)

    Chrome:
    =======
    CHR Profile: C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default [2016-11-24]
    CHR Extension: (Google Slides) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-24]
    CHR Extension: (Google Docs) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-24]
    CHR Extension: (Google Drive) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-24]
    CHR Extension: (YouTube) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-24]
    CHR Extension: (Google Sheets) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-24]
    CHR Extension: (Google Docs Offline) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-24]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-24]
    CHR Extension: (Gmail) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-24]
    CHR Extension: (Chrome Media Router) - C:\Users\Deni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-24]
    CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-03-08] (Apple Inc. -> Apple Inc.)
    R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
    R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
    S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312576 2016-12-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
    S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
    R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
    R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
    R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 BTHprint; C:\WINDOWS\system32\DRIVERS\bthprint.sys [66048 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
    R3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
    R3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
    R3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [49056 2012-09-25] (Hewlett-Packard Company -> Microsoft Corporation)
    R1 HWiNFO32; C:\Windows\SysWoW64\drivers\HWiNFO64A.SYS [27552 2016-12-14] (Martin Malik - REALiX -> REALiX(tm))
    R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_desktop_ref4wu.inf_amd64_0109a19b5125cb43\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation -> NVIDIA Corporation)
    R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [946696 2016-12-14] (Realtek Semiconductor Corp. -> Realtek )
    R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-12-14] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
    S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
    S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [337632 2019-06-06] (Microsoft Windows -> Microsoft Corporation)
    R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-06] (Microsoft Windows -> Microsoft Corporation)
    R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel(R) Software -> Intel Corporation)
    R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-12-14] (Zemana Ltd. -> Zemana Ltd.)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One month (created) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-06-13 16:03 - 2019-06-13 16:03 - 002418688 _____ (Farbar) C:\Users\Deni\Downloads\FRST64(2).exe
    2019-06-13 13:02 - 2019-06-13 13:02 - 005623105 _____ C:\Users\Deni\Downloads\Anti-Aging Essentials 2018.pdf
    2019-06-12 22:34 - 2019-06-12 22:34 - 000000000 ___HD C:\OneDriveTemp
    2019-06-12 13:11 - 2019-06-07 04:04 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2019-06-12 13:11 - 2019-06-07 04:04 - 001633136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2019-06-12 13:11 - 2019-06-07 03:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
    2019-06-12 13:11 - 2019-06-07 03:47 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
    2019-06-12 13:11 - 2019-06-07 03:45 - 012756480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2019-06-12 13:11 - 2019-06-07 03:42 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2019-06-12 13:11 - 2019-06-07 03:41 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2019-06-12 13:11 - 2019-06-07 03:40 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
    2019-06-12 13:11 - 2019-06-07 03:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
    2019-06-12 13:11 - 2019-06-07 03:23 - 001453920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2019-06-12 13:11 - 2019-06-07 03:19 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2019-06-12 13:11 - 2019-06-07 03:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
    2019-06-12 13:11 - 2019-06-07 03:07 - 011942400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2019-06-12 13:11 - 2019-06-07 03:04 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2019-06-12 13:11 - 2019-06-07 03:04 - 002881536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2019-06-12 13:11 - 2019-06-07 03:04 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
    2019-06-12 13:11 - 2019-06-06 23:07 - 000707384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
    2019-06-12 13:11 - 2019-06-06 23:01 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
    2019-06-12 13:11 - 2019-06-06 22:58 - 001220112 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2019-06-12 13:11 - 2019-06-06 22:58 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2019-06-12 13:11 - 2019-06-06 22:58 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
    2019-06-12 13:11 - 2019-06-06 22:58 - 000422416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
    2019-06-12 13:11 - 2019-06-06 22:58 - 000135176 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
    2019-06-12 13:11 - 2019-06-06 22:58 - 000076304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
    2019-06-12 13:11 - 2019-06-06 22:57 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2019-06-12 13:11 - 2019-06-06 22:57 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2019-06-12 13:11 - 2019-06-06 22:57 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2019-06-12 13:11 - 2019-06-06 22:57 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2019-06-12 13:11 - 2019-06-06 22:57 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2019-06-12 13:11 - 2019-06-06 22:57 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2019-06-12 13:11 - 2019-06-06 22:57 - 000792888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2019-06-12 13:11 - 2019-06-06 22:57 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2019-06-12 13:11 - 2019-06-06 22:57 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2019-06-12 13:11 - 2019-06-06 22:57 - 000494304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2019-06-12 13:11 - 2019-06-06 22:57 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2019-06-12 13:11 - 2019-06-06 22:57 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
    2019-06-12 13:11 - 2019-06-06 22:57 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
    2019-06-12 13:11 - 2019-06-06 22:57 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
    2019-06-12 13:11 - 2019-06-06 22:57 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2019-06-12 13:11 - 2019-06-06 22:57 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
    2019-06-12 13:11 - 2019-06-06 22:57 - 000137448 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
    2019-06-12 13:11 - 2019-06-06 22:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2019-06-12 13:11 - 2019-06-06 22:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
    2019-06-12 13:11 - 2019-06-06 22:47 - 000380432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2019-06-12 13:11 - 2019-06-06 22:47 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
    2019-06-12 13:11 - 2019-06-06 22:46 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2019-06-12 13:11 - 2019-06-06 22:46 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2019-06-12 13:11 - 2019-06-06 22:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2019-06-12 13:11 - 2019-06-06 22:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2019-06-12 13:11 - 2019-06-06 22:46 - 000581048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
    2019-06-12 13:11 - 2019-06-06 22:46 - 000357072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
    2019-06-12 13:11 - 2019-06-06 22:46 - 000128792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
    2019-06-12 13:11 - 2019-06-06 22:38 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2019-06-12 13:11 - 2019-06-06 22:37 - 022019584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2019-06-12 13:11 - 2019-06-06 22:31 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2019-06-12 13:11 - 2019-06-06 22:27 - 022718976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2019-06-12 13:11 - 2019-06-06 22:24 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2019-06-12 13:11 - 2019-06-06 22:24 - 003400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2019-06-12 13:11 - 2019-06-06 22:24 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
    2019-06-12 13:11 - 2019-06-06 22:23 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
    2019-06-12 13:11 - 2019-06-06 22:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
    2019-06-12 13:11 - 2019-06-06 22:23 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
    2019-06-12 13:11 - 2019-06-06 22:22 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
    2019-06-12 13:11 - 2019-06-06 22:22 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2019-06-12 13:11 - 2019-06-06 22:22 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
    2019-06-12 13:11 - 2019-06-06 22:22 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
    2019-06-12 13:11 - 2019-06-06 22:22 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
    2019-06-12 13:11 - 2019-06-06 22:21 - 007588864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2019-06-12 13:11 - 2019-06-06 22:21 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2019-06-12 13:11 - 2019-06-06 22:21 - 001778688 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2019-06-12 13:11 - 2019-06-06 22:21 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
    2019-06-12 13:11 - 2019-06-06 22:21 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
    2019-06-12 13:11 - 2019-06-06 22:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2019-06-12 13:11 - 2019-06-06 22:20 - 002610688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
    2019-06-12 13:11 - 2019-06-06 22:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
    2019-06-12 13:11 - 2019-06-06 22:20 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
    2019-06-12 13:11 - 2019-06-06 22:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2019-06-12 13:11 - 2019-06-06 22:19 - 003212288 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2019-06-12 13:11 - 2019-06-06 22:19 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2019-06-12 13:11 - 2019-06-06 22:19 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2019-06-12 13:11 - 2019-06-06 22:19 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
    2019-06-12 13:11 - 2019-06-06 22:19 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
    2019-06-12 13:11 - 2019-06-06 22:19 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
    2019-06-12 13:11 - 2019-06-06 22:18 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2019-06-12 13:11 - 2019-06-06 22:18 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2019-06-12 13:11 - 2019-06-06 22:18 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2019-06-12 13:11 - 2019-06-06 22:17 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
    2019-06-12 13:11 - 2019-06-06 22:17 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
    2019-06-12 13:11 - 2019-06-06 22:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2019-06-12 13:11 - 2019-06-06 22:16 - 001102336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
    2019-06-12 13:11 - 2019-06-06 22:16 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
    2019-06-12 13:11 - 2019-06-06 22:16 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2019-06-12 13:11 - 2019-06-06 22:16 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
    2019-06-12 13:11 - 2019-06-06 21:00 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
    2019-06-12 13:11 - 2019-05-18 15:12 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
    2019-06-12 13:11 - 2019-05-18 15:12 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
    2019-06-12 13:11 - 2019-05-18 15:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
    2019-06-12 13:11 - 2019-05-18 15:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
    2019-06-12 13:11 - 2019-05-17 05:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
    2019-06-12 13:11 - 2019-05-17 05:40 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
    2019-06-12 13:11 - 2019-05-17 05:40 - 000280888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
    2019-06-12 13:11 - 2019-05-17 05:27 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2019-06-12 13:11 - 2019-05-17 05:26 - 004393984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2019-06-12 13:11 - 2019-05-17 05:25 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
    2019-06-12 13:11 - 2019-05-17 05:25 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
    2019-06-12 13:11 - 2019-05-17 05:25 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
    2019-06-12 13:11 - 2019-05-17 05:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
    2019-06-12 13:11 - 2019-05-17 05:23 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll
    2019-06-12 13:11 - 2019-05-17 05:23 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistWSDDiscoProv.dll
    2019-06-12 13:11 - 2019-05-17 05:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
    2019-06-12 13:11 - 2019-05-17 05:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
    2019-06-12 13:11 - 2019-05-17 05:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
    2019-06-12 13:11 - 2019-05-17 05:21 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
    2019-06-12 13:11 - 2019-05-17 05:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
    2019-06-12 13:11 - 2019-05-17 05:21 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
    2019-06-12 13:11 - 2019-05-17 05:21 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll
    2019-06-12 13:11 - 2019-05-17 05:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
    2019-06-12 13:11 - 2019-05-17 05:20 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
    2019-06-12 13:11 - 2019-05-17 05:20 - 001970688 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
    2019-06-12 13:11 - 2019-05-17 05:20 - 000725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCacheProvider.dll
    2019-06-12 13:11 - 2019-05-17 05:20 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSh.dll
    2019-06-12 13:11 - 2019-05-17 05:20 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll
    2019-06-12 13:11 - 2019-05-17 05:19 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2019-06-12 13:11 - 2019-05-17 05:07 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
    2019-06-12 13:11 - 2019-05-17 05:00 - 005658112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2019-06-12 13:11 - 2019-05-17 04:58 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
    2019-06-12 13:11 - 2019-05-17 04:58 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
    2019-06-12 13:11 - 2019-05-17 04:56 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
    2019-06-12 13:11 - 2019-05-17 04:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll
    2019-06-12 13:11 - 2019-05-17 04:55 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
    2019-06-12 13:11 - 2019-05-17 04:55 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2019-06-12 13:11 - 2019-05-17 04:55 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
    2019-06-12 13:11 - 2019-05-17 04:55 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDistSh.dll
    2019-06-12 13:11 - 2019-05-17 04:54 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
    2019-06-12 13:11 - 2019-05-17 04:54 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
    2019-06-12 13:11 - 2019-05-17 02:33 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
    2019-06-12 13:11 - 2019-05-17 01:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
    2019-06-12 13:11 - 2019-05-17 00:07 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
    2019-06-12 13:11 - 2019-05-16 23:44 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
    2019-06-12 13:11 - 2019-05-16 23:44 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
    2019-06-12 13:11 - 2019-05-16 23:43 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
    2019-06-12 13:11 - 2019-05-16 23:42 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
    2019-06-12 13:11 - 2019-05-16 23:42 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2019-06-12 13:11 - 2019-05-16 23:42 - 002256560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2019-06-12 13:11 - 2019-05-16 23:42 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
    2019-06-12 13:11 - 2019-05-16 23:42 - 001980256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2019-06-12 13:11 - 2019-05-16 23:42 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2019-06-12 13:11 - 2019-05-16 23:42 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
    2019-06-12 13:11 - 2019-05-16 23:42 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
    2019-06-12 13:11 - 2019-05-16 23:42 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
    2019-06-12 13:11 - 2019-05-16 23:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
    2019-06-12 13:11 - 2019-05-16 23:30 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
    2019-06-12 13:11 - 2019-05-16 23:26 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
    2019-06-12 13:11 - 2019-05-16 23:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
    2019-06-12 13:11 - 2019-05-16 23:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
    2019-06-12 13:11 - 2019-05-16 23:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
    2019-06-12 13:11 - 2019-05-16 23:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
    2019-06-12 13:11 - 2019-05-16 23:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
    2019-06-12 13:11 - 2019-05-16 23:21 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
    2019-06-12 13:11 - 2019-05-16 23:21 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
    2019-06-12 13:11 - 2019-05-16 23:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
    2019-06-12 13:11 - 2019-05-16 23:20 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
    2019-06-12 13:11 - 2019-05-16 23:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
    2019-06-12 13:11 - 2019-05-16 23:19 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2019-06-12 13:11 - 2019-05-16 23:19 - 001630720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2019-06-12 13:11 - 2019-05-16 23:19 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
    2019-06-12 13:11 - 2019-05-16 23:19 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
    2019-06-12 13:11 - 2019-05-16 23:19 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
    2019-06-12 13:11 - 2019-05-16 23:19 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
    2019-06-12 13:11 - 2019-05-16 23:18 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
    2019-06-12 13:11 - 2019-05-16 23:18 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
    2019-06-12 13:11 - 2019-05-16 23:18 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
    2019-06-12 13:11 - 2019-05-16 23:08 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2019-06-12 13:11 - 2019-05-16 23:08 - 000723432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2019-06-12 13:11 - 2019-05-16 23:08 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
    2019-06-12 13:11 - 2019-05-16 23:08 - 000401328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
    2019-06-12 13:11 - 2019-05-16 23:07 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2019-06-12 13:11 - 2019-05-16 23:07 - 002768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2019-06-12 13:11 - 2019-05-16 23:07 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2019-06-12 13:11 - 2019-05-16 23:07 - 002467320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
    2019-06-12 13:11 - 2019-05-16 23:07 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2019-06-12 13:11 - 2019-05-16 23:07 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2019-06-12 13:11 - 2019-05-16 23:07 - 001260272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2019-06-12 13:11 - 2019-05-16 23:07 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2019-06-12 13:11 - 2019-05-16 23:07 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2019-06-12 13:11 - 2019-05-16 23:07 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2019-06-12 13:11 - 2019-05-16 23:06 - 001943136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2019-06-12 13:11 - 2019-05-16 23:06 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
    2019-06-12 13:11 - 2019-05-16 23:06 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
    2019-06-12 13:11 - 2019-05-16 23:06 - 001140992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2019-06-12 13:11 - 2019-05-16 23:06 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
    2019-06-12 13:11 - 2019-05-16 23:06 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2019-06-12 13:11 - 2019-05-16 23:06 - 000151888 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
    2019-06-12 13:11 - 2019-05-16 23:04 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
    2019-06-12 13:11 - 2019-05-16 23:00 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
    2019-06-12 13:11 - 2019-05-16 22:44 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
    2019-06-12 13:11 - 2019-05-16 22:38 - 004709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
    2019-06-12 13:11 - 2019-05-16 22:37 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
    2019-06-12 13:11 - 2019-05-16 22:37 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
    2019-06-12 13:11 - 2019-05-16 22:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
    2019-06-12 13:11 - 2019-05-16 22:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
    2019-06-12 13:11 - 2019-05-16 22:36 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
    2019-06-12 13:11 - 2019-05-16 22:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
    2019-06-12 13:11 - 2019-05-16 22:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
    2019-06-12 13:11 - 2019-05-16 22:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
    2019-06-12 13:11 - 2019-05-16 22:36 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
    2019-06-12 13:11 - 2019-05-16 22:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
    2019-06-12 13:11 - 2019-05-16 22:35 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2019-06-12 13:11 - 2019-05-16 22:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
    2019-06-12 13:11 - 2019-05-16 22:35 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2019-06-12 13:11 - 2019-05-16 22:34 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
    2019-06-12 13:11 - 2019-05-16 22:34 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2019-06-12 13:11 - 2019-05-16 22:34 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
    2019-06-12 13:11 - 2019-05-16 22:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
    2019-06-12 13:11 - 2019-05-16 22:34 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
    2019-06-12 13:11 - 2019-05-16 22:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
    2019-06-12 13:11 - 2019-05-16 22:34 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
    2019-06-12 13:11 - 2019-05-16 22:34 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
    2019-06-12 13:11 - 2019-05-16 22:33 - 003091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2019-06-12 13:11 - 2019-05-16 22:33 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2019-06-12 13:11 - 2019-05-16 22:33 - 002370560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
    2019-06-12 13:11 - 2019-05-16 22:33 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
    2019-06-12 13:11 - 2019-05-16 22:33 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
    2019-06-12 13:11 - 2019-05-16 22:33 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
    2019-06-12 13:11 - 2019-05-16 22:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
    2019-06-12 13:11 - 2019-05-16 22:32 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
    2019-06-12 13:11 - 2019-05-16 22:32 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
    2019-06-12 13:11 - 2019-05-16 22:31 - 004937216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2019-06-12 13:11 - 2019-05-16 22:31 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2019-06-12 13:11 - 2019-05-16 22:31 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
    2019-06-12 13:11 - 2019-05-16 22:31 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
    2019-06-12 13:11 - 2019-05-16 22:31 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2019-06-12 13:11 - 2019-05-16 22:31 - 001383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2019-06-12 13:11 - 2019-05-16 22:31 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
    2019-06-12 13:11 - 2019-05-16 22:31 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
    2019-06-12 13:11 - 2019-05-16 22:31 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
    2019-06-12 13:11 - 2019-05-16 22:31 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2019-06-12 13:11 - 2019-05-16 22:31 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
    2019-06-12 13:11 - 2019-05-16 22:30 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
    2019-06-12 13:11 - 2019-05-16 22:30 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
    2019-06-12 13:11 - 2019-05-16 22:30 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
    2019-06-06 10:00 - 2019-06-13 11:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2019-05-29 16:12 - 2019-05-29 16:12 - 000748192 _____ (TechGuy, Inc.) C:\Users\Deni\Downloads\SysInfo(3).exe
    2019-05-29 16:09 - 2019-05-29 16:10 - 166190448 _____ (Oracle Corporation) C:\Users\Deni\Downloads\jdk-12.0.1_windows-x64_bin.exe
    2019-05-22 12:54 - 2019-05-22 12:54 - 032414642 _____ C:\Users\Deni\Downloads\IE10-Windows6.1-KB2859903-x64.msu
    2019-05-22 12:51 - 2019-05-22 12:51 - 015701965 _____ C:\Users\Deni\Downloads\IE10-Windows6.1-KB2859903-x86.msu
    2019-05-22 12:49 - 2019-05-22 12:49 - 000689864 _____ (PC Drivers HeadQuarters LP) C:\Users\Deni\Downloads\DriverSupport.exe
    2019-05-15 20:15 - 2019-05-15 20:15 - 001551699 _____ C:\Users\Deni\Documents\Baby Stephanie Koetje.hmk
    2019-05-15 14:46 - 2019-05-03 05:14 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2019-05-15 14:46 - 2019-05-03 05:14 - 000304144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
    2019-05-15 14:46 - 2019-05-03 05:13 - 001376472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2019-05-15 14:46 - 2019-05-03 05:13 - 000396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2019-05-15 14:46 - 2019-05-03 04:55 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
    2019-05-15 14:46 - 2019-05-03 04:54 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
    2019-05-15 14:46 - 2019-05-03 04:52 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
    2019-05-15 14:46 - 2019-05-03 04:49 - 001288704 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
    2019-05-15 14:46 - 2019-05-03 04:49 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
    2019-05-15 14:46 - 2019-05-03 04:49 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
    2019-05-15 14:46 - 2019-05-03 04:43 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2019-05-15 14:46 - 2019-05-03 04:43 - 000662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2019-05-15 14:46 - 2019-05-03 04:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
    2019-05-15 14:46 - 2019-05-03 04:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
    2019-05-15 14:46 - 2019-05-03 04:28 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
    2019-05-15 14:46 - 2019-05-03 04:27 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
    2019-05-15 14:46 - 2019-05-03 04:26 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
    2019-05-15 14:46 - 2019-05-02 23:43 - 000177128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
    2019-05-15 14:46 - 2019-05-02 23:34 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
    2019-05-15 14:46 - 2019-05-02 23:33 - 000063072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
    2019-05-15 14:46 - 2019-05-02 23:32 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2019-05-15 14:46 - 2019-05-02 23:32 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
    2019-05-15 14:46 - 2019-05-02 23:32 - 000438984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
    2019-05-15 14:46 - 2019-05-02 23:32 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
    2019-05-15 14:46 - 2019-05-02 23:32 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
    2019-05-15 14:46 - 2019-05-02 23:31 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2019-05-15 14:46 - 2019-05-02 23:31 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
    2019-05-15 14:46 - 2019-05-02 23:20 - 000434704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
    2019-05-15 14:46 - 2019-05-02 23:20 - 000384976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
    2019-05-15 14:46 - 2019-05-02 23:20 - 000192016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
    2019-05-15 14:46 - 2019-05-02 23:20 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
    2019-05-15 14:46 - 2019-05-02 23:19 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2019-05-15 14:46 - 2019-05-02 23:19 - 000056288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
    2019-05-15 14:46 - 2019-05-02 23:01 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2019-05-15 14:46 - 2019-05-02 23:00 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2019-05-15 14:46 - 2019-05-02 23:00 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
    2019-05-15 14:46 - 2019-05-02 23:00 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
    2019-05-15 14:46 - 2019-05-02 22:59 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
    2019-05-15 14:46 - 2019-05-02 22:59 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
    2019-05-15 14:46 - 2019-05-02 22:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
    2019-05-15 14:46 - 2019-05-02 22:56 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
    2019-05-15 14:46 - 2019-05-02 22:55 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
    2019-05-15 14:46 - 2019-05-02 22:54 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
    2019-05-15 14:46 - 2019-05-02 22:54 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
    2019-05-15 14:46 - 2019-05-02 22:54 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2019-05-15 14:46 - 2019-05-02 22:54 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2019-05-15 14:46 - 2019-05-02 22:54 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
    2019-05-15 14:46 - 2019-05-02 22:53 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
    2019-05-15 14:46 - 2019-05-02 22:53 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
    2019-05-15 14:46 - 2019-05-02 22:53 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
    2019-05-15 14:46 - 2019-05-02 22:53 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
    2019-05-15 14:46 - 2019-04-19 03:54 - 000720200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
    2019-05-15 14:46 - 2019-04-19 03:38 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
    2019-05-15 14:46 - 2019-04-19 03:38 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
    2019-05-15 14:46 - 2019-04-19 03:36 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
    2019-05-15 14:46 - 2019-04-19 03:34 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
    2019-05-15 14:46 - 2019-04-19 02:37 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
    2019-05-15 14:46 - 2019-04-19 02:30 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
    2019-05-15 14:46 - 2019-04-19 02:26 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
    2019-05-15 14:46 - 2019-04-19 02:25 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
    2019-05-15 14:46 - 2019-04-18 22:07 - 000985400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
    2019-05-15 14:46 - 2019-04-18 22:06 - 000798520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
    2019-05-15 14:46 - 2019-04-18 22:02 - 000831800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
    2019-05-15 14:46 - 2019-04-18 22:01 - 000576016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
    2019-05-15 14:46 - 2019-04-18 21:43 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
    2019-05-15 14:46 - 2019-04-18 21:41 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
    2019-05-15 14:46 - 2019-04-18 21:41 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
    2019-05-15 14:46 - 2019-04-18 21:40 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
    2019-05-15 14:46 - 2019-04-18 21:40 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
    2019-05-15 14:46 - 2019-04-18 21:40 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
    2019-05-15 14:46 - 2019-04-18 21:40 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
    2019-05-15 14:46 - 2019-04-18 21:40 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
    2019-05-15 14:46 - 2019-04-18 21:39 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
    2019-05-15 14:46 - 2019-04-18 21:39 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
    2019-05-15 14:46 - 2019-04-18 21:39 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
    2019-05-15 14:46 - 2019-04-18 21:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
    2019-05-15 14:46 - 2019-04-18 21:39 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
    2019-05-15 14:46 - 2019-04-18 21:38 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
    2019-05-15 14:46 - 2019-04-18 21:38 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
    2019-05-15 14:46 - 2019-04-18 21:38 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
    2019-05-15 14:46 - 2019-04-18 21:38 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
    2019-05-15 14:46 - 2019-04-18 21:37 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
    2019-05-15 14:46 - 2019-04-18 21:37 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
    2019-05-15 14:46 - 2019-04-18 21:37 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
    2019-05-15 14:46 - 2019-04-18 21:37 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
    2019-05-15 14:46 - 2019-04-18 21:37 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
    2019-05-15 14:46 - 2019-04-18 21:36 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
    2019-05-15 14:46 - 2019-04-18 21:36 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2019-05-15 14:46 - 2019-04-18 21:36 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
    2019-05-15 14:46 - 2019-04-18 21:36 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
    2019-05-15 14:46 - 2019-04-18 21:36 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
    2019-05-15 14:46 - 2019-04-18 21:35 - 001938944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
    2019-05-15 14:46 - 2019-04-18 21:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
    2019-05-15 14:46 - 2019-04-18 21:35 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
    2019-05-15 14:46 - 2019-04-18 21:35 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
    2019-05-15 14:46 - 2019-04-18 21:35 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
    2019-05-15 14:46 - 2019-04-18 21:35 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
    2019-05-15 14:46 - 2019-04-18 21:35 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2019-05-15 14:46 - 2019-04-18 21:35 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
    2019-05-15 14:46 - 2019-04-18 21:34 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
    2019-05-15 14:46 - 2019-04-18 21:34 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
    2019-05-15 14:46 - 2019-04-18 21:34 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
    2019-05-15 14:46 - 2019-04-18 20:18 - 000806360 _____ C:\WINDOWS\SysWOW64\locale.nls
    2019-05-15 14:46 - 2019-04-18 20:18 - 000806360 _____ C:\WINDOWS\system32\locale.nls
    2019-05-15 14:46 - 2019-04-08 18:48 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll

    ==================== One month (modified) ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-06-13 16:04 - 2016-11-16 22:23 - 000022231 _____ C:\Users\Deni\Downloads\FRST.txt
    2019-06-13 16:03 - 2016-12-20 16:58 - 000109340 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
    2019-06-13 16:03 - 2016-12-16 10:56 - 000000000 ____D C:\FRST
    2019-06-13 16:03 - 2016-12-15 10:56 - 000000000 ____D C:\Users\Deni\AppData\LocalLow\Mozilla
    2019-06-13 16:01 - 2018-05-17 13:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2019-06-13 16:01 - 2018-04-11 16:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2019-06-13 12:55 - 2016-11-16 22:35 - 000000000 ____D C:\Users\Deni\Documents\My Scans
    2019-06-13 11:54 - 2018-04-11 16:36 - 000000000 ____D C:\WINDOWS\INF
    2019-06-12 22:40 - 2018-05-17 16:05 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2019-06-12 22:34 - 2018-05-17 16:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2019-06-12 22:34 - 2018-05-17 13:35 - 000526920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2019-06-12 22:34 - 2018-04-11 16:38 - 000000000 ___HD C:\Program Files\WindowsApps
    2019-06-12 22:34 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\AppReadiness
    2019-06-12 22:34 - 2018-01-10 16:06 - 000000000 ___RD C:\Users\Deni\3D Objects
    2019-06-12 22:34 - 2017-07-29 11:02 - 000000000 ____D C:\ProgramData\NVIDIA
    2019-06-12 22:34 - 2016-12-15 10:53 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
    2019-06-12 22:34 - 2016-12-15 10:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2019-06-12 22:34 - 2016-11-16 16:06 - 000000000 ___RD C:\Users\Deni\OneDrive
    2019-06-12 22:34 - 2016-11-16 16:04 - 000000000 __RHD C:\Users\Public\AccountPictures
    2019-06-12 22:33 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\TextInput
    2019-06-12 22:33 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2019-06-12 22:33 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\Provisioning
    2019-06-12 22:33 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
    2019-06-12 22:33 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\bcastdvr
    2019-06-12 22:33 - 2018-04-11 14:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
    2019-06-12 13:13 - 2018-04-11 16:30 - 000000000 ____D C:\WINDOWS\CbsTemp
    2019-06-12 13:10 - 2016-11-16 16:21 - 000000000 ____D C:\WINDOWS\system32\MRT
    2019-06-12 13:09 - 2016-11-16 16:21 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2019-06-11 09:02 - 2018-05-17 16:07 - 000004586 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
    2019-06-11 09:01 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2019-06-11 09:01 - 2018-04-11 16:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
    2019-06-06 09:50 - 2018-03-08 09:37 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
    2019-06-06 09:47 - 2018-05-17 16:07 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2564990741-4111462134-2844926404-1001
    2019-06-06 09:47 - 2018-05-17 13:37 - 000002364 _____ C:\Users\Deni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2019-05-30 18:57 - 2018-04-11 16:41 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2019-05-30 18:57 - 2018-04-11 16:41 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2019-05-22 12:22 - 2018-05-17 13:37 - 000000000 ____D C:\Users\Deni
    2019-05-17 07:05 - 2018-01-22 17:11 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2019-05-17 07:04 - 2018-11-16 22:31 - 000000000 ____D C:\Program Files\rempl
    2019-05-16 00:04 - 2018-04-11 16:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs

    ==================== Files in the root of some directories ================

    2009-10-15 04:20 - 2019-01-10 15:46 - 000006234 _____ () C:\Program Files\HISTORY.BLD
    2008-01-08 03:02 - 2019-01-10 15:46 - 002585872 _____ (Microsoft Corporation) C:\Program Files\INSNTMSI.EXE
    2009-10-16 15:03 - 2019-01-10 15:45 - 000000011 _____ () C:\Program Files\mstrid.txt
    2009-10-15 04:23 - 2019-01-10 15:45 - 000003211 _____ () C:\Program Files\Setup.dcf
    2009-09-24 17:34 - 2019-01-10 15:45 - 004419568 _____ (Sonic Solutions) C:\Program Files\setup.exe

    ==================== FLock ================

    2019-06-12 13:09 C:\System Volume Information
    2016-11-16 16:03 C:\WINDOWS\CSC

    ==================== SigCheck ===============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ============================
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Short URL to this thread: https://techguy.org/1227856

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice