Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017 Ran by Frazier (administrator) on FRAZIER-PC (28-03-2017 15:33:59) Running from C:\Users\Frazier\Desktop Loaded Profiles: Frazier (Available Profiles: Frazier) Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe (ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe (Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHelp.exe () C:\Windows\DAODx.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe (ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (Akamai Technologies, Inc.) C:\Users\Frazier\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\Frazier\AppData\Local\Akamai\netsession_win.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe (Learnpulse) C:\Users\Frazier\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 120 series\Bin\ScanToPCActivationApp.exe (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acsagent.exe ( ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU\EPU.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe (Andy OS, inc.) C:\Program Files\Andy\HandyAndy.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 120 series\Bin\HPNetworkCommunicator.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe (Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [2345848 2009-11-05] (Microsoft Corporation) HKLM\...\Run: [] => [X] HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17305208 2016-12-08] (Logitech Inc.) HKLM\...\Run: [acevents] => C:\Program Files\ActivIdentity\ActivClient\acevents.exe [196648 2009-06-03] (ActivIdentity) HKLM\...\Run: [accrdsub] => C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [483880 2009-06-03] (ActivIdentity) HKLM-x32\...\Run: [Six Engine] => C:\Program Files (x86)\ASUS\EPU\EPU.exe [5309056 2010-03-16] ( ASUSTeK Computer Inc.) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-16] (Renesas Electronics Corporation) HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-18] () HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2369536 2010-03-14] (VIA) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2016-12-23] (Adobe Systems Inc.) HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [1707080 2016-09-13] () HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated) HKLM-x32\...\Run: [cpx] => "C:\Users\Frazier\AppData\Local\ntuserlitelist\cpx\cpx.exe" -starup <===== ATTENTION HKLM-x32\...\Run: [svcvmx] => "C:\Users\Frazier\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe" -starup HKLM-x32\...\Run: [TurboV EVO] => C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe [9936512 2010-07-15] (ASUSTeK Computer Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-10-31] (Razer Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [597792 2009-10-24] (Sony Corporation) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.) HKLM-x32\...\Run: [InstaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1885088 2012-02-23] (Affinegy, Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.) HKLM-x32\...\Run: [AprvRemoveLegacyWordKeys] => C:\Program Files (x86)\ApproveIt\Support\Tools\AprvClean.exe [73728 2010-01-26] (Silanis Technology Inc.) HKLM-x32\...\Run: [AprvRemoveLegacyExcelKeys] => C:\Program Files (x86)\ApproveIt\Support\Tools\AprvClean.exe [73728 2010-01-26] (Silanis Technology Inc.) HKLM-x32\...\Run: [ApproveItForOfficeSetup] => "C:\Program Files (x86)\ApproveIt\Support\Tools\ApproveItForOfficeSetup.exe " /1 /p "C:\Program Files (x86)\ApproveIt\" HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2016-12-19] (Adobe Systems Incorporated) Winlogon\Notify\ScCertProp: wlnotify.dll [X] Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-998246979-33875040-2341155288-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Frazier\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.) HKU\S-1-5-21-998246979-33875040-2341155288-1000\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-998246979-33875040-2341155288-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-998246979-33875040-2341155288-1000\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun HKU\S-1-5-21-998246979-33875040-2341155288-1000\...\Run: [Screenpresso] => C:\Users\Frazier\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [12713704 2017-03-28] (Learnpulse) HKU\S-1-5-21-998246979-33875040-2341155288-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation) HKU\S-1-5-21-998246979-33875040-2341155288-1000\...\Run: [HP ENVY 120 series (NET)] => C:\Program Files\HP\HP ENVY 120 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-998246979-33875040-2341155288-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-07-25] (Electronic Arts) HKU\S-1-5-21-998246979-33875040-2341155288-1000\...\Run: [Discord] => C:\Users\Frazier\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.) HKU\S-1-5-21-998246979-33875040-2341155288-1000\...\Run: [Desktop Software] => C:\Program Files (x86)\Common Files\SupportSoft\bin\bcont.exe [1025320 2009-04-24] (SupportSoft, Inc.) HKU\S-1-5-21-998246979-33875040-2341155288-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd) HKU\S-1-5-21-998246979-33875040-2341155288-1000\...\Run: [Chromium] => "c:\users\frazier\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session HKU\S-1-5-21-998246979-33875040-2341155288-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [886352 2016-12-23] (Adobe Systems Incorporated) HKU\S-1-5-21-998246979-33875040-2341155288-1000\...\MountPoints2: {cf74c5b9-eb3a-11e1-a3cf-f46d0458f88f} - E:\MotoCastSetup.exe -a HKU\S-1-5-18\...\Run: [] => [X] ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] () ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Frazier\AppData\Local\MEGAsync\ShellExtX64.dll -> No File ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Frazier\AppData\Local\MEGAsync\ShellExtX64.dll -> No File ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Frazier\AppData\Local\MEGAsync\ShellExtX64.dll -> No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Frazier\AppData\Local\MEGAsync\ShellExtX32.dll -> No File ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Frazier\AppData\Local\MEGAsync\ShellExtX32.dll -> No File ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Frazier\AppData\Local\MEGAsync\ShellExtX32.dll -> No File Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ActivClient Agent.lnk [2012-01-24] ShortcutTarget: ActivClient Agent.lnk -> C:\Program Files\ActivIdentity\ActivClient\acsagent.exe (ActivIdentity) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ApproveIt StartUp.lnk [2013-01-23] ShortcutTarget: ApproveIt StartUp.lnk -> C:\Windows\Installer\{4E01B649-0023-4EB5-9263-57DE317C3418}\Icon9557F1BC1.ico () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HandyAndy.lnk [2017-02-28] ShortcutTarget: HandyAndy.lnk -> C:\Program Files\Andy\HandyAndy.exe (Andy OS, inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013-11-21] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\Frazier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-02-26] ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation) GroupPolicy: Restriction <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{14A63EB4-79B8-4510-8562-3E042B6725F5}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{E8C1E756-827B-46DF-B5E1-5BA8902F6FA3}: [DhcpNameServer] 192.168.88.2 Tcpip\..\Interfaces\{E9FA2B40-CA94-48B7-91D6-046B470AD024}: [DhcpNameServer] 192.168.202.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-998246979-33875040-2341155288-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={0C46780B-8CAE-48D3-8725-F47E29D05F29}&mid=24f4c0ccb83f47cd9f2a252442bc117c-d91a33117d26ccacf10b50501174a0c8b17deb5e&lang=en&ds=oc011&coid=avgtbdisoc&cmpid=0916tb&pr=sa&d=2014-12-17 14:43:54&v=19.6.0.592&pid=safeguard&sg=&sap=dsp&q={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-11-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO-x32: PE_IE_Helper Class -> {0941C58F-E461-4E03-BD7D-44C27392ADE1} -> C:\Program Files (x86)\IBM\Lotus Forms\Viewer\3.5\PEhelper.dll [2010-02-01] (IBM Corporation) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll [2013-09-06] (McAfee, Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-12] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2016-11-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2017-01-31] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-12] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\19.6.0.592\AVG SafeGuard toolbar_toolbar.dll [2016-09-13] (AVG Secure Search) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation) Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\19.5.0\ViProtocol.dll [2016-09-13] (AVG Secure Search) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: 4ryl1rmp.default-1410116351266 FF ProfilePath: C:\Users\Frazier\AppData\Roaming\Mozilla\Firefox\Profiles\4ryl1rmp.default-1410116351266 [2017-03-28] FF NewTab: Mozilla\Firefox\Profiles\4ryl1rmp.default-1410116351266 -> about:newtab FF DefaultSearchEngine: Mozilla\Firefox\Profiles\4ryl1rmp.default-1410116351266 -> Yahoo! Powered FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\4ryl1rmp.default-1410116351266 -> Google FF SelectedSearchEngine: Mozilla\Firefox\Profiles\4ryl1rmp.default-1410116351266 -> Yahoo! Powered FF Extension: (AVG SafeGuard toolbar) - C:\Users\Frazier\AppData\Roaming\Mozilla\Firefox\Profiles\4ryl1rmp.default-1410116351266\Extensions\avg@safeguard.xpi [2016-09-13] FF Extension: (YouTube™ Flash® Player) - C:\Users\Frazier\AppData\Roaming\Mozilla\Firefox\Profiles\4ryl1rmp.default-1410116351266\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2017-01-10] FF Extension: (Adblock Plus) - C:\Users\Frazier\AppData\Roaming\Mozilla\Firefox\Profiles\4ryl1rmp.default-1410116351266\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24] FF Extension: (Site Deployment Checker) - C:\Users\Frazier\AppData\Roaming\Mozilla\Firefox\Profiles\4ryl1rmp.default-1410116351266\features\{7da9c52b-9868-4699-9899-c1572c0e3cd2}\deployment-checker@mozilla.org.xpi [2017-03-25] FF SearchPlugin: C:\Users\Frazier\AppData\Roaming\Mozilla\Firefox\Profiles\4ryl1rmp.default-1410116351266\searchplugins\avg-secure-search.xml [2016-09-13] FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-03-28] [not signed] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-01-12] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml [2016-09-13] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] () FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-11-17] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-04-20] (Microsoft Corporation) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-04-05] () FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\19.5.0\\npsitesafety.dll [No File] FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-12] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-12] (Oracle Corporation) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll [2013-09-06] (McAfee, Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-04-20] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-11] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-11] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems) FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\mfc71.dll [2003-03-18] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\msvcr71.dll [2003-02-21] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npmfv.dll [2010-02-01] (IBM Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2012-06-11] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2012-06-11] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2012-06-11] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2012-06-11] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2012-06-11] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012-06-11] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012-06-11] (Apple Inc.) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY) R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277032 2009-06-03] (ActivIdentity) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated) R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-02-23] (Affinegy, Inc.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [109056 2010-06-24] () [File not signed] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2017-01-17] (Microsoft Corporation) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-06-24] (EasyAntiCheat Ltd) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-12-08] (Logitech Inc.) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-07-25] (Electronic Arts) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] () R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [8061808 2017-01-19] (Reimage®) S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) S2 vToolbarUpdater19.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.5.0\ToolbarUpdater.exe [1277512 2016-09-13] (AVG Secure Search) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [669136 2016-10-27] (Wacom Technology, Corp.) S2 Dataup; C:\Users\Frazier\AppData\Local\NTUSER~1\dataup\dataup.exe [X] <==== ATTENTION S2 windowsmanagementservice; "C:\Users\Frazier\AppData\Local\microlabs\ct.exe" /svc [X] <==== ATTENTION ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40232 2013-05-28] (Google Inc) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] () R0 drmkpro64; C:\Windows\System32\drivers\ndistpr64.sys [76576 2017-03-27] () [File not signed] <==== ATTENTION S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-09-07] () R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2016-12-08] (Logitech Inc.) R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2016-12-08] (Logitech Inc.) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-15] () R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50392 2015-08-13] (Razer Inc) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-16] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.) R3 S3XXx64; C:\Windows\System32\DRIVERS\S3XXx64.sys [73856 2015-02-17] (Identiv) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-02-16] () [File not signed] R1 vmkbd3; C:\Windows\System32\DRIVERS\vmkbd.sys [52288 2016-11-12] (VMware, Inc.) R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [93248 2016-09-30] (VMware, Inc.) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-13] (Microsoft Corporation) R3 WacHidRouterPro; C:\Windows\System32\DRIVERS\wachidrouter.sys [126624 2016-10-06] (Wacom Technology) U3 al1mjwju; C:\Windows\System32\Drivers\al1mjwju.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder) U0 aswVmm; no ImagePath S1 EIO64; system32\DRIVERS\EIO64.sys [X] S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X] ========================== Drivers MD5 ======================= C:\Windows\System32\DRIVERS\1394ohci.sys ==> MD5 is legit C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit C:\Windows\system32\drivers\afd.sys 9A4A1EEE802BF2F878EE8EAB407B21B7 C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49 C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048 C:\Windows\System32\Drivers\wsadb.sys 1C95002CE0AB71D9C81B7DC2D790E4C2 C:\Windows\system32\drivers\appid.sys B84DDCCB03A9CEDC1E90A88EDA5306DB C:\Windows\system32\drivers\arc.sys ==> MD5 is legit C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit C:\Windows\SysWow64\drivers\AsIO.sys F6BDA026E4157DC4E321CA391E9D9BC6 C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\AtiPcie.sys 7C5D273E29DCC5505469B299C6F29163 C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\bowser.sys ABA3984C822E4D3F889699912D85D6C5 C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit C:\Windows\System32\CLFS.sys 3D67C27DD17B254D7915FA16A5AE3573 C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit C:\Windows\System32\Drivers\cng.sys A98CED39AD91B445E2E442A9BD67E8B4 C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit C:\Windows\System32\drivers\csc.sys ==> MD5 is legit C:\Windows\System32\Drivers\dfsc.sys 9B38580063D281A99E68EF5813022A5F C:\Windows\System32\DRIVERS\ssudbus.sys 73BDD44A6088916964945886F9025409 C:\Windows\System32\drivers\discache.sys ==> MD5 is legit C:\Windows\System32\drivers\disk.sys 616387BBD83372220B09DE95F4E67BBC C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415 C:\Windows\system32\drivers\drmkaud.sys 26FE888505E5A945B0536AF9A2A27A6F C:\Windows\System32\drivers\ndistpr64.sys D41D8CD98F00B204E9800998ECF8427E C:\Windows\System32\drivers\dxgkrnl.sys 3A9D7D464BDB3B70D7ECF689ADABBD4D C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\fssfltr.sys 07DA62C960DDCCC2D35836AEAB4FC578 C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0 C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\GEARAspiWDM.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\hcmon.sys B23BDC42F7F8EB7A37587FA029B81ADE C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\hidkmdf.sys 4CEAF239773ED24D234E088C8A0796E5 C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit C:\Windows\system32\drivers\hitmanpro37.sys FCE2251FE4464DCAA2F4684F19A8EE9B C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit C:\Windows\System32\Drivers\ANDROIDUSB.sys F47CEC45FB85791D4AB237563AD0FA8F C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57 C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366 C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit C:\Windows\system32\drivers\intelppm.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6 C:\Windows\System32\DRIVERS\jraid.sys 4A8A242FDA43765F4F73ECDE2BA0D62A C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit C:\Windows\System32\Drivers\ksecdd.sys 3AAA10BAF3F194F7CD34F4C78F8222EE C:\Windows\System32\Drivers\ksecpkg.sys 7B7C28D4E71E4A4365F2B7528DA619F8 C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit C:\Windows\System32\drivers\LGBusEnum.sys A6F294B38F3DFB67D6B6E1D1E60A402A C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys 2D7F1C02B94D6F0F3E10107E5EA8E141 C:\Windows\System32\drivers\LGJoyXlCore.sys 2A9F60E6531F42B31874618743037719 C:\Windows\System32\DRIVERS\LGSHidFilt.Sys 94AF1384A67B9FCF5651E70BC9D4C526 C:\Windows\System32\drivers\LGVirHid.sys FA59A7421049F5852C1182345A4B8C4F C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit C:\Windows\System32\drivers\modem.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit C:\Windows\System32\drivers\mountmgr.sys 8ADB5445B29941CB41AF2846FD5C93C7 C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit C:\Windows\system32\drivers\mrxdav.sys 98DB1790F0A584E0A2528B92B052417F C:\Windows\System32\DRIVERS\mrxsmb.sys 819426D736BCBD31CC7CA27221954E04 C:\Windows\System32\DRIVERS\mrxsmb10.sys 85CB449B319AF69A3538BB1B97EEA2E5 C:\Windows\System32\DRIVERS\mrxsmb20.sys C0B2DC34587FE163997055AA38EB883A C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\MTConfig.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ASACPI.sys 19B006B181E3875FD254F7B67ACF1E7C C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit C:\Windows\System32\drivers\ndis.sys F7309F42555F8AAB7144A51A1F2585B0 C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\netbt.sys E47D571FEC2C76E867935109AB2A770C C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit C:\Windows\System32\Drivers\Ntfs.sys 47B2D0B31BDC3EBE6090228E2BA3764D C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\nusb3hub.sys 158AD24745BD85BA9BE3C51C38F48C32 C:\Windows\System32\DRIVERS\nusb3xhc.sys D40A13B2C0891E218F9523B376955DB6 C:\Windows\System32\drivers\nvhda64v.sys 67B51A97733B10D716B366C2ED126763 C:\Windows\System32\DRIVERS\nvlddmkm.sys 417660347EF07FF511284E668C9E2CB6 C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys F82BCEB9F57B2959F6AAE2A3DDA892A8 C:\Windows\System32\drivers\nvvad64v.sys F37FE6B15A987AEEC08EEF531F2FAED7 C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit C:\Windows\system32\drivers\parport.sys ==> MD5 is legit C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C C:\Windows\System32\drivers\pci.sys ==> MD5 is legit C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit C:\Windows\System32\drivers\peauth.sys EA4D67448BE493D543F1730D6CD04694 C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit C:\Windows\system32\drivers\processr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34 C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41 C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit C:\Windows\system32\drivers\regi.sys 84C83C7577407C4FF6AB1379EE944610 C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\Rt64win7.sys EE082E06A82FF630351D1E0EBBD3D8D0 C:\Windows\System32\DRIVERS\rzendpt.sys 5709A79EC6011BF109C7167DDC6EC603 C:\Windows\system32\drivers\rzpmgrk.sys 30A186D6A2A2853EEFAD7011E212E41B C:\Windows\system32\drivers\rzpnk.sys B4598C05D5440250633E25933FFF42B0 C:\Windows\System32\DRIVERS\rzudd.sys E7E36EA112048AC5AC8AA15B6EC35109 C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\S3XXx64.sys A53AD7D8005429E1E446A401F2BCA681 C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit C:\Windows\System32\Drivers\sptd.sys D41D8CD98F00B204E9800998ECF8427E C:\Windows\System32\DRIVERS\srv.sys EB15C46477EB84B6B520871ED5936CCF C:\Windows\System32\DRIVERS\srv2.sys 7F4FDC9528BCE6FB919615B6A77D5724 C:\Windows\System32\DRIVERS\srvnet.sys 3F20CD2A11872284BD667DAD6D4801CC C:\Windows\System32\DRIVERS\ssudmdm.sys 5252D7BC56E5E0ED715AEA8FE173A455 C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit C:\Windows\system32\drivers\serscan.sys DECACB6921DED1A38642642685D77DAC C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit C:\Windows\System32\drivers\tcpip.sys B2875D7ABB82867DC3AA03D991940201 C:\Windows\System32\DRIVERS\tcpip.sys B2875D7ABB82867DC3AA03D991940201 C:\Windows\System32\drivers\tcpipreg.sys 7FE5586314EE7D6AA8483264A089E5AF C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8 C:\Windows\System32\DRIVERS\tdx.sys AA77EB517D2F07A947294F260E3ACA83 C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\tssecsrv.sys 19BEDA57F3E0A06B8D5EB6D619BD5624 C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426 C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07 C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\umpass.sys ==> MD5 is legit C:\Windows\System32\Drivers\usbaapl64.sys FB251567F41BC61988B26731DEC19E4B C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2 C:\Windows\System32\DRIVERS\usbccgp.sys 28B81917A195B67617AF7DCF4DFE5736 C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31 C:\Windows\system32\drivers\usbehci.sys B626F048318DAE65A3317F0592BE592C C:\Windows\System32\DRIVERS\usbfilter.sys 2C780746DC44A28FE67004DC58173F05 C:\Windows\system32\drivers\usbhub.sys 390109E8E05BA00375DCB1ED64DC60AF C:\Windows\system32\drivers\usbohci.sys B4DF0F4C1D9D25DFE1DAD1D8670F1D4F C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24 C:\Windows\System32\DRIVERS\USBSTOR.SYS D029DD09E22EB24318A8FC3D8138BA43 C:\Windows\system32\drivers\usbuhci.sys CFEAAF96E666E3DCBD8F6DFF516784AE C:\Windows\system32\drivers\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29 C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit C:\Windows\System32\drivers\vga.sys ==> MD5 is legit C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit C:\Windows\System32\drivers\viahduaa.sys DFDF7F9CAA50EE72A633EA4BBD65A557 C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vmci.sys 207BD7BE759F658351A8AD1EAF62CED0 C:\Windows\System32\DRIVERS\vmkbd.sys 57F53D802486F346BF0110F56B4B07D1 C:\Windows\System32\DRIVERS\vmnetadapter.sys 1CA7A1295E0DF2DB74EA2005FF1B47D1 C:\Windows\System32\DRIVERS\vmnetbridge.sys 069261D445C6B037DE3FD0773547E91E C:\Windows\System32\DRIVERS\vmnetuserif.sys C4A2FC7244D181C2DB9D26EDF029D5DC C:\Windows\System32\DRIVERS\vmx86.sys 145C7940CE014E0D77911652CC4984CC C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\vsock.sys F549FF59B775552C6DDDB8C7542084A1 C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wachidrouter.sys 1E11743FAB9E493925A66EE5F4F6E384 C:\Windows\System32\DRIVERS\wachidrouter.sys 1E11743FAB9E493925A66EE5F4F6E384 C:\Windows\System32\DRIVERS\wacomrouterfilter.sys E0185BE811F34FE0A2AA909A851F3440 C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit C:\Windows\system32\drivers\wd.sys ==> MD5 is legit C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8 C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659 C:\Windows\System32\Drivers\al1mjwju.sys ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Three Months Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-03-28 15:33 - 2017-03-28 15:35 - 00056082 _____ C:\Users\Frazier\Desktop\FRST.txt 2017-03-28 15:33 - 2017-03-28 15:33 - 02424832 _____ (Farbar) C:\Users\Frazier\Desktop\FRST64.exe 2017-03-28 15:33 - 2017-03-28 15:33 - 00000000 ____D C:\FRST 2017-03-28 15:31 - 2017-03-28 15:31 - 00784152 _____ (McAfee, Inc.) C:\Users\Frazier\Downloads\rootkitremover.exe 2017-03-28 15:29 - 2017-03-28 15:29 - 00000000 ____D C:\Users\Frazier\AppData\Local\{2D2FFF27-3F3E-42DF-9D3E-2FB672BBB6D3} 2017-03-28 15:25 - 2017-03-28 15:25 - 00355440 _____ C:\Windows\Minidump\032817-22916-01.dmp 2017-03-28 15:23 - 2017-03-28 15:24 - 00364992 _____ C:\Windows\Minidump\032817-21465-01.dmp 2017-03-28 15:21 - 2017-03-28 15:21 - 00000384 _____ C:\DelFix.txt 2017-03-28 15:20 - 2017-03-28 15:20 - 00615376 _____ (Malwarebytes) C:\Users\Frazier\Downloads\mb-clean-2.4.1.1007.exe 2017-03-28 15:18 - 2017-03-28 15:18 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Frazier\Downloads\mbar-1.09.3.1001.exe 2017-03-28 15:02 - 2017-03-28 15:02 - 00003446 _____ C:\Windows\System32\Tasks\Reimage Reminder 2017-03-28 15:01 - 2017-03-28 15:29 - 00001983 _____ C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk 2017-03-28 15:01 - 2017-03-28 15:02 - 00000000 ____D C:\rei 2017-03-28 15:01 - 2017-03-28 15:01 - 00004282 _____ C:\Windows\System32\Tasks\ReimageUpdater 2017-03-28 15:01 - 2017-03-28 15:01 - 00000000 ____D C:\ProgramData\Reimage Protector 2017-03-28 15:01 - 2017-03-28 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair 2017-03-28 15:01 - 2017-03-28 15:01 - 00000000 ____D C:\Program Files\Reimage 2017-03-28 15:00 - 2017-03-28 15:02 - 00000150 _____ C:\Windows\Reimage.ini 2017-03-28 15:00 - 2017-03-28 15:00 - 00604928 _____ (Reimage) C:\Users\Frazier\Downloads\ReimageRepair(1).exe 2017-03-28 14:59 - 2017-03-28 14:59 - 00605088 _____ (Reimage) C:\Users\Frazier\Downloads\ReimageRepair.exe 2017-03-28 14:57 - 2017-03-28 14:57 - 00000000 ____D C:\Users\Frazier\AppData\Local\{DC1F6EEA-8CE6-41F8-A234-20A2656541CD} 2017-03-28 14:53 - 2017-03-28 14:53 - 00354800 _____ C:\Windows\Minidump\032817-20763-01.dmp 2017-03-28 14:51 - 2017-03-28 14:51 - 00362560 _____ C:\Windows\Minidump\032817-21824-01.dmp 2017-03-28 14:37 - 2017-03-28 14:37 - 05765792 _____ (Zemana Ltd. ) C:\Users\Frazier\Desktop\Zemana.AntiMalware.Setup.exe 2017-03-28 14:31 - 2017-03-28 14:31 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Frazier\Desktop\internet.exe.exe 2017-03-28 14:06 - 2017-03-28 15:35 - 00000000 ___HD C:\Users\Public\Documents\AdobeGC 2017-03-28 11:52 - 2017-03-28 14:17 - 00000000 ____D C:\Avenger 2017-03-27 10:46 - 2017-03-27 12:22 - 00000000 ____D C:\Users\Frazier\AppData\Local\llssoft 2017-03-27 10:43 - 2017-03-28 11:48 - 00000000 ____D C:\ProgramData\Microleaves 2017-03-27 10:41 - 2017-03-28 14:03 - 00000000 ____D C:\Users\Frazier\AppData\Local\microlabs 2017-03-27 10:41 - 2017-03-28 11:52 - 00000000 ____D C:\Program Files (x86)\Microleaves 2017-03-27 10:40 - 2017-03-28 11:52 - 00000000 ____D C:\Users\Frazier\AppData\Local\ntuserlitelist 2017-03-27 10:40 - 2017-03-27 10:41 - 00000000 ____D C:\Users\Frazier\AppData\Roaming\Microleaves 2017-03-27 10:40 - 2017-03-27 10:41 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics 2017-03-27 10:40 - 2017-03-27 10:41 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics 2017-03-27 10:40 - 2017-03-27 10:40 - 00833024 ____N C:\Windows\system32\tprdpw32.exe 2017-03-27 10:40 - 2017-03-27 10:40 - 00076576 ____N C:\Windows\system32\Drivers\ndistpr64.sys 2017-03-27 10:40 - 2017-03-27 10:40 - 00000000 ____D C:\Users\Frazier\AppData\Roaming\c 2017-03-15 02:44 - 2017-03-04 13:24 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-03-15 02:44 - 2017-03-04 12:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-03-15 02:44 - 2017-03-04 04:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2017-03-15 02:44 - 2017-03-04 04:02 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2017-03-15 02:44 - 2017-03-04 04:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2017-03-15 02:44 - 2017-03-04 03:59 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-03-15 02:44 - 2017-03-04 03:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2017-03-15 02:44 - 2017-03-04 03:45 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-03-15 02:44 - 2017-03-04 03:36 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2017-03-15 02:44 - 2017-03-04 03:23 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2017-03-15 02:44 - 2017-03-04 03:21 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2017-03-15 02:44 - 2017-03-04 03:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-03-15 02:44 - 2017-03-04 03:11 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2017-03-15 02:44 - 2017-03-04 02:55 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-03-15 02:44 - 2017-03-04 02:54 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-03-15 02:44 - 2017-03-04 02:12 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-03-15 02:44 - 2017-03-04 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-03-15 02:44 - 2017-03-04 00:18 - 20281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-03-15 02:44 - 2017-03-02 14:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2017-03-15 02:44 - 2017-03-02 14:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-03-15 02:44 - 2017-03-02 14:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2017-03-15 02:44 - 2017-03-02 13:55 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-03-15 02:44 - 2017-03-02 13:54 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2017-03-15 02:44 - 2017-03-02 13:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2017-03-15 02:44 - 2017-03-02 13:51 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2017-03-15 02:44 - 2017-03-02 13:50 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2017-03-15 02:44 - 2017-03-02 13:49 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-03-15 02:44 - 2017-03-02 13:49 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2017-03-15 02:44 - 2017-03-02 13:41 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2017-03-15 02:44 - 2017-03-02 13:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2017-03-15 02:44 - 2017-03-02 13:35 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2017-03-15 02:44 - 2017-03-02 13:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-03-15 02:44 - 2017-03-02 13:29 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-03-15 02:44 - 2017-03-02 13:28 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2017-03-15 02:44 - 2017-03-02 13:19 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-03-15 02:44 - 2017-03-02 13:17 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-03-15 02:44 - 2017-03-02 13:11 - 13654528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-03-15 02:44 - 2017-03-02 12:50 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-03-15 02:44 - 2017-03-02 12:50 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-03-15 02:43 - 2017-03-04 04:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2017-03-15 02:43 - 2017-03-04 04:01 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-03-15 02:43 - 2017-03-04 04:01 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2017-03-15 02:43 - 2017-03-04 04:01 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2017-03-15 02:43 - 2017-03-04 03:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2017-03-15 02:43 - 2017-03-04 03:48 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-03-15 02:43 - 2017-03-04 03:46 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2017-03-15 02:43 - 2017-03-04 03:45 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2017-03-15 02:43 - 2017-03-04 03:45 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2017-03-15 02:43 - 2017-03-04 03:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-03-15 02:43 - 2017-03-04 03:32 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2017-03-15 02:43 - 2017-03-04 03:31 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-03-15 02:43 - 2017-03-04 03:16 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2017-03-15 02:43 - 2017-03-04 03:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2017-03-15 02:43 - 2017-03-04 02:57 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-03-15 02:43 - 2017-03-04 02:52 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-03-15 02:43 - 2017-03-04 02:52 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2017-03-15 02:43 - 2017-03-04 02:26 - 15259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-03-15 02:43 - 2017-03-04 02:25 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-03-15 02:43 - 2017-03-02 14:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2017-03-15 02:43 - 2017-03-02 14:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2017-03-15 02:43 - 2017-03-02 14:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-03-15 02:43 - 2017-03-02 13:32 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2017-03-15 02:43 - 2017-03-02 13:22 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-03-15 02:43 - 2017-03-02 13:21 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-03-15 02:43 - 2017-03-02 13:17 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2017-03-15 02:43 - 2017-03-02 12:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-03-15 02:43 - 2017-02-22 19:42 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2017-03-15 02:43 - 2017-02-22 19:37 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2017-03-15 02:43 - 2017-02-18 10:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2017-03-15 02:43 - 2017-02-18 10:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2017-03-15 02:43 - 2017-02-11 11:58 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2017-03-15 02:43 - 2017-02-11 11:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2017-03-15 02:43 - 2017-02-11 11:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2017-03-15 02:43 - 2017-02-10 12:32 - 00803328 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2017-03-15 02:43 - 2017-02-10 12:32 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2017-03-15 02:43 - 2017-02-10 12:17 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2017-03-15 02:43 - 2017-02-10 12:17 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2017-03-15 02:43 - 2017-02-10 10:33 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2017-03-15 02:43 - 2017-02-09 12:36 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2017-03-15 02:43 - 2017-02-09 12:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-03-15 02:43 - 2017-02-09 12:35 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2017-03-15 02:43 - 2017-02-09 12:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2017-03-15 02:43 - 2017-02-09 12:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2017-03-15 02:43 - 2017-02-09 12:33 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2017-03-15 02:43 - 2017-02-09 12:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2017-03-15 02:43 - 2017-02-09 12:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2017-03-15 02:43 - 2017-02-09 12:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2017-03-15 02:43 - 2017-02-09 12:32 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2017-03-15 02:43 - 2017-02-09 12:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2017-03-15 02:43 - 2017-02-09 12:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2017-03-15 02:43 - 2017-02-09 12:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2017-03-15 02:43 - 2017-02-09 12:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2017-03-15 02:43 - 2017-02-09 12:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2017-03-15 02:43 - 2017-02-09 12:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2017-03-15 02:43 - 2017-02-09 12:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2017-03-15 02:43 - 2017-02-09 12:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2017-03-15 02:43 - 2017-02-09 12:32 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll 2017-03-15 02:43 - 2017-02-09 12:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2017-03-15 02:43 - 2017-02-09 12:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2017-03-15 02:43 - 2017-02-09 12:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2017-03-15 02:43 - 2017-02-09 12:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:19 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2017-03-15 02:43 - 2017-02-09 12:19 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2017-03-15 02:43 - 2017-02-09 12:16 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 12:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2017-03-15 02:43 - 2017-02-09 12:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2017-03-15 02:43 - 2017-02-09 12:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2017-03-15 02:43 - 2017-02-09 12:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2017-03-15 02:43 - 2017-02-09 12:00 - 03220480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-03-15 02:43 - 2017-02-09 11:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2017-03-15 02:43 - 2017-02-09 11:58 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2017-03-15 02:43 - 2017-02-09 11:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2017-03-15 02:43 - 2017-02-09 11:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-03-15 02:43 - 2017-02-09 11:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-03-15 02:43 - 2017-02-09 11:54 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2017-03-15 02:43 - 2017-02-09 11:54 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2017-03-15 02:43 - 2017-02-09 11:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2017-03-15 02:43 - 2017-02-09 11:51 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll 2017-03-15 02:43 - 2017-02-09 11:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2017-03-15 02:43 - 2017-02-09 11:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2017-03-15 02:43 - 2017-02-09 11:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2017-03-15 02:43 - 2017-02-09 11:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2017-03-15 02:43 - 2017-02-09 11:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2017-03-15 02:43 - 2017-02-09 11:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 11:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 11:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 11:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2017-03-15 02:43 - 2017-02-09 10:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2017-03-15 02:43 - 2017-02-09 10:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2017-03-15 02:43 - 2017-02-06 12:14 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe 2017-03-15 02:43 - 2017-01-13 14:00 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2017-03-15 02:43 - 2017-01-13 14:00 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll 2017-03-15 02:43 - 2017-01-13 13:45 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2017-03-15 02:43 - 2017-01-13 13:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll 2017-03-15 02:43 - 2017-01-11 14:01 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2017-03-15 02:43 - 2017-01-11 14:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2017-03-15 02:43 - 2017-01-11 13:43 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2017-03-15 02:43 - 2017-01-11 13:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2017-03-15 02:43 - 2017-01-06 14:00 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2017-03-15 02:43 - 2017-01-06 13:44 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2017-03-15 02:43 - 2016-12-31 11:36 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2017-03-15 02:43 - 2016-12-31 11:36 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2017-03-15 02:43 - 2016-12-31 11:36 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2017-03-15 02:43 - 2016-12-31 11:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2017-03-15 02:43 - 2016-12-31 11:36 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2017-03-14 10:04 - 2017-03-14 10:04 - 00065194 _____ C:\Users\Frazier\Desktop\Updated Temp Tech APP.pdf 2017-03-05 11:58 - 2017-03-05 11:58 - 00000000 _____ C:\Users\Frazier\Desktop\KoA.txt 2017-03-03 13:10 - 2017-03-03 13:10 - 00000908 _____ C:\Users\Public\Desktop\Overwatch Test.lnk 2017-03-03 13:10 - 2017-03-03 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch Test 2017-03-03 12:54 - 2017-03-25 19:18 - 00000000 ____D C:\Program Files (x86)\Overwatch Test 2017-02-28 17:29 - 2017-03-28 11:32 - 00000000 ____D C:\Users\Frazier\AppData\Roaming\VMware 2017-02-28 17:29 - 2017-02-28 17:29 - 00001449 _____ C:\Users\Public\Desktop\Start Andy.lnk 2017-02-28 17:29 - 2017-02-28 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy 2017-02-28 17:27 - 2016-11-12 00:22 - 00400968 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe 2017-02-28 17:27 - 2016-11-12 00:22 - 00366664 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe 2017-02-28 17:27 - 2016-11-12 00:21 - 01148488 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll 2017-02-28 17:27 - 2016-11-12 00:16 - 00088128 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys 2017-02-28 17:27 - 2016-11-12 00:16 - 00052288 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmkbd.sys 2017-02-28 17:27 - 2016-11-12 00:05 - 00066624 _____ (VMware, Inc.) C:\Windows\system32\vnetinst.dll 2017-02-28 17:27 - 2016-11-12 00:05 - 00045632 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnet.sys 2017-02-28 17:27 - 2016-11-12 00:05 - 00044096 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys 2017-02-28 17:27 - 2016-09-30 02:11 - 00093248 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys 2017-02-28 17:27 - 2016-09-30 02:11 - 00069104 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll 2017-02-28 17:27 - 2016-09-30 02:11 - 00065008 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll 2017-02-28 17:27 - 2016-09-06 19:48 - 00083008 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys 2017-02-28 17:26 - 2017-03-28 15:26 - 00000000 ____D C:\ProgramData\VMware 2017-02-28 17:26 - 2017-02-28 17:28 - 00000000 ____D C:\Program Files (x86)\VMware 2017-02-28 17:26 - 2017-02-28 17:26 - 00000000 ____D C:\Program Files\Common Files\VMware 2017-02-28 17:21 - 2017-03-26 11:01 - 00000000 ____D C:\Users\Frazier\Andy 2017-02-28 17:20 - 2017-03-28 11:48 - 00000000 ____D C:\Users\Frazier\AppData\Roaming\Andy 2017-02-28 17:20 - 2017-02-28 17:21 - 00000000 ____D C:\Program Files\Andy 2017-02-22 16:45 - 2017-02-22 16:45 - 00055650 _____ C:\Users\Frazier\Desktop\TempTech2017.pdf 2017-02-17 00:30 - 2017-02-17 00:30 - 75135314 _____ C:\Users\Frazier\Desktop\house floor plan.psd 2017-02-14 17:34 - 2017-02-14 17:34 - 01043975 _____ C:\Users\Frazier\Documents\Amherst Application.pdf 2017-02-14 17:34 - 2017-02-14 17:34 - 00517412 _____ C:\Users\Frazier\Desktop\Amherst Application.pdf 2017-02-14 15:49 - 2017-02-14 15:49 - 00040937 _____ C:\Users\Frazier\Desktop\UES - TWIC® Pre-Enroll.pdf 2017-02-10 04:14 - 2017-02-10 04:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2017-01-28 13:56 - 2017-01-28 13:56 - 00000000 ____D C:\Users\Frazier\Downloads\VL200L1W2Z_mul_100701 2017-01-28 13:55 - 2017-01-28 13:55 - 15431475 _____ C:\Users\Frazier\Downloads\VL200L1W2Z_mul_100701.rar 2017-01-16 00:29 - 2017-01-16 00:29 - 00010008 _____ C:\Users\Frazier\Downloads\Packing List.xlsx 2017-01-10 11:21 - 2017-03-25 19:25 - 00000000 ____D C:\Program Files (x86)\Overwatch 2017-01-02 13:12 - 2017-01-02 13:12 - 00475656 _____ C:\Windows\Minidump\010217-25615-01.dmp 2017-01-01 21:30 - 2017-01-01 21:30 - 00000000 ____D C:\Users\Frazier\AppData\Local\Chromium 2017-01-01 05:45 - 2017-03-28 14:57 - 00000000 ____D C:\Users\Frazier\AppData\Roaming\discord 2017-01-01 05:45 - 2017-01-11 20:50 - 00000000 ____D C:\Users\Frazier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc 2017-01-01 05:44 - 2017-01-11 20:50 - 00000000 ____D C:\Users\Frazier\AppData\Local\Discord 2017-01-01 05:44 - 2017-01-01 05:45 - 00000000 ____D C:\Users\Frazier\AppData\Local\SquirrelTemp 2017-01-01 05:44 - 2017-01-01 05:44 - 50343608 _____ (Hammer & Chisel, Inc.) C:\Users\Frazier\Downloads\DiscordSetup.exe 2017-01-01 03:13 - 2017-01-01 03:13 - 00000000 ____D C:\Users\Frazier\AppData\LocalLow\Unity 2017-01-01 03:12 - 2017-01-01 03:12 - 00000000 ____D C:\Users\Frazier\AppData\LocalLow\Fishing Planet LLC 2017-01-01 03:12 - 2010-06-02 05:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2017-01-01 03:12 - 2010-06-02 05:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2017-01-01 03:12 - 2010-06-02 05:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2017-01-01 03:12 - 2010-06-02 05:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2017-01-01 03:12 - 2010-06-02 05:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2017-01-01 03:12 - 2010-06-02 05:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2017-01-01 03:12 - 2010-05-26 12:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2017-01-01 03:12 - 2010-05-26 12:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2017-01-01 03:12 - 2010-05-26 12:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2017-01-01 03:12 - 2010-02-04 11:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2017-01-01 03:12 - 2010-02-04 11:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2017-01-01 03:12 - 2010-02-04 11:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2017-01-01 03:12 - 2010-02-04 11:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2017-01-01 03:12 - 2010-02-04 11:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2017-01-01 03:12 - 2010-02-04 11:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2017-01-01 03:12 - 2010-02-04 11:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2017-01-01 03:12 - 2010-02-04 11:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2017-01-01 03:12 - 2009-09-04 18:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2017-01-01 03:12 - 2009-09-04 18:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll 2017-01-01 03:12 - 2009-09-04 18:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll 2017-01-01 03:12 - 2009-09-04 18:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2017-01-01 03:12 - 2009-09-04 18:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2017-01-01 03:12 - 2009-09-04 18:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll 2017-01-01 03:12 - 2009-09-04 18:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2017-01-01 03:12 - 2009-09-04 18:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll 2017-01-01 03:12 - 2009-09-04 18:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2017-01-01 03:12 - 2009-09-04 18:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll 2017-01-01 03:12 - 2009-09-04 18:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2017-01-01 03:12 - 2009-09-04 18:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2017-01-01 03:12 - 2009-09-04 18:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll 2017-01-01 03:12 - 2009-09-04 18:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll 2017-01-01 03:12 - 2009-03-16 15:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll 2017-01-01 03:12 - 2009-03-16 15:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll 2017-01-01 03:12 - 2009-03-16 15:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll 2017-01-01 03:12 - 2009-03-16 15:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll 2017-01-01 03:12 - 2009-03-16 15:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll 2017-01-01 03:12 - 2009-03-16 15:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll 2017-01-01 03:12 - 2009-03-09 16:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll 2017-01-01 03:12 - 2009-03-09 16:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll 2017-01-01 03:12 - 2009-03-09 16:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll 2017-01-01 03:12 - 2008-10-27 11:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll 2017-01-01 03:12 - 2008-10-27 11:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll 2017-01-01 03:12 - 2008-10-27 11:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll 2017-01-01 03:12 - 2008-10-27 11:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll 2017-01-01 03:12 - 2008-10-27 11:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll 2017-01-01 03:12 - 2008-10-27 11:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll 2017-01-01 03:12 - 2008-10-27 11:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll 2017-01-01 03:12 - 2008-10-27 11:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll 2017-01-01 03:12 - 2008-10-15 07:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2017-01-01 03:12 - 2008-10-15 07:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2017-01-01 03:12 - 2008-10-15 07:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2017-01-01 03:12 - 2008-10-15 07:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2017-01-01 03:12 - 2008-10-15 07:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2017-01-01 03:12 - 2008-07-31 11:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll 2017-01-01 03:12 - 2008-07-31 11:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll 2017-01-01 03:12 - 2008-07-31 11:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll 2017-01-01 03:12 - 2008-07-31 11:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll 2017-01-01 03:12 - 2008-07-31 11:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll 2017-01-01 03:12 - 2008-07-31 11:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll 2017-01-01 03:12 - 2008-07-10 12:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2017-01-01 03:12 - 2008-07-10 12:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll 2017-01-01 03:12 - 2008-07-10 12:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll 2017-01-01 03:12 - 2008-07-10 12:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2017-01-01 03:12 - 2008-07-10 12:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll 2017-01-01 03:12 - 2008-05-30 15:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll 2017-01-01 03:12 - 2008-05-30 15:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll 2017-01-01 03:12 - 2008-05-30 15:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll 2017-01-01 03:12 - 2008-05-30 15:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll 2017-01-01 03:12 - 2008-05-30 15:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll 2017-01-01 03:12 - 2008-05-30 15:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll 2017-01-01 03:12 - 2008-05-30 15:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll 2017-01-01 03:12 - 2008-05-30 15:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll 2017-01-01 03:12 - 2008-05-30 15:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll 2017-01-01 03:12 - 2008-05-30 15:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll 2017-01-01 03:12 - 2008-05-30 15:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll 2017-01-01 03:12 - 2008-05-30 15:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll 2017-01-01 03:12 - 2008-05-30 15:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll 2017-01-01 03:12 - 2008-03-05 17:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll 2017-01-01 03:12 - 2008-03-05 17:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll 2017-01-01 03:12 - 2008-03-05 17:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll 2017-01-01 03:12 - 2008-03-05 17:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll 2017-01-01 03:12 - 2008-03-05 17:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll 2017-01-01 03:12 - 2008-03-05 17:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll 2017-01-01 03:12 - 2008-03-05 16:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll 2017-01-01 03:12 - 2008-03-05 16:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll 2017-01-01 03:12 - 2008-03-05 16:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll 2017-01-01 03:12 - 2008-02-06 00:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll 2017-01-01 03:12 - 2008-02-06 00:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll 2017-01-01 03:12 - 2007-10-22 04:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll 2017-01-01 03:12 - 2007-10-22 04:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll 2017-01-01 03:12 - 2007-10-22 04:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll 2017-01-01 03:12 - 2007-10-22 04:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll 2017-01-01 03:12 - 2007-10-12 16:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll 2017-01-01 03:12 - 2007-10-12 16:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll 2017-01-01 03:12 - 2007-10-12 16:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll 2017-01-01 03:12 - 2007-10-02 10:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll 2017-01-01 03:12 - 2007-10-02 10:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll 2017-01-01 03:12 - 2007-07-20 01:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll 2017-01-01 03:12 - 2007-07-20 01:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll 2017-01-01 03:12 - 2007-07-19 19:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll 2017-01-01 03:12 - 2007-07-19 19:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll 2017-01-01 03:12 - 2007-07-19 19:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll 2017-01-01 03:12 - 2007-07-19 19:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll 2017-01-01 03:12 - 2007-06-20 21:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll 2017-01-01 03:12 - 2007-06-20 21:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll 2017-01-01 03:12 - 2007-05-16 17:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll 2017-01-01 03:12 - 2007-05-16 17:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll 2017-01-01 03:12 - 2007-05-16 17:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll 2017-01-01 03:12 - 2007-05-16 17:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll 2017-01-01 03:12 - 2007-05-16 17:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll 2017-01-01 03:12 - 2007-04-04 19:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll 2017-01-01 03:12 - 2007-04-04 19:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll 2017-01-01 03:12 - 2007-04-04 19:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll 2017-01-01 03:12 - 2007-03-15 17:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll 2017-01-01 03:12 - 2007-03-15 17:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll 2017-01-01 03:12 - 2007-03-12 17:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll 2017-01-01 03:12 - 2007-03-12 17:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll 2017-01-01 03:11 - 2007-03-12 17:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll 2017-01-01 03:11 - 2007-03-05 13:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll 2017-01-01 03:11 - 2007-03-05 13:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll 2017-01-01 03:11 - 2007-01-24 16:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll 2017-01-01 03:11 - 2007-01-24 16:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll 2017-01-01 03:11 - 2006-12-08 13:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll 2017-01-01 03:11 - 2006-12-08 13:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll 2017-01-01 03:11 - 2006-11-29 14:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2017-01-01 03:11 - 2006-11-29 14:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll 2017-01-01 03:11 - 2006-11-29 14:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll 2017-01-01 03:11 - 2006-09-28 17:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll 2017-01-01 03:11 - 2006-09-28 17:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll 2017-01-01 03:11 - 2006-09-28 17:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll 2017-01-01 03:11 - 2006-07-28 10:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll 2017-01-01 03:11 - 2006-07-28 10:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll 2017-01-01 03:11 - 2006-07-28 10:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll 2017-01-01 03:11 - 2006-05-31 08:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll 2017-01-01 03:11 - 2006-05-31 08:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll 2017-01-01 03:11 - 2006-03-31 13:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2017-01-01 03:11 - 2006-03-31 13:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll 2017-01-01 03:11 - 2006-03-31 13:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2017-01-01 03:11 - 2006-02-03 09:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2017-01-01 03:11 - 2006-02-03 09:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll 2017-01-01 03:11 - 2006-02-03 09:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2017-01-01 03:11 - 2006-02-03 09:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2017-01-01 03:11 - 2006-02-03 09:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2017-01-01 03:11 - 2005-12-05 19:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2017-01-01 03:11 - 2005-07-22 20:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2017-01-01 03:11 - 2005-05-26 16:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2017-01-01 03:11 - 2005-03-18 18:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2017-01-01 03:11 - 2005-02-05 20:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2017-01-01 01:36 - 2017-01-01 01:36 - 00000000 ____D C:\Users\Frazier\AppData\Roaming\com.freakinware.wormis ==================== Three Months Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-03-28 15:31 - 2015-07-13 15:09 - 00000000 ___RD C:\Users\Frazier\Creative Cloud Files 2017-03-28 15:31 - 2011-11-16 13:37 - 00000000 ____D C:\Users\Frazier\AppData\Local\Adobe 2017-03-28 15:30 - 2016-11-19 11:17 - 00000000 ____D C:\Users\Frazier\AppData\LocalLow\Mozilla 2017-03-28 15:29 - 2011-11-28 18:53 - 00000000 ____D C:\Users\Frazier\Tracing 2017-03-28 15:26 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-03-28 15:25 - 2013-09-12 14:18 - 582762452 _____ C:\Windows\MEMORY.DMP 2017-03-28 15:25 - 2013-09-12 14:18 - 00000000 ____D C:\Windows\Minidump 2017-03-28 15:25 - 2011-11-15 12:44 - 00000000 ____D C:\ProgramData\NVIDIA 2017-03-28 15:05 - 2009-07-14 00:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-03-28 15:05 - 2009-07-14 00:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-03-28 14:49 - 2014-01-22 16:18 - 00000000 ____D C:\Windows\pss 2017-03-28 14:45 - 2009-07-14 01:13 - 00006700 _____ C:\Windows\system32\PerfStringBackup.INI 2017-03-28 14:25 - 2014-08-18 06:55 - 00000000 ____D C:\Program Files (x86)\Steam 2017-03-28 14:05 - 2016-11-18 13:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-03-28 14:02 - 2014-03-16 20:45 - 00000000 ____D C:\Users\Frazier\AppData\Local\Battle.net 2017-03-28 13:10 - 2015-05-25 20:37 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm 2017-03-28 12:07 - 2014-03-16 20:45 - 00000000 ____D C:\Program Files (x86)\Battle.net 2017-03-28 12:00 - 2012-05-11 21:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-03-28 11:52 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration 2017-03-28 10:51 - 2011-11-15 13:55 - 00000000 ____D C:\Program Files (x86)\World of Warcraft 2017-03-25 19:22 - 2012-05-14 14:50 - 00000000 ____D C:\Program Files (x86)\Diablo III 2017-03-25 18:43 - 2014-04-20 15:44 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-03-25 18:42 - 2014-04-20 15:39 - 00000000 ____D C:\Program Files\Microsoft Office 15 2017-03-15 04:20 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache 2017-03-15 03:29 - 2009-07-14 00:45 - 05143416 _____ C:\Windows\system32\FNTCACHE.DAT 2017-03-15 03:26 - 2014-12-10 04:23 - 00000000 ____D C:\Windows\system32\appraiser 2017-03-15 03:26 - 2014-05-18 03:19 - 00000000 ___SD C:\Windows\system32\CompatTel 2017-03-15 03:26 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\DVD Maker 2017-03-15 03:10 - 2014-03-23 16:07 - 00000000 ____D C:\Windows\system32\MRT 2017-03-15 03:01 - 2014-03-23 16:07 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-03-14 22:40 - 2012-04-17 13:05 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-03-14 22:40 - 2012-04-17 13:05 - 00004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-03-14 22:40 - 2011-11-15 13:35 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-03-14 22:40 - 2011-11-15 13:35 - 00000000 ____D C:\Windows\system32\Macromed 2017-03-14 22:40 - 2011-11-15 12:48 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-03-14 11:40 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF 2017-03-10 19:48 - 2014-03-18 16:40 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2017-03-08 17:11 - 2015-04-22 07:50 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2017-03-05 15:14 - 2016-07-09 21:17 - 00000000 ____D C:\Users\Frazier\AppData\Local\CrashDumps 2017-02-28 17:27 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf 2017-02-28 17:26 - 2011-11-30 13:35 - 00006640 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2017-02-28 17:21 - 2011-11-15 12:23 - 00000000 ____D C:\Users\Frazier ==================== Files in the root of some directories ======= 2014-09-22 13:37 - 2016-10-21 10:46 - 0000033 _____ () C:\Users\Frazier\AppData\Roaming\AdobeWLCMCache.dat 2015-12-14 18:26 - 2015-12-14 18:26 - 0000112 _____ () C:\Users\Frazier\AppData\Roaming\JP2K CS6 Prefs 2016-05-29 11:37 - 2016-05-29 11:37 - 0000028 _____ () C:\Users\Frazier\AppData\Roaming\kulerdata.json 2015-12-13 19:52 - 2016-09-28 14:46 - 0000536 _____ () C:\Users\Frazier\AppData\Roaming\mainhst.zgh 2013-11-03 16:24 - 2013-12-08 22:00 - 0001456 _____ () C:\Users\Frazier\AppData\Local\Adobe Save for Web 13.0 Prefs 2013-01-23 20:43 - 2013-01-23 20:43 - 0017408 _____ () C:\Users\Frazier\AppData\Local\WebpageIcons.db 2013-09-18 20:08 - 2013-09-18 20:08 - 0000057 _____ () C:\ProgramData\Ament.ini Some files in TEMP: ==================== 2017-03-28 15:01 - 2017-03-28 15:01 - 13414504 _____ (Reimage) C:\Users\Frazier\AppData\Local\Temp\ReimagePackage.exe 2017-03-28 14:57 - 2017-03-28 14:57 - 12713704 _____ (Learnpulse) C:\Users\Frazier\AppData\Local\Temp\ScreenpressoUpd.exe 2016-08-16 03:48 - 2016-08-16 03:48 - 0488960 _____ () C:\Users\Frazier\AppData\Local\Temp\sqlite3.exe 2006-10-30 13:10 - 2006-10-30 13:10 - 0455600 ____R (Macrovision Corporation) C:\Users\Frazier\AppData\Local\Temp\_isE5E5.exe 2006-05-22 21:10 - 2006-05-22 21:10 - 0455600 ____R (Macrovision Corporation) C:\Users\Frazier\AppData\Local\Temp\_isFA7E.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed ==================== BCD ================================ Windows Boot Manager -------------------- identifier {bootmgr} device partition=\Device\HarddiskVolume1 description Windows Boot Manager locale en-US inherit {globalsettings} default {current} resumeobject {161d710c-0fbe-11e1-b5d7-c0a0040be296} displayorder {current} toolsdisplayorder {memdiag} timeout 30 displaybootmenu No Windows Boot Loader ------------------- identifier {current} device partition=C: path \Windows\system32\winload.exe description Windows 7 locale en-US inherit {bootloadersettings} recoverysequence {161d710e-0fbe-11e1-b5d7-c0a0040be296} recoveryenabled No osdevice partition=C: systemroot \Windows resumeobject {161d710c-0fbe-11e1-b5d7-c0a0040be296} nx OptIn bootstatuspolicy IgnoreAllFailures hypervisorlaunchtype Off Windows Boot Loader ------------------- identifier {161d710e-0fbe-11e1-b5d7-c0a0040be296} device ramdisk=[C:]\Recovery\161d710e-0fbe-11e1-b5d7-c0a0040be296\Winre.wim,{161d710f-0fbe-11e1-b5d7-c0a0040be296} path \windows\system32\winload.exe description Windows Recovery Environment inherit {bootloadersettings} osdevice ramdisk=[C:]\Recovery\161d710e-0fbe-11e1-b5d7-c0a0040be296\Winre.wim,{161d710f-0fbe-11e1-b5d7-c0a0040be296} systemroot \windows nx OptIn winpe Yes Resume from Hibernate --------------------- identifier {161d710c-0fbe-11e1-b5d7-c0a0040be296} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale en-US inherit {resumeloadersettings} filedevice partition=C: filepath \hiberfil.sys debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=\Device\HarddiskVolume1 path \boot\memtest.exe description Windows Memory Diagnostic locale en-US inherit {globalsettings} badmemoryaccess Yes EMS Settings ------------ identifier {emssettings} bootems Yes Debugger Settings ----------------- identifier {dbgsettings} debugtype Serial debugport 1 baudrate 115200 RAM Defects ----------- identifier {badmemory} Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisor Settings ------------------- identifier {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} Device options -------------- identifier {161d710f-0fbe-11e1-b5d7-c0a0040be296} description Ramdisk Options ramdisksdidevice partition=C: ramdisksdipath \Recovery\161d710e-0fbe-11e1-b5d7-c0a0040be296\boot.sdi LastRegBack: 2017-03-26 12:14 ==================== End of FRST.txt ============================