Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Intermittent wifi issues and slow computer

Started by SumMom , Jul 04 2018 08:41 AM

Please log in to reply

#31
SumMom

Posted 11 July 2018 - 03:04 PM

Member

Topic Starter
Member
69 posts

Thanks Ron!

Very frustrating day. Internet access is very slow. Booted the modem and router. No change. Printer isn't working consistently probably due to network burps. Ran diagnostics. "The DNS server is not responding", but then it was fine and nothing was diagnosed. Chrome was being crazy. Every time I opened it, instead of getting the tabs I have set up, I get the old ones and new ones over and over again. I uninstalled Chrome and reinstalled. Was better, but now showing symptoms again.

To your questions:

If you pause it does the PC gat faster? Not really, but I now have it on schedule to back up at 10pm daily.

Won't hurt to do chkdsk: Done. No big smiles yet.

I'm puzzled by your reg query and search file results. You have two of the aoddriver2.sys files but the newest one is not being used. Instead it's pointing at the older version. On mine (which has a newer version) it points to the same location as yours but I have the newer file there. Let's try replacing the old file with the new one.

Ran FRST and pressed Fix:

Fix result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018

Ran by Owner (11-07-2018 15:42:00) Run:1

Running from C:\Users\Owner\Desktop

Loaded Profiles: Owner (Available Profiles: Owner & Administrator)

Boot Mode: Normal

==============================================

fixlist content:

*****************

Replace: C:\Program Files\AMD\ATI.ACE\Fuel\amd64\aoddriver2.sys C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys

CMD: sc start AODDriver4.2

CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"

___

Booted

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018

Ran by Owner (11-07-2018 15:58:39)

Running from C:\Users\Owner\Desktop

Windows 10 Home Version 1803 17134.137 (X64) (2018-07-09 01:28:49)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3571816096-2060556278-31395193-500 - Administrator - Disabled) => C:\Users\Administrator

DefaultAccount (S-1-5-21-3571816096-2060556278-31395193-503 - Limited - Disabled)

Guest (S-1-5-21-3571816096-2060556278-31395193-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-3571816096-2060556278-31395193-1004 - Limited - Enabled)

mari__000 (S-1-5-21-3571816096-2060556278-31395193-1006 - Administrator - Enabled)

Owner (S-1-5-21-3571816096-2060556278-31395193-1002 - Administrator - Enabled) => C:\Users\Owner

rwilb_000 (S-1-5-21-3571816096-2060556278-31395193-1005 - Administrator - Enabled)

WDAGUtilityAccount (S-1-5-21-3571816096-2060556278-31395193-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems Incorporated)

Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)

Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.0 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)

AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)

AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)

Apple Application Support (32-bit) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)

Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Carbonite (HKLM-x32\...\{ADD4D4D2-4489-43A7-A141-7EDF2C5FB68E}) (Version: 6.3.3 build 7602 (Feb-02-2018) - Carbonite)

Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)

CPUID CPU-Z 1.85 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.85 - CPUID, Inc.)

Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)

CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.)

CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.6.5011 - CyberLink Corp.)

D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden

Dragon NaturallySpeaking 12 (HKLM-x32\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.00.100 - Nuance Communications Inc.)

Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)

ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)

Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden

Hewlett-Packard ACLM.NET v1.2.1.1 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden

HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)

HP Documentation (HKLM-x32\...\{A64DC543-B6C3-4745-AAD6-AC9F1B765BCF}) (Version: 1.2.0.0 - Hewlett-Packard)

HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)

HP MyRoom (HKLM-x32\...\{2C839F0F-5494-454D-9980-A14C5C5EB3EF}) (Version: 10.4.0168 - Hewlett-Packard)

HP PC Hardware Diagnostics Windows (HKLM-x32\...\{BD2CDEAF-8D83-4553-A3B3-8B614CC6C96E}) (Version: 1.1.0.0 - HP Inc)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)

HP Photosmart 7520 series Basic Device Software (HKLM\...\{27ABA988-D480-4F44-B0FD-45E5656D2CFE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Photosmart 7520 series Help (HKLM-x32\...\{08295D09-E002-48F8-905D-34E4B08509BA}) (Version: 28.0.0 - Hewlett Packard)

HP Photosmart 7520 series Product Improvement Study (HKLM\...\{16B872EE-C458-41BD-BEAE-52758A3F3168}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)

HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.6.18.11 - Hewlett-Packard Company)

HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.9.24.3 - Hewlett-Packard Company)

HP System Event Utility (HKLM-x32\...\{6B1ECC61-B581-400D-BFAF-101B1AAEA5AB}) (Version: 1.4.7 - Hewlett-Packard Company)

HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)

HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)

HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden

iCloud (HKLM\...\{C8127F91-0244-4FF0-8014-0C432E15E09D}) (Version: 7.5.0.34 - Apple Inc.)

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)

iTunes (HKLM\...\{BE065D5C-5EB5-4F39-A112-32897C297935}) (Version: 12.7.5.9 - Apple Inc.)

LatencyMon 6.70 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)

Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)

Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.5041.1001 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

NirSoft ShellExView (HKLM-x32\...\NirSoft ShellExView) (Version: - )

OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)

Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden

PSTViewer Pro 7 (HKLM\...\{B515BC8D-408D-4CF5-AC6C-9B1E0E0F0DDF}) (Version: 7.5.460.0 - Encryptomatic, LLC)

QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)

Ralink Bluetooth Stack64 (HKLM\...\{307AA214-8490-9119-DA81-C8E875AD1C94}) (Version: 11.0.737.5 - Mediatek)

Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)

Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)

SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )

swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation)

UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden

Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)

ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)

ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)

ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)

ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)

ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)

ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-07] (AVAST Software)

ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)

ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)

ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)

ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)

ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)

ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)

ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-07] (AVAST Software)

ContextMenuHandlers1: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)

ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)

ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-05-23] (Apple Inc.)

ContextMenuHandlers2: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)

ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-07] (AVAST Software)

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)

ContextMenuHandlers4: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2018-02-02] (Carbonite, Inc.)

ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)

ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc.)

ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)

ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-07] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {044350E6-C3C5-4CED-8E81-E108D50431F3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)

Task: {085870AA-6BAE-45B7-88ED-334ACA819686} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)

Task: {0E187970-92E9-4845-A603-7BA6F471A31F} - System32\Tasks\HP AR Program Upload - cd662528bad74f0292fc12464c7f590c95db0a604934478da499cbe1489bfc24 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {10AE2ED3-1B20-4805-A65D-7D421CA08CC6} - System32\Tasks\HP AR Program Upload - 13b048195d264b5fb015dcb5688a0bf990b19bbb1e4241188313634cf36ebf65 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {177467AE-55D0-41B9-B9F7-47AF0E868074} - System32\Tasks\HP AR Program Upload - 20ed4d4523514baaba4a379532fad29c25009e0232454e64a64bfc0931fdb127 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {1B9E9F96-542C-47C4-BDFF-9F31231CB1DF} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => Powershell -noexit -command "&{$carbProgramDataPath = $env:ProgramData + '\Carbonite\Carbonite Backup\';$upgradeExe = 'CarboniteUpgrade.exe';$upgradeFullPath = $carbProgramDataPath + $upgradeExe;$logFile = 'CarboniteUpgrade.log';$logFileFullPath = $carbProgramDataPath + $logFile;$psversion = [string]$psversio (the data entry has 1818 more characters).

Task: {3495BB16-2E14-4DAC-AB62-655B3B0BA71B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2018-05-23] (Apple Inc.)

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe

Task: {36213528-338C-4470-B040-6C6A0FDC8D55} - System32\Tasks\HP AR Program Upload - e041d3ba528447cd8a3844a84947d474a1fe7e4ca863435ca58430f52790766e => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {36D9A5E8-1F70-49A4-8B08-08037022370D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-29] (Microsoft Corporation)

Task: {400F66B8-07BE-4DB3-BC52-BA839403206F} - System32\Tasks\AdobeAAMUpdater-1.0-PC-Owner => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-08-27] (Adobe Systems Incorporated)

Task: {43A37047-D17B-481E-8379-4BDE10AB52FE} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe

Task: {48F3CA6F-826F-4888-B2C1-33EAD7E7DF3E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-01] (Google Inc.)

Task: {4F6EF9E0-DAE6-4851-A4A3-0266415CDACB} - System32\Tasks\HPCeeScheduleForOwner => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)

Task: {550D2824-4CA8-40C3-85AA-B97123F2621D} - System32\Tasks\HPCustParticipation HP Photosmart 7520 series => C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)

Task: {5817C11C-86B3-4C1F-871A-86A39564403E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-07-07] (AVAST Software)

Task: {5AF5D8A6-BB01-4809-A80D-35BF4E651DDF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-29] (Microsoft Corporation)

Task: {5B8AB74A-2B49-4B48-BC4F-7D19FBE93555} - System32\Tasks\HP AR Program Upload - 54e913671e304774bb065d953d8785201a8e6e5732094e1d93d2575b01c6f336 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {5C43B687-2B29-424F-931C-843259C0FE8A} - System32\Tasks\HP AR Program Upload - 6cbae8e051084ba4901ec4d9d7ec410b7452d3c81fe24303b4468b1b176103fe => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {61BCC6F0-1C1F-4916-8202-6D49B8DB1B8C} - System32\Tasks\HP AR Program Upload - d520a4fe92ff45c5b7400be608664b4dbc44d3556d914fc28e24b6c8d18faea5 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()

Task: {66D5B3F6-BE8F-4974-AE40-6C4BF5CEEC6C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-06-12] (Microsoft Corporation)

Task: {66F1E160-B411-48FD-ADED-FFD1EFEBE882} - System32\Tasks\HP AR Program Upload - 59efb5f037674031b411c4abdc22dbabfc064db05304497a8144a2de34945686 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {68409B33-DABC-4696-B6CB-62576828BAE9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-06-27] (HP Inc.)

Task: {6B57DBC6-BCAC-4E1A-A658-9A6E99E7CFD2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)

Task: {736121B3-183E-452A-BC9C-8681AB220B09} - System32\Tasks\HP AR Program Upload - d3b4ac90ff1641e3a105836f88570e3038466b74f0ea490fbae29202b9f29ff6 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {7A88A5CF-A084-4356-9477-79ECF5C5D823} - System32\Tasks\HP AR Program Upload - ae42614dad434ccfb23d43e802ad066f34eb2bd3afec47b5a2ecf6513f105e7f => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {7E634445-1972-4713-8AD9-62C341B39542} - System32\Tasks\HP AR Program Upload - a69930d82c9c49c592a14a8213aec954705e24a9f8064e95a918baeb82840aff => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {81113475-3698-49CD-B799-5ED7F9FD85D7} - System32\Tasks\HP AR Program Upload - bda91eab68504b46a4567215c6dfc6d041f3c17eba4d49d39020975a73a92bf2 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {827104DF-5CD3-41FE-BF14-DE784E404802} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)

Task: {82967426-2E44-4132-A32D-1E808A3639D9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-06] (AVAST Software)

Task: {839DD036-FCB9-42E0-AC65-F6F9F81033F0} - System32\Tasks\HP AR Program Upload - 23b4b9df709e4eb7a03669f2d3e6d9c3968db8bb0a364ce8ac8c72758fea4a6e => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {87590BD9-1A74-4549-826D-7BAE682EA7C4} - System32\Tasks\HP AR Program Upload - 3302f8c4da98408f9de824303d72f7e8ecaa8997014c430ab5febfcd754d1ec8 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {891034CC-A26D-453A-93E2-C1C12576F7CB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-09] (Adobe Systems Incorporated)

Task: {8BDA85CB-8CA8-4674-A3D0-E5E8175D47B2} - System32\Tasks\HP AR Program Upload - b60302ff0fd149c3b28a5599a1d0d2ac522aab96f53946c1b0283e24fbc072bd => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {90F02EDA-B3E2-4F92-BCEF-6A0BEF528E56} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2017-08-18] (Synaptics Incorporated)

Task: {934D048D-6A77-439E-BAB6-CF200D9E9EE9} - System32\Tasks\HP AR Program Upload - d237079b094e40d5b92c2a7a186b1ae878c9d48866ac41e785a85267ca21038b => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {93EF3557-8EEB-4F1F-9657-C4E583490EDB} - System32\Tasks\HP AR Program Upload - cc5fe602b0454df298e9f2213c70f5915cedda117e3e4b0ea206214d67c464a8 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {94C66E5B-F752-4DDF-B70F-A8B44ACF4981} - System32\Tasks\HP AR Program Upload - 7a620f6a9e794ac4935f1bd437f9a7568627dc9a7981485cb22ce992afa6a70b => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {958BB90D-CE00-47B2-807C-4E980390CCA6} - System32\Tasks\HP AR Program Upload - c4522da8b5b643d8ae5242a4d41af0140023c55c804c4c5c956057afdacf9d56 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {96C81D51-D447-4500-8994-980C0C3A727F} - System32\Tasks\HP AR Program Upload - 04c32abb928e41d58951629e32c48e15a9b744708e4048439af7a9b6f3b1a21f => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {9A52E4A7-2C5B-45BC-9E9A-8463D7316092} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK

Task: {9E24DEB6-D146-43D5-A951-971D3C33503C} - System32\Tasks\HP AR Program Upload - 3575c51157384e2d8ce2c98e4f3828e4836b0231d51c493ba822ab8c186ffbca => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {A6CD674D-E253-4A8B-B67E-F8BD6074E621} - System32\Tasks\HP AR Program Upload - 95a0f5c3e17a43178792f2d4fd896425c9b7170f30bd4833ad85df257c454e0d => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {A708FEFA-B10A-48BC-A597-BC8AD1A6226D} - System32\Tasks\HP AR Program Upload - 88cc1119b3b5443ba7c463ff649a914dfa3022a442f149619cfeca508af1b7db => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {AA9646CB-519F-4CF0-BB80-C881C88B72B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)

Task: {AEDA639D-00B6-4EFF-9BDE-C796EC7A44D5} - System32\Tasks\HP AR Program Upload - 60b9449260e84595a093000ee04f48dc42803145a44e44549b09086fdf283130 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {BD82E335-26E4-421E-BDBB-CC21E1414541} - System32\Tasks\HP AR Program Upload - d630fbb24d2e4b58828058b993cfddb084940f9ba3dc42edb773fd41bc9add95 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {BE06E552-7606-40C2-A537-E51E43287E11} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)

Task: {BFCCCE98-5B63-49C8-8BCA-31CE483EDADA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)

Task: {C8B4D475-2A8D-4B01-8E2F-8794CC4434F1} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-22] ()

Task: {C9EAF3AD-E02B-4205-8FF7-42AA419D76DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-29] (Microsoft Corporation)

Task: {CAF5EB68-236D-4AEA-9DE0-FFFDA880E3F3} - System32\Tasks\HP AR Program Upload - 47af6eb2eb55495ea77bf8d7240bdb802bb1319547d240f684d2261ca10577c3 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {CF6A0242-24C3-4D56-9504-35C88A271C4F} - System32\Tasks\HP AR Program Upload - 27e16fb787014adb989b3b6d3ae895d9ca3fb2e99092439a83ced62f18f59f1d => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {D262BC84-89BB-477C-9794-A8EE4748EF23} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-29] (Microsoft Corporation)

Task: {D68DC9B7-9724-48D6-AFFA-F326B3CB4C50} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-01] (Google Inc.)

Task: {D8015EC6-FC86-434B-A369-7D10D676B2F4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-09] (Adobe Systems Incorporated)

Task: {D9AA527F-7F7F-4E2C-92DC-D6F0D031C8BC} - System32\Tasks\HP AR Program Upload - 157c157312034a29b55b03fdf0e7a42f5849161fad3940c18ac3edc072ba8db7 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {E324B319-B289-405C-87F3-7A4F92659AA8} - System32\Tasks\HP AR Program Upload - 82cbb129e1d4435cb8f43ac75d80fc026037922f70a14a3eaae9b1fc51a5df84 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {E6AB8001-0B5B-49CC-93E6-D26EE67964D4} - \Optimize Start Menu Cache Files-S-1-5-21-3571816096-2060556278-31395193-1002 -> No File <==== ATTENTION

Task: {E8F05230-863A-4482-9B69-B54C526DE88E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)

Task: {F86DD61A-78CA-4A0D-A3BB-98C4A359859E} - System32\Tasks\HP AR Program Upload - 9dff23a5152d4eff91c964a9ac6f6adbb4ff3d7ea8ad4acb9c824bd72ea89781 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {F8AAB4A0-F4C8-487C-A15D-751AC942F116} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)

Task: {FB0405CE-1534-4DEA-B5F6-8822D36939F2} - System32\Tasks\HP AR Program Upload - 05043a01f62c4db8ac8ef14dd94e6d096f6a2ff3485e42539b3d7369458b29b4 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

Task: {FE44855B-8408-4395-B8D7-8DB8875960A4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

Task: {FE8A1AD1-2C74-44EF-BDCF-86BAB3EAF9B2} - System32\Tasks\HP AR Program Upload - 5dbd5b0315a34311b8639bddbaba717c86cf94835bb34f0e9f10d544291b21d3 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

Task: C:\WINDOWS\Tasks\HPCeeScheduleForOwner.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2018-04-11 18:34 - 2018-04-11 18:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll

2014-07-05 00:33 - 2014-07-05 00:33 - 000127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll

2017-11-30 19:54 - 2017-11-30 19:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2018-05-15 18:58 - 2018-05-15 18:58 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2015-08-04 08:24 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll

2017-03-23 19:17 - 2017-01-31 07:34 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll

2018-04-11 18:34 - 2018-04-11 18:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll

2018-04-11 18:34 - 2018-04-11 18:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2018-07-11 12:23 - 2018-06-22 14:15 - 002663768 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\swiftshader\libglesv2.dll

2018-07-11 12:23 - 2018-06-22 14:15 - 000128856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\swiftshader\libegl.dll

2015-08-04 00:25 - 2015-08-04 00:25 - 000102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll

2018-05-15 18:59 - 2018-05-15 18:59 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2018-05-15 18:59 - 2018-05-15 18:59 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll

2017-11-30 19:55 - 2017-11-30 19:55 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2018-07-07 11:26 - 2018-07-07 11:26 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2018-07-07 11:25 - 2018-07-07 11:25 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll

2018-07-07 11:25 - 2018-07-07 11:25 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll

2018-07-11 15:48 - 2018-07-11 15:48 - 000098816 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\win32api.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000110080 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\pywintypes27.dll

2018-07-11 15:48 - 2018-07-11 15:48 - 000364544 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\pythoncom27.dll

2018-07-11 15:48 - 2018-07-11 15:48 - 000320512 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\win32com.shell.shell.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000914432 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\_hashlib.pyd

2018-07-11 15:49 - 2018-07-11 15:49 - 001176576 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\wx._core_.pyd

2018-07-11 15:49 - 2018-07-11 15:49 - 000806400 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\wx._gdi_.pyd

2018-07-11 15:49 - 2018-07-11 15:49 - 000816128 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\wx._windows_.pyd

2018-07-11 15:49 - 2018-07-11 15:49 - 001067008 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\wx._controls_.pyd

2018-07-11 15:49 - 2018-07-11 15:49 - 000733184 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\wx._misc_.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000682496 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\pysqlite2._sqlite.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000088064 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\_ctypes.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000686080 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\unicodedata.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000119808 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\win32file.pyd

2018-07-11 15:49 - 2018-07-11 15:49 - 000108544 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\win32security.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000007168 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\hashobjs_ext.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000017920 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\thumbnails_ext.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000088064 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\usb_ext.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000012800 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\common.time34.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000018432 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\win32event.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000167936 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\win32gui.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000046080 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\_socket.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 001303552 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\_ssl.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000128512 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\_elementtree.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000127488 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\pyexpat.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000038912 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\win32inet.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000036864 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\_psutil_windows.pyd

2018-07-11 15:49 - 2018-07-11 15:49 - 000525208 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\windows._lib_cacheinvalidation.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000011264 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\win32crypt.pyd

2018-07-11 15:49 - 2018-07-11 15:49 - 000123392 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\wx._wizard.pyd

2018-07-11 15:49 - 2018-07-11 15:49 - 000077312 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\wx._html2.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000027648 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\_multiprocessing.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000020480 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\_yappi.pyd

2018-07-11 15:49 - 2018-07-11 15:49 - 000035840 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\win32process.pyd

2018-07-11 15:49 - 2018-07-11 15:49 - 000078848 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\wx._animate.pyd

2018-07-11 15:49 - 2018-07-11 15:49 - 000024064 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\win32pipe.pyd

2018-07-11 15:48 - 2018-07-11 15:48 - 000010240 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\select.pyd

2018-07-11 15:49 - 2018-07-11 15:49 - 000025600 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\win32pdh.pyd

2018-07-11 15:49 - 2018-07-11 15:49 - 000017408 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\win32profile.pyd

2018-07-11 15:49 - 2018-07-11 15:49 - 000022528 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI69802\win32ts.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8 [132]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:25 - 2018-07-11 12:06 - 000475752 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

0.0.0.0 fr.a2dfp.net

0.0.0.0 m.fr.a2dfp.net

0.0.0.0 mfr.a2dfp.net

0.0.0.0 ad.a8.net

0.0.0.0 asy.a8ww.net

0.0.0.0 static.a-ads.com

0.0.0.0 abcstats.com

0.0.0.0 a.abv.bg

0.0.0.0 adserver.abv.bg

0.0.0.0 adv.abv.bg

0.0.0.0 bimg.abv.bg

0.0.0.0 ca.abv.bg

0.0.0.0 track.acclaimnetwork.com

0.0.0.0 accuserveadsystem.com

0.0.0.0 www.accuserveadsystem.com

0.0.0.0 achmedia.com

0.0.0.0 csh.actiondesk.com

0.0.0.0 ads.activepower.net

0.0.0.0 ad.activesolutions.cz

0.0.0.0 app.activetrail.com

0.0.0.0 traffic.acwebconnecting.com

0.0.0.0 office.ad1.ru

0.0.0.0 cms.ad2click.nl

0.0.0.0 ad2games.com

0.0.0.0 content.ad20.net

0.0.0.0 core.ad20.net

0.0.0.0 banner.ad.nu

0.0.0.0 adadvisor.net

0.0.0.0 wad.adbasket.net

There are 12587 more lines.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg

DNS Servers: 192.168.1.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "iTunesHelper"

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\StartupApproved\Run: => "rUpdater agent"

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\StartupApproved\Run: => "HP Photosmart 7520 series (NET)"

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C59DABB1-D9E6-4DF4-A294-E81D391E92A5}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

FirewallRules: [{5E30AD18-8EAA-4BF8-8BFF-EAC022BF4B12}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

FirewallRules: [{DF13A479-CB9C-4BAC-926D-E2D8F9E4540A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe

FirewallRules: [{A39E471C-69E2-4450-A4A7-3D2F22335499}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe

FirewallRules: [{3EE068E8-FB6F-4C4A-BBAE-83D88ADD8BDF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe

FirewallRules: [{A7ECA197-A1F1-4BD9-A900-492A5589F2A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe

FirewallRules: [{1083BED6-5058-430C-9743-33BBE94B539C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe

FirewallRules: [{D3FA597B-101F-4007-A590-8FEF4EB0D2CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe

FirewallRules: [{42457AA8-D3F7-4A76-B462-BAE2E0DBC77C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe

FirewallRules: [{B5DDBEA5-9C2A-4448-8C0D-DDA67D3193FA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe

FirewallRules: [{602656AC-A642-41ED-B5FA-75FF3895D696}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe

FirewallRules: [{15C5240F-C70C-4E1A-B2F9-CC8F7E52E2F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe

FirewallRules: [{40DB4255-C9ED-48C3-A7A8-6545E91223CB}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

FirewallRules: [{3EE36798-7D0C-4A43-B25F-ED27FC599234}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

FirewallRules: [{7E7E7E65-2F44-476A-A2BE-E9626193EA5B}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [UDP Query User{25BB462A-3926-42E9-9008-C5EA57BF69D3}C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe] => (Allow) C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe

FirewallRules: [TCP Query User{518D0F4D-1C6D-4C62-B7D6-542DCE8E38AB}C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe] => (Allow) C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe

FirewallRules: [{6BED2BA7-7EE0-421F-819D-168785BCBB23}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS18D5\HPDiagnosticCoreUI.exe

FirewallRules: [{F67360EC-D1B4-4492-BF95-126FB166C09A}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS18D5\HPDiagnosticCoreUI.exe

FirewallRules: [{00C14A15-BA90-42E0-90AF-F6501B2B34CE}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe

FirewallRules: [{6121C2E9-D55E-4AEA-8056-FCF01E4A60E4}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe

FirewallRules: [{2DDFEF7C-4252-47A7-A850-7F6DE7AAE8A2}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe

FirewallRules: [{CE704780-EA55-45B5-863D-329DC98C67BA}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe

FirewallRules: [{74F795BD-037C-42F3-81DB-B9123E5D8BA2}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe

FirewallRules: [{97A3064E-8034-4672-A47B-89428E45EB41}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe

FirewallRules: [{B0B82F4E-742A-4039-A581-3BBAAD3A109A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe

FirewallRules: [{FAD139DC-3C20-46A0-B0FA-79B788C4D521}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe

FirewallRules: [{87BFF0F6-3908-45E2-B21B-1F8B5D09ACB4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe

FirewallRules: [{9C6496B5-B155-48B3-A5DC-71ED669DDD17}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe

FirewallRules: [{83923E4A-E76D-417E-B862-9020CFB46E4E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe

FirewallRules: [{351EF3AF-88D8-482E-945B-25FF2832EE88}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe

FirewallRules: [{D638B2EF-CC5C-4538-B716-EAA5B4743DF3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe

FirewallRules: [{A7CA6AA7-4AEF-416D-AB9E-30E35D196984}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe

FirewallRules: [{BD15BCC9-A39B-4AD8-895C-72C83C45273D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe

FirewallRules: [{D5259FD3-0338-4BE1-B6CD-8CC43E6C1E6F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe

FirewallRules: [{8D0072BD-E00E-45AF-BB20-C494CC61DCAB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE

FirewallRules: [{4B9F8D77-C991-4DC1-B527-A69887EC7768}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe

FirewallRules: [{F1599A5B-1DAA-4C18-A357-CD55FBC5E13F}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe

FirewallRules: [{396330BB-5710-41EF-A8BA-23CE2FADD2A9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{7A1165C8-33B0-45CC-B0BD-67A27987A24A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{ACA4B57B-91B6-4C55-B263-5CB0F0513E44}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{7779F5EA-1A36-4D36-B05D-EF490367065A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{2CC95ACD-940D-4E6A-9710-2E0E68460B8B}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe

FirewallRules: [{84FB5B07-15B4-4B51-BC03-4B3BE4AFA0D9}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe

FirewallRules: [{35EA0C09-0C1A-4D45-920C-28EAC803655A}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe

FirewallRules: [{E7AD625E-BF54-4F83-ABC3-705FE22BF357}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe

FirewallRules: [{FE25341A-3A39-4AD8-8479-68329B3176D0}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe

FirewallRules: [{C9E34CCC-7F9B-4D57-88BA-2C4232D6C9FF}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe

FirewallRules: [{D558E438-88B2-4F22-842A-A4D153B87271}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

FirewallRules: [{347CEAF3-405C-475C-86AD-B20989C9B73E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe

FirewallRules: [{7C3927CE-AB1F-4BCF-8442-1058D560C8C3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe

FirewallRules: [{634BCF34-41D8-4812-9210-DA02A9C518A1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe

FirewallRules: [{55E88299-1570-4F2A-BC9A-DE240029A836}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe

FirewallRules: [{45AF73DB-CD3D-4F03-8EF9-049243F17417}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe

FirewallRules: [{00746B45-66F9-4130-9C7B-7A7A54A70541}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe

FirewallRules: [{9134EBE7-9E0F-40DE-BB1B-2CCA814DDD34}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe

FirewallRules: [{F92DAB55-2100-4496-B092-7E35940BFF7B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe

FirewallRules: [{51C4E45A-C5B3-4317-93B6-2665A00761F2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{79DCA3DD-4808-443E-BFB4-44676B141AC5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{07811608-DE1B-41AB-809C-6947EBE250FC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{97FA3EA0-087C-417B-A5C6-B3921B71BD78}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{85069B8E-3B43-4C5C-8590-AFC4E70CC0BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid32.exe

FirewallRules: [{D5670B83-EC57-4AB4-81A7-6AAFEF693881}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid32.exe

FirewallRules: [{9036D1A4-7A6A-4072-8CCC-DEB98F6E11FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe

FirewallRules: [{C75FE225-25C9-4498-B13D-E528F0E138D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe

FirewallRules: [{921CE967-0573-4D10-AAA0-300AFB330F3E}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtuser.exe

FirewallRules: [{A78FD93C-B533-401E-823E-2461329B8FE1}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtuser.exe

FirewallRules: [{0965F846-D44F-4F7D-B066-5877018DE037}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe

FirewallRules: [{E1DF5F8A-6CE9-4C46-8D8F-68EEDB4A2D6F}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe

FirewallRules: [{A841F4B1-5F9E-4474-A2D0-95352830D027}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe

FirewallRules: [{C6475F0E-5D77-4B16-97C6-587DA739B3FD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe

FirewallRules: [{4968CAF8-E343-4C59-9CA7-2A3471C5E885}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe

FirewallRules: [{98DA7191-3F2A-47F7-8BA3-C7DCABB2E231}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe

FirewallRules: [{AAAD9B1F-46F0-443B-A64C-9D661F2551C3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe

FirewallRules: [{E4B674E1-82E2-46E4-A221-9919620027C7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{DF95C8D4-A149-4209-AC3E-15C8C92565A1}] => (Allow) LPort=2869

FirewallRules: [{5A0F632A-07F3-47FE-9D97-F6AF0B12BFFE}] => (Allow) LPort=1900

FirewallRules: [TCP Query User{71AC7401-346A-45C3-B98B-D550DC856710}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe

FirewallRules: [UDP Query User{A2AF0334-2FCF-4785-8A0B-C9CF15103A60}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe

FirewallRules: [{D9F0CD80-DBDF-4F1D-999F-D27C39E72091}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{BCB20815-7187-40E4-93FD-33F9652EC2B4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{532A1504-1CD6-4EB1-9D88-832CBD4B5C61}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{0E3C8F37-B259-467D-9705-8B028BE6EC29}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [TCP Query User{A27AC6B7-9386-4046-A5FC-CA4E784E252C}C:\users\owner\appdata\local\temp\7zs46a4\enterprisedu.exe] => (Allow) C:\users\owner\appdata\local\temp\7zs46a4\enterprisedu.exe

FirewallRules: [UDP Query User{17E70F61-2A90-4038-99C1-E3E301908547}C:\users\owner\appdata\local\temp\7zs46a4\enterprisedu.exe] => (Allow) C:\users\owner\appdata\local\temp\7zs46a4\enterprisedu.exe

FirewallRules: [{DA255DC9-2407-4C72-A10A-6EE58EF0F48E}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS4E94\HPDiagnosticCoreUI.exe

FirewallRules: [{C19CD7DF-1589-44A7-81AA-93A1AB02F7AC}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS4E94\HPDiagnosticCoreUI.exe

FirewallRules: [{EE26E174-F3C5-49ED-AF96-4375BFCDBECD}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS4F10\HPDiagnosticCoreUI.exe

FirewallRules: [{800C00E8-0043-4285-912D-0520878E7EC6}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS4F10\HPDiagnosticCoreUI.exe

FirewallRules: [{18E10B91-7357-48E0-9BEE-0ABBF4D0DDF1}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS05FF\HPDiagnosticCoreUI.exe

FirewallRules: [{31DF2E4F-9E8E-47E5-9D91-A52BA735A296}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS05FF\HPDiagnosticCoreUI.exe

FirewallRules: [{957EB282-E084-47CC-B39B-80D364889A03}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS47A6\HPDiagnosticCoreUI.exe

FirewallRules: [{300DA682-686B-463F-8588-B8A412BB71A1}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS47A6\HPDiagnosticCoreUI.exe

FirewallRules: [{F2BB004C-5B84-479B-8369-CCAF95A19623}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS2A62\HPDiagnosticCoreUI.exe

FirewallRules: [{D1CC354E-D6A5-4079-9DA4-3B563E7D9575}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS2A62\HPDiagnosticCoreUI.exe

FirewallRules: [{FB992C17-D058-4DD3-A5AD-3339C78A723C}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS46D5\HPDiagnosticCoreUI.exe

FirewallRules: [{0FE2E7E4-F32E-4911-8F01-36A810ACFB00}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS46D5\HPDiagnosticCoreUI.exe

FirewallRules: [{55DA8EEB-690B-495A-95A3-B26CA824A927}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS4942\HPDiagnosticCoreUI.exe

FirewallRules: [{88857203-A1FA-4BCA-8BE0-72BCA49B776D}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS4942\HPDiagnosticCoreUI.exe

FirewallRules: [{990D2631-3B2B-444C-8DBB-F1D9570E62D3}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\FaxApplications.exe

FirewallRules: [{B2C5544D-344E-4CAE-B2AD-C3805792486D}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\DigitalWizards.exe

FirewallRules: [{E0E0A570-D893-4779-BFAF-EB53DBAADFF3}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\SendAFax.exe

FirewallRules: [{429639AD-9DE5-472D-AD04-12B0CC70E418}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\DeviceSetup.exe

FirewallRules: [{73AE8A15-EBDB-4066-975D-D371BE7941B7}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe

FirewallRules: [{9DD3C300-69E9-410D-9768-8268DF317099}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe

FirewallRules: [{A8173068-98E1-4B84-B5A2-BF0124A68372}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

FirewallRules: [TCP Query User{382F7EB3-5714-4345-8B1B-F5A202BA5724}C:\users\owner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\owner\appdata\roaming\spotify\spotify.exe

FirewallRules: [UDP Query User{7F34302A-BCF1-4EA2-8C6F-6DA96B634481}C:\users\owner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\owner\appdata\roaming\spotify\spotify.exe

FirewallRules: [{48567314-E293-4B53-93F7-7F2367196B48}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

08-07-2018 22:34:28 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

System errors:

=============

Error: (07/11/2018 03:57:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{D63B10C5-BB46-4990-A94F-E40B9D520160}

and APPID

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/11/2018 03:49:36 PM) (Source: DCOM) (EventID: 10016) (User: PC)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{D63B10C5-BB46-4990-A94F-E40B9D520160}

and APPID

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

to the user PC\Owner SID (S-1-5-21-3571816096-2060556278-31395193-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/11/2018 03:47:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID

Windows.SecurityCenter.WscDataProtection

and APPID

Unavailable

to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/11/2018 03:47:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}

and APPID

{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}

Error: (07/11/2018 03:47:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)

Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}

and APPID

{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}

Error: (07/11/2018 03:46:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The AODDriver4.2.0 service failed to start due to the following error:

The system cannot find the file specified.

==================== Memory info ===========================

Processor: AMD A10-5745M APU with Radeon™ HD Graphics

Percentage of memory in use: 53%

Total physical RAM: 5336.26 MB

Available physical RAM: 2488.8 MB

Total Virtual: 6232.26 MB

Available Virtual: 3426.78 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:667.83 GB) (Free:489.51 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive d: (RECOVERY) (Fixed) (Total:28.33 GB) (Free:2.82 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{d97b525b-7a5d-437e-893c-9c5d4d441855}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.13 GB) NTFS

\\?\Volume{50f53de4-8d16-4edb-b6fc-3dcb950c07ce}\ () (Fixed) (Total:1.7 GB) (Free:1.09 GB) NTFS

\\?\Volume{17aec459-3ed0-4961-bb44-098682a07aaa}\ () (Fixed) (Total:0.25 GB) (Free:0.14 GB) FAT32

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 698.6 GB) (Disk ID: 44766419)

Partition: GPT.

==================== End of Addition.txt ============================

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018

Ran by Owner (administrator) on PC (11-07-2018 15:53:06)

Running from C:\Users\Owner\Desktop

Loaded Profiles: Owner (Available Profiles: Owner & Administrator)

Platform: Windows 10 Home Version 1803 17134.137 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe

(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe

(Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe

(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe

(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\NisSrv.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe

(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe

(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe

(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-07-07] (AVAST Software)

HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-13] (Flexera Software LLC.)

HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2015-09-03] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1278568 2018-02-02] (Carbonite, Inc.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION

Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)

HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)

HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google)

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-05-23] (Apple Inc.)

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2018-05-23] (Apple Inc.)

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-05-23] (Apple Inc.)

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-05-23] (Apple Inc.)

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation)

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [GoogleChromeAutoLaunch_721577D41E77D440C916E2687EBA0267] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1588568 2018-06-22] (Google Inc.)

Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk [2018-07-11]

ShortcutTarget: Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk -> C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

GroupPolicyScripts: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{0c0a2277-4bd3-4e28-bd32-48f83edcc842}: [DhcpNameServer] 172.20.10.1

Tcpip\..\Interfaces\{6d8dd44a-b54f-4d3e-b5b2-28304bfcd113}: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{b8f28657-6e8a-4fed-b22c-341d02a71645}: [DhcpNameServer] 192.168.1.1

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1

HKU\S-1-5-21-3571816096-2060556278-31395193-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1

SearchScopes: HKU\S-1-5-21-3571816096-2060556278-31395193-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-05-27] (Microsoft Corporation)

BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)

BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll => No File

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-27] (Microsoft Corporation)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)

BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)

Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll No File

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll [2013-01-10] (Skype Technologies)

FireFox:

========

FF DefaultProfile: g5a5vmkh.default

FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\g5a5vmkh.default [2018-07-04]

FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi

FF Extension: (Dragon NaturallySpeaking Rich Internet Application Support) - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2012-07-18] [Legacy] [not signed]

FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-04-28] [Legacy] [not signed]

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-02] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

FF Plugin-x32: nuance.com/DragonRIAPlugin -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll [2012-07-18] (Nuance Communications Inc.)

Chrome:

=======

CHR HomePage: Default -> mysearch.avg.com

CHR StartupUrls: Default -> "hxxps://outlook.live.com/owa/?authRedirect=true","hxxps://www.google.com/search?q=delete+printer+queue&oq=delete+printer+queue&aqs=chrome..69i57j69i60l2j69i65j69i60l2.3271j0j7&sourceid=chrome&ie=UTF-8#kpvalbx=1","hxxps://lastpass.com/?&ac=1&lpnorefresh=1&fromwebsite=1&newvault=1&nk=1"

CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default [2018-07-11]

CHR Extension: (Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]

CHR Extension: (Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]

CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-06]

CHR Extension: (Quick Maps) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgbojmobaekecckmomemopckmeipecij [2016-10-06]

CHR Extension: (Cat licking your screen) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bljgfogmfiepjlefknbnfopdoabpldcb [2016-10-06]

CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-06]

CHR Extension: (AVG Secure Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-10-06]

CHR Extension: (Chromebleed) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2016-10-06]

CHR Extension: (Sheets) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]

CHR Extension: (iCloud Bookmarks) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2017-10-13]

CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2018-06-16]

CHR Extension: (Google Docs Offline) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-08]

CHR Extension: (Pinterest Save Button) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-07-03]

CHR Extension: (AmazonSmile 1Button for Chrome) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgenjhkjihnmigcommchefpajjhdmba [2016-10-06]

CHR Extension: (LastPass: Free Password Manager) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-07-03]

CHR Extension: (HP Network Check Launcher) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2017-10-30]

CHR Extension: (Grammarly for Chrome) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-07-11]

CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-10-06]

CHR Extension: (MyPoints Score) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcglgmippekbdbmniknikdgkmnnpdnmh [2018-07-07]

CHR Extension: (Dragon NaturallySpeaking Rich Internet Application Support) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn [2016-10-06]

CHR Extension: (No Name) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2018-07-06]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]

CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-06]

CHR Extension: (Chrome Media Router) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-08]

CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\System Profile [2018-07-08]

CHR HKU\S-1-5-21-3571816096-2060556278-31395193-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx [2012-07-18]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-05] (Advanced Micro Devices, Inc.) [File not signed]

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-07-07] (AVAST Software)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)

R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)

R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2015-09-03] (Hewlett-Packard Development Company, L.P.)

R2 osrss; C:\WINDOWS\system32\osrss.dll [130808 2018-06-08] (Microsoft Corporation)

R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [287752 2015-10-02] (Visicom Media Inc.)

S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()

R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)

R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-06-29] (Microsoft Corporation)

R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-06-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [53760 2017-12-18] (HP)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)

S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)

R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [197160 2018-07-07] (AVAST Software)

S3 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-07-07] (AVAST Software)

R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239680 2018-07-07] (AVAST Software)

S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-07-07] (AVAST Software)

R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159640 2018-07-07] (AVAST Software)

R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111872 2018-07-07] (AVAST Software)

R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-07-07] (AVAST Software)

R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027728 2018-07-07] (AVAST Software)

R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [463080 2018-07-07] (AVAST Software)

R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [211160 2018-07-07] (AVAST Software)

R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381584 2018-07-07] (AVAST Software)

R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-12-07] (Advanced Micro Devices)

R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [39936 2017-12-18] (HP)

R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-07] (REALiX™)

R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2018-04-11] (MediaTek Inc.)

R3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)

R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)

R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [302808 2015-12-07] (Realtek Semiconductor Corp.)

S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Resplendence Software Projects Sp.)

S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-12-07] (Realtek )

R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)

R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [53848 2017-08-18] (Synaptics Incorporated)

S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [33008 2013-04-05] (Synaptics Incorporated)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46592 2018-06-29] (Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-06-29] (Microsoft Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-06-29] (Microsoft Corporation)

R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-11 15:52 - 2018-07-11 15:52 - 000000000 ___HD C:\OneDriveTemp

2018-07-11 15:42 - 2018-07-11 15:44 - 000001460 _____ C:\Users\Owner\Desktop\Fixlog.txt

2018-07-11 15:28 - 2018-07-11 15:28 - 000000080 ___SH C:\bootTel.dat

2018-07-11 15:14 - 2018-07-11 15:51 - 000001716 _____ C:\Users\Owner\Desktop\July 11 1.txt

2018-07-11 12:23 - 2018-07-11 12:23 - 000002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2018-07-11 12:23 - 2018-07-11 12:23 - 000002339 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2018-07-11 11:56 - 2018-07-11 11:56 - 000000000 ____D C:\Users\Owner\AppData\Local\D3DSCache

2018-07-10 18:18 - 2018-07-10 18:18 - 000583411 _____ C:\Users\Owner\Downloads\policy_information.pdf

2018-07-10 17:09 - 2018-07-10 17:50 - 000000650 _____ C:\Users\Owner\Desktop\Search.txt

2018-07-10 16:47 - 2018-07-10 17:50 - 000001103 _____ C:\Users\Owner\Desktop\July 10 3.txt

2018-07-10 13:25 - 2018-07-10 13:37 - 000014128 _____ C:\Users\Owner\Desktop\July 10 2.txt

2018-07-10 12:06 - 2018-07-10 12:06 - 000000000 ____D C:\ProgramData\ATI

2018-07-10 12:04 - 2018-07-10 12:04 - 000000000 ____D C:\Users\Owner\AppData\Local\AppEx Networks

2018-07-10 11:54 - 2018-07-10 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream

2018-07-10 11:53 - 2018-07-10 11:54 - 000000000 ____D C:\Program Files\AMD Quick Stream

2018-07-10 11:53 - 2018-07-10 11:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center

2018-07-10 11:53 - 2015-04-03 01:14 - 000229056 ____N (AppEx Networks Corporation) C:\WINDOWS\system32\Drivers\appexDrv.sys

2018-07-10 11:48 - 2018-07-10 11:50 - 000000000 ____D C:\WINDOWS\LastGood.Tmp

2018-07-10 11:45 - 2018-07-10 11:45 - 000000000 ____D C:\Program Files (x86)\AMD

2018-07-10 11:32 - 2018-07-10 11:35 - 041081896 _____ (AMD Inc.) C:\Users\Owner\Desktop\radeon-software-adrenalin-18.6.1-minimalsetup-180613_web.exe

2018-07-10 11:29 - 2018-07-10 11:29 - 000000000 ____D C:\Users\Owner\AppData\Local\RadeonInstaller

2018-07-10 11:21 - 2013-06-22 09:35 - 000074456 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll

2018-07-10 11:15 - 2018-07-10 11:16 - 005889088 _____ (Hewlett-Packard ) C:\Users\Owner\Desktop\sp63430.exe

2018-07-10 09:52 - 2018-07-10 09:54 - 082424584 _____ C:\Users\Owner\Downloads\PS7520_1315-1.exe

2018-07-10 09:51 - 2018-07-11 11:40 - 000000004 _____ C:\Users\Owner\Desktop\July 10 1.txt

2018-07-09 12:15 - 2018-07-09 12:16 - 000011382 _____ C:\Users\Owner\Desktop\20180709 2.txt

2018-07-09 10:06 - 2018-07-09 10:06 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys

2018-07-09 10:04 - 2018-07-09 10:05 - 027086392 _____ (Adlice Software) C:\Users\Owner\Desktop\RogueKiller_portable64.exe

2018-07-09 10:02 - 2018-07-09 10:03 - 000000000 ____D C:\ProgramData\RogueKiller

2018-07-09 09:35 - 2018-07-10 13:34 - 000013907 _____ C:\Users\Owner\Desktop\Registry.txt

2018-07-09 09:29 - 2018-07-09 09:29 - 000000494 _____ C:\Users\Owner\Desktop\How to Run.txt

2018-07-09 09:09 - 2018-07-09 09:09 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft ShellExView

2018-07-09 09:09 - 2018-07-09 09:09 - 000000000 ____D C:\Program Files (x86)\NirSoft

2018-07-09 09:07 - 2018-07-09 10:41 - 000020303 _____ C:\Users\Owner\Desktop\20180709 1.txt

2018-07-09 09:07 - 2018-07-09 09:07 - 000141568 _____ C:\Users\Owner\Desktop\shexview_setup.exe

2018-07-08 22:41 - 2018-07-08 20:28 - 000000000 ____D C:\Windows.old

2018-07-08 20:32 - 2018-07-08 20:32 - 000000000 ____D C:\ProgramData\Microsoft OneDrive

2018-07-08 20:28 - 2018-07-08 20:28 - 000000020 ___SH C:\Users\Owner\ntuser.ini

2018-07-08 20:26 - 2018-07-11 15:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2018-07-08 20:26 - 2018-07-11 12:14 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update

2018-07-08 20:26 - 2018-07-10 16:03 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

2018-07-08 20:26 - 2018-07-10 11:56 - 000004140 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6C107CDE-C7DB-48E4-A899-F05B4D935BA0}

2018-07-08 20:26 - 2018-07-09 00:10 - 000003230 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForOwner

2018-07-08 20:26 - 2018-07-08 20:28 - 000003640 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier

2018-07-08 20:26 - 2018-07-08 20:28 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 9dff23a5152d4eff91c964a9ac6f6adbb4ff3d7ea8ad4acb9c824bd72ea89781

2018-07-08 20:26 - 2018-07-08 20:28 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 82cbb129e1d4435cb8f43ac75d80fc026037922f70a14a3eaae9b1fc51a5df84

2018-07-08 20:26 - 2018-07-08 20:28 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 5dbd5b0315a34311b8639bddbaba717c86cf94835bb34f0e9f10d544291b21d3

2018-07-08 20:26 - 2018-07-08 20:28 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 27e16fb787014adb989b3b6d3ae895d9ca3fb2e99092439a83ced62f18f59f1d

2018-07-08 20:26 - 2018-07-08 20:28 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 157c157312034a29b55b03fdf0e7a42f5849161fad3940c18ac3edc072ba8db7

2018-07-08 20:26 - 2018-07-08 20:28 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 05043a01f62c4db8ac8ef14dd94e6d096f6a2ff3485e42539b3d7369458b29b4

2018-07-08 20:26 - 2018-07-08 20:27 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2018-07-08 20:26 - 2018-07-08 20:27 - 000003338 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - e041d3ba528447cd8a3844a84947d474a1fe7e4ca863435ca58430f52790766e

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - d630fbb24d2e4b58828058b993cfddb084940f9ba3dc42edb773fd41bc9add95

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - d520a4fe92ff45c5b7400be608664b4dbc44d3556d914fc28e24b6c8d18faea5

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - d3b4ac90ff1641e3a105836f88570e3038466b74f0ea490fbae29202b9f29ff6

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - d237079b094e40d5b92c2a7a186b1ae878c9d48866ac41e785a85267ca21038b

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - cc5fe602b0454df298e9f2213c70f5915cedda117e3e4b0ea206214d67c464a8

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - c4522da8b5b643d8ae5242a4d41af0140023c55c804c4c5c956057afdacf9d56

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - bda91eab68504b46a4567215c6dfc6d041f3c17eba4d49d39020975a73a92bf2

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - b60302ff0fd149c3b28a5599a1d0d2ac522aab96f53946c1b0283e24fbc072bd

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - ae42614dad434ccfb23d43e802ad066f34eb2bd3afec47b5a2ecf6513f105e7f

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - a69930d82c9c49c592a14a8213aec954705e24a9f8064e95a918baeb82840aff

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 95a0f5c3e17a43178792f2d4fd896425c9b7170f30bd4833ad85df257c454e0d

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 88cc1119b3b5443ba7c463ff649a914dfa3022a442f149619cfeca508af1b7db

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 7a620f6a9e794ac4935f1bd437f9a7568627dc9a7981485cb22ce992afa6a70b

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 6cbae8e051084ba4901ec4d9d7ec410b7452d3c81fe24303b4468b1b176103fe

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 60b9449260e84595a093000ee04f48dc42803145a44e44549b09086fdf283130

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 54e913671e304774bb065d953d8785201a8e6e5732094e1d93d2575b01c6f336

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 3575c51157384e2d8ce2c98e4f3828e4836b0231d51c493ba822ab8c186ffbca

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 3302f8c4da98408f9de824303d72f7e8ecaa8997014c430ab5febfcd754d1ec8

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 23b4b9df709e4eb7a03669f2d3e6d9c3968db8bb0a364ce8ac8c72758fea4a6e

2018-07-08 20:26 - 2018-07-08 20:27 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 04c32abb928e41d58951629e32c48e15a9b744708e4048439af7a9b6f3b1a21f

2018-07-08 20:26 - 2018-07-08 20:27 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3571816096-2060556278-31395193-1002

2018-07-08 20:26 - 2018-07-08 20:27 - 000002814 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 59efb5f037674031b411c4abdc22dbabfc064db05304497a8144a2de34945686

2018-07-08 20:26 - 2018-07-08 20:27 - 000002814 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 47af6eb2eb55495ea77bf8d7240bdb802bb1319547d240f684d2261ca10577c3

2018-07-08 20:26 - 2018-07-08 20:27 - 000002804 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-PC-Owner

2018-07-08 20:26 - 2018-07-08 20:27 - 000002750 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Photosmart 7520 series

2018-07-08 20:26 - 2018-07-08 20:27 - 000002700 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics

2018-07-08 20:26 - 2018-07-08 20:27 - 000002646 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask

2018-07-08 20:26 - 2018-07-08 20:26 - 000007584 _____ C:\WINDOWS\System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4}

2018-07-08 20:26 - 2018-07-08 20:26 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2018-07-08 20:26 - 2018-07-08 20:26 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - cd662528bad74f0292fc12464c7f590c95db0a604934478da499cbe1489bfc24

2018-07-08 20:26 - 2018-07-08 20:26 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 20ed4d4523514baaba4a379532fad29c25009e0232454e64a64bfc0931fdb127

2018-07-08 20:26 - 2018-07-08 20:26 - 000003110 _____ C:\WINDOWS\System32\Tasks\HP AR Program Upload - 13b048195d264b5fb015dcb5688a0bf990b19bbb1e4241188313634cf36ebf65

2018-07-08 20:26 - 2018-07-08 20:26 - 000002108 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements

2018-07-08 20:26 - 2018-07-08 20:26 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD

2018-07-08 20:26 - 2018-07-08 20:26 - 000000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard

2018-07-08 20:26 - 2018-07-08 20:26 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software

2018-07-08 20:26 - 2018-07-08 20:26 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple

2018-07-08 20:22 - 2018-07-08 20:26 - 000011433 _____ C:\WINDOWS\diagwrn.xml

2018-07-08 20:22 - 2018-07-08 20:26 - 000011433 _____ C:\WINDOWS\diagerr.xml

2018-07-08 20:07 - 2018-07-09 09:28 - 000931444 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2018-07-08 19:54 - 2018-07-08 19:54 - 000001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2018-07-08 19:50 - 2018-07-08 20:28 - 000000000 ____D C:\Users\Owner

2018-07-08 19:50 - 2018-07-08 20:05 - 000000000 ____D C:\Users\Administrator\Documents\hp.system.package.metadata

2018-07-08 19:50 - 2018-07-08 20:05 - 000000000 ____D C:\Users\Administrator

2018-07-08 19:50 - 2018-07-08 19:52 - 000000000 ____D C:\Users\Owner\AppData\Roaming\hpqLog

2018-07-08 19:50 - 2018-07-08 19:52 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Hewlett-Packard

2018-07-08 19:50 - 2018-07-08 19:51 - 000000000 ____D C:\Users\Owner\AppData\Local\Google

2018-07-08 19:50 - 2018-07-08 19:51 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\hpqLog

2018-07-08 19:50 - 2018-04-11 18:34 - 000001105 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2018-07-08 19:50 - 2018-04-11 18:34 - 000001105 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2018-07-08 19:50 - 2016-08-17 04:59 - 000000000 ____D C:\Users\Owner\Documents\hp.system.package.metadata

2018-07-08 19:50 - 2016-08-17 04:59 - 000000000 ____D C:\Users\Owner\Documents\hp.applications.package.appdata

2018-07-08 19:50 - 2016-08-17 04:59 - 000000000 ____D C:\Users\Administrator\Documents\hp.applications.package.appdata

2018-07-08 19:50 - 2016-08-17 04:59 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Hewlett-Packard

2018-07-08 19:50 - 2016-08-17 04:59 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google

2018-07-08 19:47 - 2018-07-08 19:47 - 000000000 ____D C:\ProgramData\USOShared

2018-07-08 19:47 - 2018-04-11 18:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

2018-07-08 19:42 - 2018-07-11 14:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2018-07-08 19:42 - 2018-07-08 19:59 - 000291520 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2018-07-08 17:35 - 2018-07-08 17:35 - 000021057 _____ C:\Users\Owner\Desktop\VINO Admin log.txt

2018-07-08 17:32 - 2018-07-08 17:32 - 000021057 _____ C:\Users\Owner\Desktop\VINO System.txt

2018-07-08 17:30 - 2018-07-10 12:27 - 000004838 _____ C:\VEW.txt

2018-07-08 17:25 - 2018-07-08 17:26 - 000061440 _____ ( ) C:\Users\Owner\Desktop\VEW.exe

2018-07-08 14:05 - 2018-07-07 11:26 - 000463080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys

2018-07-08 14:05 - 2018-07-07 11:26 - 000381584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys

2018-07-08 14:05 - 2018-07-07 11:26 - 000211160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys

2018-07-08 14:05 - 2018-07-07 11:26 - 000197160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys

2018-07-08 14:05 - 2018-07-07 11:26 - 000159640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

2018-07-08 14:05 - 2018-07-07 11:26 - 000111872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys

2018-07-08 14:05 - 2018-07-07 11:26 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys

2018-07-08 14:05 - 2018-07-07 11:26 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys

2018-07-08 14:05 - 2018-07-07 11:25 - 001027728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys

2018-07-08 14:05 - 2017-12-06 11:02 - 000455384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys.151257624425004

2018-07-08 14:05 - 2017-11-19 09:01 - 000455384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys.151110027226503

2018-07-08 14:05 - 2017-07-28 07:27 - 000146664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys.150124491484303

2018-07-08 14:01 - 2018-07-07 11:26 - 000378072 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

2018-07-08 13:59 - 2018-07-08 22:41 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate

2018-07-08 13:42 - 2018-07-08 13:58 - 000000000 ____D C:\WINDOWS\ServiceProfiles

2018-07-08 13:18 - 2018-07-08 13:18 - 013570560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 004788504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 002590400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL

2018-07-08 13:18 - 2018-07-08 13:18 - 002371392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 002307336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL

2018-07-08 13:18 - 2018-07-08 13:18 - 001710240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 001397192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 001150408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 001017088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 001017080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 000861616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 000861096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 000770152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 000457152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 000416144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 000247984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL

2018-07-08 13:18 - 2018-07-08 13:18 - 000232488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL

2018-07-08 13:18 - 2018-07-08 13:18 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 000129192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll

2018-07-08 13:18 - 2018-07-08 13:18 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 025847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 022714368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 022003712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 019403264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 007581696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 006817872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 006528600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 005780992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 004561920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 004403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 004333568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 002563960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 002395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL

2018-07-08 13:17 - 2018-07-08 13:17 - 002206528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL

2018-07-08 13:17 - 2018-07-08 13:17 - 002163184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2018-07-08 13:17 - 2018-07-08 13:17 - 002062488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 002015744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2018-07-08 13:17 - 2018-07-08 13:17 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001784584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001380192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001360384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001342976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001288840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001242112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001145696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001144120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001129640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001112600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001097640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001034096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001020160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001012408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000988128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL

2018-07-08 13:17 - 2018-07-08 13:17 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000713376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000661152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000500552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000472136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2018-07-08 13:17 - 2018-07-08 13:17 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys

2018-07-08 13:17 - 2018-07-08 13:17 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Analog.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSHEIF.dll

2018-07-08 13:17 - 2018-07-08 13:17 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSHEIF.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 013873152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 006572000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 005821544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 004469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 003444224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe

2018-07-08 13:16 - 2018-07-08 13:16 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 002699776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 002417840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 001665920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 001626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 001620872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 001584128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 001508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdt.exe

2018-07-08 13:16 - 2018-07-08 13:16 - 001490144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 001454024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 001426328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 001380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 001299056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 001026896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000917408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe

2018-07-08 13:16 - 2018-07-08 13:16 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl

2018-07-08 13:16 - 2018-07-08 13:16 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe

2018-07-08 13:16 - 2018-07-08 13:16 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe

2018-07-08 13:16 - 2018-07-08 13:16 - 000786176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000653208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000613144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx

2018-07-08 13:16 - 2018-07-08 13:16 - 000568720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000560488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000444240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000286200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000101288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe

2018-07-08 13:16 - 2018-07-08 13:16 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000050208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe

2018-07-08 13:16 - 2018-07-08 13:16 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll

2018-07-08 13:16 - 2018-07-08 13:16 - 000018716 _____ C:\WINDOWS\SysWOW64\srms-apr.dat

2018-07-08 13:15 - 2018-07-08 13:15 - 009147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2018-07-08 13:15 - 2018-07-08 13:15 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 004371456 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 003733320 _____ C:\WINDOWS\system32\Windows.Mirage.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 003441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 002962944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 002922496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 002718624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2018-07-08 13:15 - 2018-07-08 13:15 - 002583552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 002570712 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 002486992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 002422688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2018-07-08 13:15 - 2018-07-08 13:15 - 002367488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 001981384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 001945784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 001921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys

2018-07-08 13:15 - 2018-07-08 13:15 - 001805752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 001649760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 001634808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 001543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 001462824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 001457128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2018-07-08 13:15 - 2018-07-08 13:15 - 001456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 001376576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2018-07-08 13:15 - 2018-07-08 13:15 - 001251736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 001190152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 001140568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2018-07-08 13:15 - 2018-07-08 13:15 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe

2018-07-08 13:15 - 2018-07-08 13:15 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 001011968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000983008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2018-07-08 13:15 - 2018-07-08 13:15 - 000978432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe

2018-07-08 13:15 - 2018-07-08 13:15 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl

2018-07-08 13:15 - 2018-07-08 13:15 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys

2018-07-08 13:15 - 2018-07-08 13:15 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe

2018-07-08 13:15 - 2018-07-08 13:15 - 000907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe

2018-07-08 13:15 - 2018-07-08 13:15 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys

2018-07-08 13:15 - 2018-07-08 13:15 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000717208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx

2018-07-08 13:15 - 2018-07-08 13:15 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000541600 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000527264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe

2018-07-08 13:15 - 2018-07-08 13:15 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000433560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys

2018-07-08 13:15 - 2018-07-08 13:15 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys

2018-07-08 13:15 - 2018-07-08 13:15 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys

2018-07-08 13:15 - 2018-07-08 13:15 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000281080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys

2018-07-08 13:15 - 2018-07-08 13:15 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManagerAPI.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys

2018-07-08 13:15 - 2018-07-08 13:15 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys

2018-07-08 13:15 - 2018-07-08 13:15 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000088472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys

2018-07-08 13:15 - 2018-07-08 13:15 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000077040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000064648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LanguageOverlayUtil.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe

2018-07-08 13:15 - 2018-07-08 13:15 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys

2018-07-08 13:15 - 2018-07-08 13:15 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DsmUserTask.exe

2018-07-08 13:15 - 2018-07-08 13:15 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll

2018-07-08 13:15 - 2018-07-08 13:15 - 000018716 _____ C:\WINDOWS\system32\srms-apr.dat

2018-07-08 13:14 - 2018-07-08 13:15 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 021388856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 007900984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe

2018-07-08 13:14 - 2018-07-08 13:14 - 004392448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 004070400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 003999232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2018-07-08 13:14 - 2018-07-08 13:14 - 003640832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe

2018-07-08 13:14 - 2018-07-08 13:14 - 003492864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 003283408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 003180176 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 002830240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2018-07-08 13:14 - 2018-07-08 13:14 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe

2018-07-08 13:14 - 2018-07-08 13:14 - 002462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2018-07-08 13:14 - 2018-07-08 13:14 - 002178136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 002172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 002061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 002051072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001676800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001659904 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001632256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001613200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001581568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe

2018-07-08 13:14 - 2018-07-08 13:14 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001046944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 001034632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe

2018-07-08 13:14 - 2018-07-08 13:14 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000941056 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000906752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.PhoneNumberFormatting.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000811520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000808960 _____ C:\WINDOWS\system32\MBR2GPT.EXE

2018-07-08 13:14 - 2018-07-08 13:14 - 000792984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2018-07-08 13:14 - 2018-07-08 13:14 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL

2018-07-08 13:14 - 2018-07-08 13:14 - 000761440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe

2018-07-08 13:14 - 2018-07-08 13:14 - 000759192 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000748512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000661160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe

2018-07-08 13:14 - 2018-07-08 13:14 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe

2018-07-08 13:14 - 2018-07-08 13:14 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000510904 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000506184 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe

2018-07-08 13:14 - 2018-07-08 13:14 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000413080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2018-07-08 13:14 - 2018-07-08 13:14 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000324000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000308408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe

2018-07-08 13:14 - 2018-07-08 13:14 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000228768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000226720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys

2018-07-08 13:14 - 2018-07-08 13:14 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe

2018-07-08 13:14 - 2018-07-08 13:14 - 000164768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys

2018-07-08 13:14 - 2018-07-08 13:14 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe

2018-07-08 13:14 - 2018-07-08 13:14 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000131232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppHostRegistrationVerifier.exe

2018-07-08 13:14 - 2018-07-08 13:14 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe

2018-07-08 13:14 - 2018-07-08 13:14 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys

2018-07-08 13:14 - 2018-07-08 13:14 - 000072768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys

2018-07-08 13:14 - 2018-07-08 13:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll

2018-07-08 13:14 - 2018-07-08 13:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe

2018-07-08 13:14 - 2018-07-08 13:14 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 004970360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 003296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 003293696 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 002903040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 002479272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001792808 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001742272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001659296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001565592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001364184 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001363632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001308672 _____ C:\WINDOWS\system32\FaceProcessor.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe

2018-07-08 13:13 - 2018-07-08 13:13 - 001213368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe

2018-07-08 13:13 - 2018-07-08 13:13 - 001209800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001175056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

2018-07-08 13:13 - 2018-07-08 13:13 - 001026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys

2018-07-08 13:13 - 2018-07-08 13:13 - 001018616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe

2018-07-08 13:13 - 2018-07-08 13:13 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000898760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000880152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000788216 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000776880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000735560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000722808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000719552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000709848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2018-07-08 13:13 - 2018-07-08 13:13 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000678840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000665320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000659096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000642088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000606448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe

2018-07-08 13:13 - 2018-07-08 13:13 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2018-07-08 13:13 - 2018-07-08 13:13 - 000562080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys

2018-07-08 13:13 - 2018-07-08 13:13 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000550608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000542888 _____ C:\WINDOWS\system32\FaceProcessorCore.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe

2018-07-08 13:13 - 2018-07-08 13:13 - 000491304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000482472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000473496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe

2018-07-08 13:13 - 2018-07-08 13:13 - 000434584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe

2018-07-08 13:13 - 2018-07-08 13:13 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

2018-07-08 13:13 - 2018-07-08 13:13 - 000413816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000382872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2018-07-08 13:13 - 2018-07-08 13:13 - 000348256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe

2018-07-08 13:13 - 2018-07-08 13:13 - 000347704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe

2018-07-08 13:13 - 2018-07-08 13:13 - 000338352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe

2018-07-08 13:13 - 2018-07-08 13:13 - 000313592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000269248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000266656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe

2018-07-08 13:13 - 2018-07-08 13:13 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys

2018-07-08 13:13 - 2018-07-08 13:13 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe

2018-07-08 13:13 - 2018-07-08 13:13 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000118872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000116632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe

2018-07-08 13:13 - 2018-07-08 13:13 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000105376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000089984 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayUtil.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000057960 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandlerPS.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll

2018-07-08 13:13 - 2018-07-08 13:13 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 002895872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2018-07-08 13:12 - 2018-07-08 13:12 - 001988072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 001953280 _____ C:\WINDOWS\system32\rdpnano.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 001675264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 001462784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 001174424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2018-07-08 13:12 - 2018-07-08 13:12 - 001077504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 001069056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys

2018-07-08 13:12 - 2018-07-08 13:12 - 001012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2018-07-08 13:12 - 2018-07-08 13:12 - 000885848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 000857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL

2018-07-08 13:12 - 2018-07-08 13:12 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 000705440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys

2018-07-08 13:12 - 2018-07-08 13:12 - 000611232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys

2018-07-08 13:12 - 2018-07-08 13:12 - 000607648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 000567176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe

2018-07-08 13:12 - 2018-07-08 13:12 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 000565152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2018-07-08 13:12 - 2018-07-08 13:12 - 000553248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys

2018-07-08 13:12 - 2018-07-08 13:12 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL

2018-07-08 13:12 - 2018-07-08 13:12 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys

2018-07-08 13:12 - 2018-07-08 13:12 - 000134560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 000130456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys

2018-07-08 13:12 - 2018-07-08 13:12 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 000105368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys

2018-07-08 13:12 - 2018-07-08 13:12 - 000094104 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 000083360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys

2018-07-08 13:12 - 2018-07-08 13:12 - 000048544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys

2018-07-08 13:12 - 2018-07-08 13:12 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys

2018-07-08 13:12 - 2018-07-08 13:12 - 000029600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys

2018-07-08 13:12 - 2018-07-08 13:12 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll

2018-07-08 13:12 - 2018-07-08 13:12 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim

2018-07-08 12:27 - 2018-07-08 12:27 - 000000000 ____D C:\inetpub

2018-07-08 12:25 - 2018-07-08 12:25 - 000000000 ____D C:\Program Files\Reference Assemblies

2018-07-08 12:25 - 2018-07-08 12:25 - 000000000 ____D C:\Program Files\MSBuild

2018-07-08 12:25 - 2018-07-08 12:25 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies

2018-07-08 12:25 - 2018-07-08 12:25 - 000000000 ____D C:\Program Files (x86)\MSBuild

2018-07-08 12:23 - 2018-07-08 12:23 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll

2018-07-08 12:23 - 2018-07-08 12:23 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll

2018-07-08 12:23 - 2018-07-08 12:23 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

2018-07-08 12:23 - 2018-07-08 12:23 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2018-07-08 12:23 - 2018-07-08 12:23 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe

2018-07-08 12:23 - 2018-07-08 12:23 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe

2018-07-08 12:18 - 2018-07-08 12:18 - 004492288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe

2018-07-08 12:18 - 2018-07-08 12:18 - 003398144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe

2018-07-08 12:18 - 2018-07-08 12:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll

2018-07-08 12:18 - 2018-07-08 12:18 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll

2018-07-08 12:18 - 2018-07-08 12:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll

2018-07-08 12:18 - 2018-07-08 12:18 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll

2018-07-08 12:18 - 2018-07-08 12:18 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml

2018-07-08 12:18 - 2018-07-08 12:18 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml

2018-07-08 12:01 - 2018-07-08 12:01 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe

2018-07-08 12:01 - 2018-07-08 12:01 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe

2018-07-08 12:01 - 2018-07-08 12:01 - 000058524 _____ C:\WINDOWS\system32\srms.dat

2018-07-08 11:19 - 2018-07-08 11:19 - 000008192 _____ C:\WINDOWS\system32\config\userdiff

2018-07-07 16:53 - 2018-07-11 10:37 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump

2018-07-07 16:45 - 2018-07-11 14:52 - 000001043 _____ C:\Users\Owner\Desktop\LatencyMon.lnk

2018-07-07 16:45 - 2018-07-09 15:40 - 000001043 _____ C:\Users\Owner\Desktop\In Depth Latency Tests.lnk

2018-07-07 16:41 - 2018-07-08 17:38 - 000018237 _____ C:\Users\Owner\Desktop\Hardware Interrupts and DPCs.txt

2018-07-07 11:58 - 2018-07-08 20:30 - 000000000 ___DC C:\WINDOWS\Panther

2018-07-07 11:28 - 2018-07-07 11:28 - 000001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk

2018-07-07 11:28 - 2018-07-07 11:28 - 000001974 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk

2018-07-07 11:28 - 2018-07-07 11:28 - 000000000 ____D C:\Users\Owner\AppData\Roaming\AVAST Software

2018-07-07 11:26 - 2018-07-07 11:26 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys

2018-07-07 11:26 - 2018-07-07 11:25 - 000239680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys

2018-07-07 11:24 - 2018-07-07 11:24 - 000000000 ____D C:\Program Files\AVAST Software

2018-07-07 10:56 - 2018-07-08 14:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID

2018-07-07 10:55 - 2018-07-07 10:55 - 001798176 _____ (CPUID, Inc. ) C:\Users\Owner\Desktop\cpu-z_1.85-en.exe

2018-07-07 10:55 - 2018-07-07 10:55 - 000000000 ____D C:\Program Files\CPUID

2018-07-05 15:25 - 2018-07-11 15:02 - 000001083 _____ C:\Users\Owner\Desktop\SpeedFan.lnk

2018-07-05 15:25 - 2018-07-11 15:02 - 000000000 ____D C:\Program Files (x86)\SpeedFan

2018-07-05 15:25 - 2018-07-08 19:57 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan

2018-07-05 15:25 - 2018-07-05 15:25 - 000000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo

2018-07-05 15:23 - 2018-07-05 15:23 - 003086696 _____ C:\Users\Owner\Desktop\instspeedfan452 (1).exe

2018-07-05 09:14 - 2018-07-05 09:14 - 000178320 _____ (AVAST Software) C:\Users\Owner\Downloads\avast_free_antivirus_setup_online_cnet2.exe

2018-07-04 15:22 - 2018-07-08 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite

2018-07-04 15:22 - 2018-07-04 15:22 - 000002212 _____ C:\Users\Public\Desktop\Carbonite.lnk

2018-07-04 15:18 - 2018-07-08 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon

2018-07-04 15:18 - 2018-07-07 16:45 - 000000000 ____D C:\Program Files\LatencyMon

2018-07-04 15:18 - 2015-07-13 11:16 - 000026368 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspLLL64.sys

2018-07-04 15:17 - 2018-07-04 15:17 - 002476504 _____ (Resplendence Software Projects Sp. ) C:\Users\Owner\Desktop\LatencyMon.exe

2018-07-04 13:24 - 2018-07-04 15:07 - 000129140 _____ C:\Users\Owner\Desktop\PC.txt

2018-07-04 13:22 - 2018-07-08 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy

2018-07-04 13:22 - 2018-07-04 13:22 - 000000844 _____ C:\Users\Public\Desktop\Speccy.lnk

2018-07-04 13:22 - 2018-07-04 13:22 - 000000000 ____D C:\Program Files\Speccy

2018-07-04 13:21 - 2018-07-04 13:21 - 006889184 _____ (Piriform Ltd) C:\Users\Owner\Desktop\spsetup132.exe

2018-07-04 13:18 - 2018-07-10 17:05 - 000000320 _____ C:\junk.txt

2018-07-04 13:15 - 2018-07-04 13:15 - 000021740 _____ C:\Users\Owner\Desktop\System Idle Process.txt

2018-07-04 13:08 - 2018-07-09 09:31 - 000041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS

2018-07-04 13:08 - 2018-07-04 13:08 - 002724512 _____ (Sysinternals - www.sysinternals.com) C:\Users\Owner\Desktop\procexp.exe

2018-07-04 09:35 - 2018-07-04 09:37 - 000070567 _____ C:\Users\Owner\Desktop\Addition.txt

2018-07-04 09:32 - 2018-07-11 15:55 - 000024854 _____ C:\Users\Owner\Desktop\FRST.txt

2018-07-04 09:32 - 2018-07-11 15:53 - 000000000 ____D C:\FRST

2018-07-03 16:04 - 2018-07-03 16:05 - 002412544 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe

2018-07-03 14:37 - 2018-07-03 14:37 - 000125399 _____ C:\Users\Owner\Downloads\hosts.zip

2018-07-02 11:51 - 2018-07-02 11:51 - 008723637 _____ C:\Users\Owner\Downloads\ocm01756784-1896.pdf

2018-06-29 08:43 - 2018-06-29 08:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

2018-06-28 07:41 - 2018-07-07 15:56 - 000000000 ____D C:\Users\Owner\AppData\Local\CrashDumps

2018-06-28 07:37 - 2018-07-07 11:43 - 000000000 ____D C:\Users\Owner\AppData\Local\AVAST Software

2018-06-27 17:33 - 2018-06-08 14:09 - 000130808 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll

2018-06-27 16:59 - 2018-06-27 17:21 - 866014505 _____ C:\Users\Owner\Downloads\windows10.0-kb4284822-x64_0fcd8ba2f62befe1ab243819de299e16052571b2.msu

2018-06-27 16:38 - 2018-06-27 16:39 - 013669907 _____ C:\Users\Owner\Downloads\windows10.0-kb4090914-x64_c72e85e0ed037eee289e3793c01b5f0a0f7b63f1.msu

2018-06-27 16:30 - 2018-06-27 16:30 - 000195346 _____ C:\Users\Owner\Downloads\wu170509 (1).diagcab

2018-06-27 16:19 - 2018-06-27 16:19 - 000195346 _____ C:\Users\Owner\Downloads\wu170509.diagcab

2018-06-26 16:04 - 2018-06-26 16:04 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job

2018-06-26 16:03 - 2018-06-26 16:04 - 000273318 _____ C:\WINDOWS\ntbtlog.txt

2018-06-20 06:07 - 2018-07-10 11:02 - 000000000 ____D C:\ProgramData\Packages

2018-06-17 16:05 - 2018-06-17 16:05 - 000020584 _____ C:\Users\Owner\Downloads\eSign.pdf

2018-06-15 10:15 - 2018-06-15 10:15 - 000512879 _____ C:\Users\Owner\Downloads\voicemail.wav

2018-06-12 10:06 - 2018-06-12 10:10 - 379800106 _____ C:\Users\Owner\Downloads\2018-catalogue-digital.pdf

2018-06-11 13:56 - 2018-06-15 16:51 - 000012186 _____ C:\Users\Owner\Documents\BowWow Menders KAM Snap Inventory.xlsx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-11 15:57 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2018-07-11 15:52 - 2015-09-03 16:45 - 000000000 ___RD C:\Users\Owner\OneDrive

2018-07-11 15:51 - 2015-10-04 12:45 - 000000000 ___RD C:\Users\Owner\iCloudDrive

2018-07-11 15:46 - 2018-04-11 16:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI

2018-07-11 15:45 - 2015-12-01 15:12 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin

2018-07-11 15:18 - 2015-08-01 18:31 - 000000000 ____D C:\ProgramData\panda_url_filtering

2018-07-11 15:02 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\AppReadiness

2018-07-11 15:00 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\NDF

2018-07-11 12:23 - 2015-08-01 18:03 - 000000000 ____D C:\Program Files (x86)\Google

2018-07-11 11:08 - 2014-12-13 21:52 - 000000000 ____D C:\Users\Owner\AppData\Local\ElevatedDiagnostics

2018-07-10 17:31 - 2017-06-12 10:32 - 000000000 ____D C:\Users\Owner\Desktop\Temp

2018-07-10 16:03 - 2015-08-11 12:33 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2018-07-10 11:54 - 2018-04-11 18:36 - 000000000 ____D C:\WINDOWS\INF

2018-07-10 11:52 - 2016-08-17 04:37 - 000000000 ____D C:\Program Files\AMD

2018-07-10 11:42 - 2014-12-13 15:27 - 000000000 ____D C:\AMD

2018-07-10 11:21 - 2013-11-01 12:09 - 000000000 ____D C:\Program Files (x86)\Realtek

2018-07-10 11:01 - 2016-01-03 09:56 - 000000000 ___RD C:\Users\Owner\Documents\Scanned Documents

2018-07-10 10:59 - 2018-04-11 18:38 - 000000000 ___HD C:\Program Files\WindowsApps

2018-07-09 15:40 - 2015-08-09 18:04 - 000001745 _____ C:\Users\Owner\Desktop\Google Drive.lnk

2018-07-09 15:39 - 2015-08-20 11:07 - 000002250 _____ C:\Users\Owner\Desktop\HP Support Assistant.lnk

2018-07-09 11:59 - 2013-08-22 10:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy

2018-07-09 09:14 - 2016-07-04 14:00 - 000000338 _____ C:\WINDOWS\Tasks\HPCeeScheduleForOwner.job

2018-07-09 03:32 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\appcompat

2018-07-08 22:42 - 2018-04-11 18:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template

2018-07-08 22:41 - 2018-06-07 11:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

2018-07-08 22:41 - 2018-05-31 08:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2018-07-08 22:41 - 2018-05-07 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

2018-07-08 22:41 - 2018-04-11 18:41 - 000000000 ____D C:\WINDOWS\Setup

2018-07-08 22:41 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed

2018-07-08 22:41 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy

2018-07-08 22:41 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase

2018-07-08 22:41 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\spool

2018-07-08 22:41 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\oobe

2018-07-08 22:41 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\Macromed

2018-07-08 22:41 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\InputMethod

2018-07-08 22:41 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports

2018-07-08 22:41 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\InputMethod

2018-07-08 22:41 - 2018-04-11 18:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

2018-07-08 22:41 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated

2018-07-08 22:41 - 2017-07-13 08:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

2018-07-08 22:41 - 2017-04-17 21:35 - 000000000 ____D C:\Program Files\UNP

2018-07-08 22:41 - 2016-08-17 04:36 - 000000000 ____D C:\WINDOWS\system32\SRSLabs

2018-07-08 22:41 - 2016-07-30 16:33 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe

2018-07-08 22:41 - 2015-09-07 12:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow

2018-07-08 22:41 - 2015-09-02 08:57 - 000000000 ____D C:\WINDOWS\en

2018-07-08 22:41 - 2015-08-20 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

2018-07-08 22:41 - 2015-08-14 10:26 - 000000000 ____D C:\Program Files (x86)\HP

2018-07-08 22:41 - 2015-08-09 18:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

2018-07-08 22:41 - 2015-08-01 19:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013

2018-07-08 22:41 - 2014-12-15 23:42 - 000000000 ____D C:\WINDOWS\system32\MRT

2018-07-08 22:41 - 2013-11-01 12:30 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat

2018-07-08 22:41 - 2013-11-01 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon NaturallySpeaking 12.0

2018-07-08 22:41 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared

2018-07-08 22:41 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared

2018-07-08 22:41 - 2013-04-27 21:55 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2018-07-08 22:41 - 2013-04-27 21:51 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support

2018-07-08 22:41 - 2013-04-27 21:49 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos

2018-07-08 22:41 - 2013-04-27 21:42 - 000000000 ____D C:\WINDOWS\SysWOW64\Adobe

2018-07-08 22:41 - 2013-04-27 21:40 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection

2018-07-08 22:41 - 2013-04-27 21:39 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools

2018-07-08 22:41 - 2013-04-27 21:37 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard

2018-07-08 22:36 - 2018-04-11 18:30 - 000000000 ____D C:\WINDOWS\CbsTemp

2018-07-08 20:47 - 2018-01-20 13:16 - 000000000 ____D C:\Users\Owner\AppData\Local\Packages

2018-07-08 20:30 - 2016-08-17 05:34 - 000000000 ____D C:\Users\Owner\AppData\Local\ConnectedDevicesPlatform

2018-07-08 20:29 - 2018-01-20 13:52 - 000000000 ___RD C:\Users\Owner\3D Objects

2018-07-08 20:29 - 2014-01-14 18:28 - 000000000 __RHD C:\Users\Public\AccountPictures

2018-07-08 20:27 - 2018-04-11 16:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM

2018-07-08 20:26 - 2018-04-11 18:38 - 000000000 ___RD C:\Program Files\Windows Defender

2018-07-08 20:21 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\Registration

2018-07-08 20:13 - 2018-04-11 18:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2018-07-08 20:11 - 2014-12-28 20:49 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat

2018-07-08 19:57 - 2015-12-06 10:15 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP MyRoom

2018-07-08 19:51 - 2012-08-03 17:28 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages

2018-07-08 19:47 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\USOPrivate

2018-07-08 19:47 - 2016-08-17 04:36 - 000000000 ____D C:\WINDOWS\SysWOW64\sda

2018-07-08 17:33 - 2016-10-02 08:31 - 000000000 ____D C:\Users\Owner\AppData\Local\VirtualStore

2018-07-08 14:57 - 2018-04-11 18:38 - 000000000 __RHD C:\Users\Public\Libraries

2018-07-08 14:08 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV

2018-07-08 14:08 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT

2018-07-08 14:08 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\IME

2018-07-08 14:08 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE

2018-07-08 14:08 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB

2018-07-08 14:06 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV

2018-07-08 14:06 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT

2018-07-08 14:06 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\IME

2018-07-08 14:06 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\et-EE

2018-07-08 14:05 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\en-GB

2018-07-08 14:00 - 2016-10-15 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech

2018-07-08 14:00 - 2015-09-09 16:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Encryptomatic, LLC

2018-07-08 13:59 - 2016-08-17 04:37 - 000000000 ____D C:\Program Files\Synaptics

2018-07-08 13:59 - 2016-08-17 04:37 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\zu-ZA

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\yo-NG

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\xh-ZA

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\wo-SN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\vi-VN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ur-PK

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ug-CN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\tt-RU

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\tn-ZA

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\tk-TM

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ti-ET

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\te-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\sw-KE

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\sq-AL

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\rw-RW

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\quz-PE

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\prs-AF

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\pa-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\or-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\nso-ZA

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\nn-NO

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ne-NP

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\mt-MT

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\mr-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\mn-MN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ml-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\mk-MK

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\mi-NZ

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\lo-LA

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\lb-LU

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ky-KG

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\kok-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\kn-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\km-KH

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\kk-KZ

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ka-GE

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\is-IS

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ig-NG

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\id-ID

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\hy-AM

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\gu-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\gd-GB

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ga-IE

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\fil-PH

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\fa-IR

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\cy-GB

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\bn-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\bn-BD

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\be-BY

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\as-IN

2018-07-08 13:27 - 2018-04-12 04:19 - 000000000 ____D C:\WINDOWS\system32\af-ZA

2018-07-08 13:27 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\TextInput

2018-07-08 13:27 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup

2018-07-08 13:27 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe

2018-07-08 13:27 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism

2018-07-08 13:27 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2018-07-08 13:27 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\ta-in

2018-07-08 13:27 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform

2018-07-08 13:27 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\si-lk

2018-07-08 13:27 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\setup

2018-07-08 13:27 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\appraiser

2018-07-08 13:27 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\am-et

2018-07-08 13:27 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\ShellExperiences

2018-07-08 13:27 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\Provisioning

2018-07-08 13:27 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\bcastdvr

2018-07-08 13:27 - 2018-04-11 18:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer

2018-07-08 13:27 - 2018-04-11 18:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2018-07-08 13:27 - 2018-04-11 16:04 - 000000000 ____D C:\WINDOWS\system32\Dism

2018-07-08 12:27 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv

2018-07-08 12:27 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\inetsrv

2018-07-08 12:19 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX

2018-07-08 12:19 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\es-MX

2018-07-05 15:11 - 2017-07-10 15:15 - 000000000 ____D C:\ProgramData\AVAST Software

2018-07-05 02:46 - 2013-11-01 12:25 - 000000000 ____D C:\ProgramData\TEMP

2018-07-04 14:44 - 2016-01-03 09:55 - 000000000 ____D C:\Users\Owner\Documents\Life

2018-06-29 17:04 - 2016-01-01 18:10 - 000000000 ____D C:\Users\Owner\Documents\CheckBook

2018-06-29 08:43 - 2016-01-21 08:23 - 000548000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2018-06-26 16:05 - 2015-09-09 16:24 - 000000000 ____D C:\Users\Owner\AppData\Roaming\rUpdater Software

2018-06-23 15:47 - 2015-08-01 19:08 - 000000000 ____D C:\Program Files\Microsoft Office 15

2018-06-22 16:31 - 2017-12-30 14:16 - 000000000 ____D C:\Users\Owner\Documents\ICE

2018-06-12 17:11 - 2017-10-10 21:19 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe

2018-06-12 17:11 - 2014-12-15 23:42 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2015-10-31 10:28 - 2016-06-03 16:49 - 000007601 _____ () C:\Users\Owner\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:

====================

2018-07-09 10:02 - 2018-07-08 13:15 - 001945784 _____ (Microsoft Corporation) C:\Users\Owner\AppData\Local\Temp\dllnt_dump.dll

2018-07-11 15:02 - 2018-07-11 15:02 - 000192512 _____ () C:\Users\Owner\AppData\Local\Temp\sfamcc00001.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-07-08 19:42

==================== End of FRST.txt ============================

#32
RKinner

Posted 11 July 2018 - 07:08 PM

Malware Expert

Expert
24,625 posts

You can uninstall Avast since you don't like it.

I don't think you got all of the fixlog. There's usually a big gap between where it repeats the fixlist and where it actually does something. This time make sure you Ctrl + a to select everything before copying it to a Reply:

Download the attached fixlist.txt to the same location as FRST

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again as before. Make sure Addition.txt is checked and hit Scan. Post both logs.

Run Process Explorer again as before and post the log.

#33
SumMom

Posted 12 July 2018 - 08:23 AM

Member

Topic Starter
Member
69 posts

Avast uninstalled. What would you recommend for an anti-virus?

Sorry about the Fixlog. Here is a new one: This time it booted on it's own. Last time I had to boot.

Fix result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018

Ran by Owner (12-07-2018 08:52:51) Run:2

Running from C:\Users\Owner\Desktop

Loaded Profiles: Owner (Available Profiles: Owner & Administrator)

Boot Mode: Normal

==============================================

fixlist content:

*****************

Task: {E6AB8001-0B5B-49CC-93E6-D26EE67964D4} - \Optimize Start Menu Cache Files-S-1-5-21-3571816096-2060556278-31395193-1002 -> No File <==== ATTENTION

Task: {FE44855B-8408-4395-B8D7-8DB8875960A4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

Task: C:\WINDOWS\Tasks\HPCeeScheduleForOwner.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

UNLOCK: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys

CMD: DIR /a \Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys

CMD: sc start aoddriver2

Hosts:

CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"

*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E187970-92E9-4845-A603-7BA6F471A31F}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E187970-92E9-4845-A603-7BA6F471A31F}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - cd662528bad74f0292fc12464c7f590c95db0a604934478da499cbe1489bfc24 => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - cd662528bad74f0292fc12464c7f590c95db0a604934478da499cbe1489bfc24" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10AE2ED3-1B20-4805-A65D-7D421CA08CC6}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10AE2ED3-1B20-4805-A65D-7D421CA08CC6}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 13b048195d264b5fb015dcb5688a0bf990b19bbb1e4241188313634cf36ebf65 => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 13b048195d264b5fb015dcb5688a0bf990b19bbb1e4241188313634cf36ebf65" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{177467AE-55D0-41B9-B9F7-47AF0E868074}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{177467AE-55D0-41B9-B9F7-47AF0E868074}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 20ed4d4523514baaba4a379532fad29c25009e0232454e64a64bfc0931fdb127 => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 20ed4d4523514baaba4a379532fad29c25009e0232454e64a64bfc0931fdb127" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{36213528-338C-4470-B040-6C6A0FDC8D55}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36213528-338C-4470-B040-6C6A0FDC8D55}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - e041d3ba528447cd8a3844a84947d474a1fe7e4ca863435ca58430f52790766e => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - e041d3ba528447cd8a3844a84947d474a1fe7e4ca863435ca58430f52790766e" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{550D2824-4CA8-40C3-85AA-B97123F2621D}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{550D2824-4CA8-40C3-85AA-B97123F2621D}" => removed successfully

C:\WINDOWS\System32\Tasks\HPCustParticipation HP Photosmart 7520 series => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCustParticipation HP Photosmart 7520 series" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B8AB74A-2B49-4B48-BC4F-7D19FBE93555}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B8AB74A-2B49-4B48-BC4F-7D19FBE93555}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 54e913671e304774bb065d953d8785201a8e6e5732094e1d93d2575b01c6f336 => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 54e913671e304774bb065d953d8785201a8e6e5732094e1d93d2575b01c6f336" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C43B687-2B29-424F-931C-843259C0FE8A}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C43B687-2B29-424F-931C-843259C0FE8A}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 6cbae8e051084ba4901ec4d9d7ec410b7452d3c81fe24303b4468b1b176103fe => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 6cbae8e051084ba4901ec4d9d7ec410b7452d3c81fe24303b4468b1b176103fe" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61BCC6F0-1C1F-4916-8202-6D49B8DB1B8C}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61BCC6F0-1C1F-4916-8202-6D49B8DB1B8C}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - d520a4fe92ff45c5b7400be608664b4dbc44d3556d914fc28e24b6c8d18faea5 => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - d520a4fe92ff45c5b7400be608664b4dbc44d3556d914fc28e24b6c8d18faea5" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66F1E160-B411-48FD-ADED-FFD1EFEBE882}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66F1E160-B411-48FD-ADED-FFD1EFEBE882}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 59efb5f037674031b411c4abdc22dbabfc064db05304497a8144a2de34945686 => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 59efb5f037674031b411c4abdc22dbabfc064db05304497a8144a2de34945686" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{736121B3-183E-452A-BC9C-8681AB220B09}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{736121B3-183E-452A-BC9C-8681AB220B09}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - d3b4ac90ff1641e3a105836f88570e3038466b74f0ea490fbae29202b9f29ff6 => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - d3b4ac90ff1641e3a105836f88570e3038466b74f0ea490fbae29202b9f29ff6" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A88A5CF-A084-4356-9477-79ECF5C5D823}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A88A5CF-A084-4356-9477-79ECF5C5D823}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - ae42614dad434ccfb23d43e802ad066f34eb2bd3afec47b5a2ecf6513f105e7f => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - ae42614dad434ccfb23d43e802ad066f34eb2bd3afec47b5a2ecf6513f105e7f" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E634445-1972-4713-8AD9-62C341B39542}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E634445-1972-4713-8AD9-62C341B39542}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - a69930d82c9c49c592a14a8213aec954705e24a9f8064e95a918baeb82840aff => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - a69930d82c9c49c592a14a8213aec954705e24a9f8064e95a918baeb82840aff" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{81113475-3698-49CD-B799-5ED7F9FD85D7}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81113475-3698-49CD-B799-5ED7F9FD85D7}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - bda91eab68504b46a4567215c6dfc6d041f3c17eba4d49d39020975a73a92bf2 => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - bda91eab68504b46a4567215c6dfc6d041f3c17eba4d49d39020975a73a92bf2" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{839DD036-FCB9-42E0-AC65-F6F9F81033F0}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{839DD036-FCB9-42E0-AC65-F6F9F81033F0}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 23b4b9df709e4eb7a03669f2d3e6d9c3968db8bb0a364ce8ac8c72758fea4a6e => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 23b4b9df709e4eb7a03669f2d3e6d9c3968db8bb0a364ce8ac8c72758fea4a6e" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87590BD9-1A74-4549-826D-7BAE682EA7C4}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87590BD9-1A74-4549-826D-7BAE682EA7C4}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 3302f8c4da98408f9de824303d72f7e8ecaa8997014c430ab5febfcd754d1ec8 => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 3302f8c4da98408f9de824303d72f7e8ecaa8997014c430ab5febfcd754d1ec8" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8BDA85CB-8CA8-4674-A3D0-E5E8175D47B2}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BDA85CB-8CA8-4674-A3D0-E5E8175D47B2}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - b60302ff0fd149c3b28a5599a1d0d2ac522aab96f53946c1b0283e24fbc072bd => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - b60302ff0fd149c3b28a5599a1d0d2ac522aab96f53946c1b0283e24fbc072bd" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{934D048D-6A77-439E-BAB6-CF200D9E9EE9}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{934D048D-6A77-439E-BAB6-CF200D9E9EE9}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - d237079b094e40d5b92c2a7a186b1ae878c9d48866ac41e785a85267ca21038b => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - d237079b094e40d5b92c2a7a186b1ae878c9d48866ac41e785a85267ca21038b" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93EF3557-8EEB-4F1F-9657-C4E583490EDB}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93EF3557-8EEB-4F1F-9657-C4E583490EDB}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - cc5fe602b0454df298e9f2213c70f5915cedda117e3e4b0ea206214d67c464a8 => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - cc5fe602b0454df298e9f2213c70f5915cedda117e3e4b0ea206214d67c464a8" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94C66E5B-F752-4DDF-B70F-A8B44ACF4981}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94C66E5B-F752-4DDF-B70F-A8B44ACF4981}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 7a620f6a9e794ac4935f1bd437f9a7568627dc9a7981485cb22ce992afa6a70b => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 7a620f6a9e794ac4935f1bd437f9a7568627dc9a7981485cb22ce992afa6a70b" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{958BB90D-CE00-47B2-807C-4E980390CCA6}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{958BB90D-CE00-47B2-807C-4E980390CCA6}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - c4522da8b5b643d8ae5242a4d41af0140023c55c804c4c5c956057afdacf9d56 => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - c4522da8b5b643d8ae5242a4d41af0140023c55c804c4c5c956057afdacf9d56" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{96C81D51-D447-4500-8994-980C0C3A727F}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96C81D51-D447-4500-8994-980C0C3A727F}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 04c32abb928e41d58951629e32c48e15a9b744708e4048439af7a9b6f3b1a21f => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 04c32abb928e41d58951629e32c48e15a9b744708e4048439af7a9b6f3b1a21f" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E24DEB6-D146-43D5-A951-971D3C33503C}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E24DEB6-D146-43D5-A951-971D3C33503C}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 3575c51157384e2d8ce2c98e4f3828e4836b0231d51c493ba822ab8c186ffbca => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 3575c51157384e2d8ce2c98e4f3828e4836b0231d51c493ba822ab8c186ffbca" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6CD674D-E253-4A8B-B67E-F8BD6074E621}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6CD674D-E253-4A8B-B67E-F8BD6074E621}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 95a0f5c3e17a43178792f2d4fd896425c9b7170f30bd4833ad85df257c454e0d => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 95a0f5c3e17a43178792f2d4fd896425c9b7170f30bd4833ad85df257c454e0d" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A708FEFA-B10A-48BC-A597-BC8AD1A6226D}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A708FEFA-B10A-48BC-A597-BC8AD1A6226D}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 88cc1119b3b5443ba7c463ff649a914dfa3022a442f149619cfeca508af1b7db => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 88cc1119b3b5443ba7c463ff649a914dfa3022a442f149619cfeca508af1b7db" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AEDA639D-00B6-4EFF-9BDE-C796EC7A44D5}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEDA639D-00B6-4EFF-9BDE-C796EC7A44D5}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 60b9449260e84595a093000ee04f48dc42803145a44e44549b09086fdf283130 => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 60b9449260e84595a093000ee04f48dc42803145a44e44549b09086fdf283130" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD82E335-26E4-421E-BDBB-CC21E1414541}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD82E335-26E4-421E-BDBB-CC21E1414541}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - d630fbb24d2e4b58828058b993cfddb084940f9ba3dc42edb773fd41bc9add95 => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - d630fbb24d2e4b58828058b993cfddb084940f9ba3dc42edb773fd41bc9add95" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CAF5EB68-236D-4AEA-9DE0-FFFDA880E3F3}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CAF5EB68-236D-4AEA-9DE0-FFFDA880E3F3}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 47af6eb2eb55495ea77bf8d7240bdb802bb1319547d240f684d2261ca10577c3 => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 47af6eb2eb55495ea77bf8d7240bdb802bb1319547d240f684d2261ca10577c3" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF6A0242-24C3-4D56-9504-35C88A271C4F}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF6A0242-24C3-4D56-9504-35C88A271C4F}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 27e16fb787014adb989b3b6d3ae895d9ca3fb2e99092439a83ced62f18f59f1d => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 27e16fb787014adb989b3b6d3ae895d9ca3fb2e99092439a83ced62f18f59f1d" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9AA527F-7F7F-4E2C-92DC-D6F0D031C8BC}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9AA527F-7F7F-4E2C-92DC-D6F0D031C8BC}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 157c157312034a29b55b03fdf0e7a42f5849161fad3940c18ac3edc072ba8db7 => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 157c157312034a29b55b03fdf0e7a42f5849161fad3940c18ac3edc072ba8db7" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E324B319-B289-405C-87F3-7A4F92659AA8}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E324B319-B289-405C-87F3-7A4F92659AA8}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 82cbb129e1d4435cb8f43ac75d80fc026037922f70a14a3eaae9b1fc51a5df84 => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 82cbb129e1d4435cb8f43ac75d80fc026037922f70a14a3eaae9b1fc51a5df84" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E6AB8001-0B5B-49CC-93E6-D26EE67964D4}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6AB8001-0B5B-49CC-93E6-D26EE67964D4}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-3571816096-2060556278-31395193-1002" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F86DD61A-78CA-4A0D-A3BB-98C4A359859E}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F86DD61A-78CA-4A0D-A3BB-98C4A359859E}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 9dff23a5152d4eff91c964a9ac6f6adbb4ff3d7ea8ad4acb9c824bd72ea89781 => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 9dff23a5152d4eff91c964a9ac6f6adbb4ff3d7ea8ad4acb9c824bd72ea89781" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB0405CE-1534-4DEA-B5F6-8822D36939F2}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB0405CE-1534-4DEA-B5F6-8822D36939F2}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 05043a01f62c4db8ac8ef14dd94e6d096f6a2ff3485e42539b3d7369458b29b4 => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 05043a01f62c4db8ac8ef14dd94e6d096f6a2ff3485e42539b3d7369458b29b4" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE44855B-8408-4395-B8D7-8DB8875960A4}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE44855B-8408-4395-B8D7-8DB8875960A4}" => removed successfully

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => not found

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE8A1AD1-2C74-44EF-BDCF-86BAB3EAF9B2}" => removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE8A1AD1-2C74-44EF-BDCF-86BAB3EAF9B2}" => removed successfully

C:\WINDOWS\System32\Tasks\HP AR Program Upload - 5dbd5b0315a34311b8639bddbaba717c86cf94835bb34f0e9f10d544291b21d3 => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP AR Program Upload - 5dbd5b0315a34311b8639bddbaba717c86cf94835bb34f0e9f10d544291b21d3" => removed successfully

C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully

C:\WINDOWS\Tasks\HPCeeScheduleForOwner.job => moved successfully

C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => moved successfully

"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys" => was unlocked

========= DIR /a \Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys =========

The system cannot find the file specified.

========= End of CMD: =========

========= sc start aoddriver2 =========

[SC] StartService: OpenService FAILED 1060:

The specified service does not exist as an installed service.

========= End of CMD: =========

Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.

========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========

Failed to clear log Microsoft-Windows-LiveId/Analytic. Access is denied.

Failed to clear log Microsoft-Windows-LiveId/Operational. Access is denied.

Failed to clear log Microsoft-Windows-USBVideo/Analytic. The instance name passed was not recognized as valid by a WMI data provider.

========= End of CMD: =========

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 12-07-2018 08:59:08)

C:\Windows\System32\Drivers\etc\hosts => Is moved successfully

Hosts restored successfully.

==== End of Fixlog 08:59:26 ====

FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018

Ran by Owner (administrator) on PC (12-07-2018 09:05:36)