Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Window 10 stuck in a boot loop [Solved]

Started by Down_with_malware , Mar 17 2019 12:38 AM

  • This topic is locked This topic is locked

#1
Down_with_malware
Posted 17 March 2019 - 12:38 AM

Down_with_malware

    Member

  • Member
  • PipPipPip
  • 173 posts

One of my family members downloaded a background and it caught some virus that makes it go in an endless bootup loop. I am using another computer and not sure what to try. Thanks for your time!


  • 0

Advertisements

#2
iMacg3
Posted 17 March 2019 - 04:21 PM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Welcome to the Geeks To Go malware removal forum.
I'm iMacg3 and will be helping you.

Please keep the following information in mind before we begin:
  • Do not run any fixes or tools on your system unless I request that you do so.
  • Please read all instructions completely before you complete them.
  • If your computer seems to start working normally, please don't abandon the topic. Just because your computer doesn't seem to have a problem doesn't mean that it isn't infected.
  • If you have pirated or illegal software on your computer, uninstall it before proceeding.
  • If you don't respond to your topic in 4 days, it will be closed. You can have it reopened by sending me or any staff member a PM (Personal Message) with a link to your topic.
  • If you have questions about anything, please ask.
--------------------

What version of Windows does the affected computer run?
  • 0

#3
Down_with_malware
Posted 17 March 2019 - 06:23 PM

Down_with_malware

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 173 posts

 

What version of Windows does the affected computer run?

 

 

Thanks for the reply. Windows 10, if that is the answer you are looking for.


Edited by Down_with_malware, 17 March 2019 - 06:24 PM.

  • 0

#4
iMacg3
Posted 17 March 2019 - 06:29 PM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts

Hi,

Boot to Safe Mode
 

  • Start by shutting down your computer.
  • Press on the power button on the case to turn it on.
  • After the computer is about 3 - 5 seconds into the boot-up process, hold down the power button to shut down the computer.
  • Repeat the above process once again.
  • For the third time, turn on the computer and allow it to boot up.
  • If you completed the process correctly, a message saying "Preparing Automatic Repair" should appear.
  • In a few seconds, another message will appear stating "Diagnosing your PC" and Automatic Repair will open.
  • When you reach the Automatic Repair screen, click on "Advanced Options."
  • At the next screen, select "Troubleshoot."
  • When you see the next screen, select "Advanced Options."
  • Select "Startup Settings", then "Restart".
  • After the Startup Settings window appears, hit the "4" key on the keyboard.
  • At the next login prompt screen, enter your password for your computer.
  • If the Safe Mode opens properly, the desktop should appear with "Safe Mode" in each corner of the desktop.
  • Go ahead and shut down your computer once done.

Let me know if you were able to access Safe Mode.


  • 0

#5
Down_with_malware
Posted 17 March 2019 - 08:33 PM

Down_with_malware

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 173 posts

Hello, when I pressed f4 for safe mode, a window popped up saying "Windows cannot complete installation in safe mode. To continue to install windows, please restart the computer.

 

I am sorry, I failed to mentioned this before but I didn't think it had to do anything with installing windows, it gives you a choice to select your regional, time and other settings but never completes it and goes on a loop.


  • 0

#6
iMacg3
Posted 17 March 2019 - 08:37 PM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Recovery Environment Scan
Follow the instructions below to download and execute a scan on your system with FRST from the Recovery Environment, and provide the logs in your next reply.

Item(s) required:
  • USB Flash Drive (size depend on if you have to create a USB Recovery or Installation media)
  • CD/DVD (optional: only needed if you need to create a Recovery or Installation media and your USB Flash Drive is too small)
  • Another computer (optional: only needed if you cannot work from the infected computer directly)
Preparing the USB Flash Drive
  • Download the right version of FRST for your system:
    • FRST 32-bit
    • FRST 64-bit
      Note: Only the right version will run on your system, the other will throw an error message. So if you don't know what your system's version is, simply download both of them, and the one that works is the one you should be using.
  • Move the executable (FRST.exe or FRST64.exe) on your USB Flash Drive;
Boot in the Recovery Environment
  • Plug your USB Flash Drive in the infected computer;
  • To enter the Recovery Environment with Windows 10, follow the instructions in this tutorial on TenForums;
    Note: If you can't access the Recovery Environment using the method above, you'll need to create a Windows installation or repair media. It can be made on the computer itself or another one running the same version of Windows as the one you plan to use it on. For more information, check out this tutorial on TenForums.
Once in the command prompt
  • In the command prompt, type notepad and press on Enter;
  • Notepad will open. Click on the File menu and select Open;
  • Click on Computer/This PC, find the letter for your USB Flash Drive, then close the window and Notepad;
  • In the command prompt, type e:\frst.exe (for the x64 version, type e:\frst64.exe and press on Enter;
  • Note: Replace the letter e with the drive letter of your USB Flash Drive;
  • FRST will open;
  • Click on Yes to accept the disclaimer;
  • Click on the Scan button and wait for the scan to complete;
  • A log called FRST.txt will be saved on your USB Flash Drive. Attach it in your next reply;

  • 0

#7
Down_with_malware
Posted 17 March 2019 - 11:36 PM

Down_with_malware

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 173 posts

Hello, I am going to see if I can get the USB or blank CD tomorrow. Thanks for your help so far! I will reply back with the completed steps when I manage to get my hands on one.


  • 0

#8
iMacg3
Posted 18 March 2019 - 07:57 AM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts

OK, sounds good. :thumbsup:


  • 0

#9
Down_with_malware
Posted 18 March 2019 - 08:50 PM

Down_with_malware

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 173 posts


OK, sounds good. :thumbsup:

 

I completed the steps as you wanted and here is the logs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by SYSTEM on MININT-584FE3K (18-03-2019 21:44:01)
Running from G:\
Platform: Windows 10 Home Version 1803 17134.648 (X64) Language: English (United States)
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235944 2017-09-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-09-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWelcome.exe [127480 2017-11-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [321096 2017-11-27] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1198448 2017-08-30] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\RunOnce: [Unattend0000000001{83EF361F-FBE0-40C3-9D3A-D12A61800E8C}] => C:\windows\system32\oem\pwrcfg.bat [486 2018-05-24] ()
HKLM\...\RunOnce: [Unattend0000000002{EB8278D3-6EE5-4259-99BF-8CCE98C5D75E}] => C:\windows\system32\oem\pwrcfg.bat [486 2018-05-24] ()
HKU\Default\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\defaultuser0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {3EDA329C-6EE9-404F-B075-E2F0FF72693F} - System32\Tasks\Microsoft\Windows\SysResetLogSuccess => C:\Windows\system32\ResetEngine.exe (Microsoft Windows -> Microsoft Corporation)
Task: {4DC11491-043B-4C23-875E-DD0B9A68E583} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel® Management Engine Components\iCLS\IntelPTTEKRecertification.exe (Intel® Trust Services -> Intel® Corporation)
Task: {636A6233-311D-4FF3-8A7A-8DE19EB9F9EC} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {A28E353F-6D24-49D6-9F84-4470CB962B5C} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe (Dell Inc. -> Dell Inc.)
Task: {B3D42BBA-39BD-4704-A241-C599516372B7} - System32\Tasks\PCDBackgroundMonSetup => C:\Program Files\Dell\SupportAssist\pcdrcui.exe (Dell Inc. -> PC-Doctor, Inc.)
Task: {D03FA46B-F3A2-44AB-BCDC-14744A20337D} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe ()
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {D87D9553-2332-438B-B0B6-8BE3ABE24763} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {E112BA57-821A-4D6E-B844-D09E7B84C83A} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe (McAfee, Inc. -> McAfee, Inc.)
Task: {E425345A-E3C2-4FEC-AEA9-4D6157F8D2F8} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe (McAfee, Inc. -> McAfee, Inc.)
Task: {F6D1DE30-B28B-415E-8D5F-75C9514E8B67} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AESMService; C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_10d045798a3d667e\aesm_service.exe [3367272 2018-11-28] (Intel® Software Development Products -> Intel Corporation)
S2 AtherosSvc; C:\Windows\system32\DRIVERS\AdminService.exe [406504 2018-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-08-10] (McAfee, Inc. -> McAfee, Inc.)
S2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2017-12-14] (Dell Inc -> Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294608 2017-12-14] (Dell Inc -> Dell Inc.)
S2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2017-12-14] (Dell Inc -> Dell Inc.)
S2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [119840 2017-11-03] (Dell Inc -> Dell Inc.)
S2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [232832 2018-01-23] (Dell Inc -> Dell Inc.)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc. -> McAfee, Inc.)
S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2410672 2017-11-27] (Intel® Rapid Storage Technology -> Intel Corporation)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-11-27] (Intel® Rapid Storage Technology -> Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel® Management Engine Components\iCLS\SocketHeciServer.exe [742704 2017-10-11] (Intel® Trust Services -> Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\Intel® Management Engine Components\iCLS\TPMProvisioningService.exe [668472 2017-10-11] (Intel® Trust Services -> Intel® Corporation)
S2 IRMTService; C:\Program Files\Intel\Intel® Ready Mode Technology\IRMTService.exe [183424 2017-08-08] (Intel® RMT -> Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [213648 2017-11-08] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S2 Killer Network Service; C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2484408 2018-07-27] (Rivet Networks LLC -> Rivet Networks)
S4 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_7\McApExe.exe [991720 2017-11-22] (McAfee, Inc. -> McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [454560 2017-01-16] (McAfee, Inc. -> McAfee, Inc.)
S2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc. -> McAfee, Inc.)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe [2139832 2017-05-30] (McAfee, Inc. -> McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc. -> McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc. -> McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [357840 2017-09-14] (McAfee, Inc. -> McAfee LLC)
S2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [509904 2017-09-14] (McAfee, Inc. -> McAfee LLC)
S2 mfevtp; C:\Windows\system32\mfevtps.exe [466384 2017-09-14] (McAfee, Inc. -> McAfee LLC)
S2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1546904 2017-08-17] (McAfee, Inc. -> McAfee, Inc.)
S2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1046456 2017-09-14] (McAfee, Inc. -> Intel Security, Inc.)
S2 QcomWlanSrv; C:\Windows\System32\drivers\QcomWlanSrvx64.exe [190840 2018-06-29] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324584 2017-09-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [53208 2017-12-18] (Dell Inc. -> Dell Inc.)
S2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [829816 2017-08-30] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4403496 2019-01-08] (Microsoft Corporation -> Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
S2 xTendSoftAPService; C:\Windows\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [72888 2018-07-27] (Rivet Networks LLC -> CloudBees, Inc.)
S2 xTendUtilityService; C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [72888 2018-07-27] (Rivet Networks LLC -> CloudBees, Inc.)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77288 2017-10-17] (McAfee, Inc. -> McAfee LLC)
S3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [36400 2018-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2017-12-14] (Techporch Incorporated -> Dell Computer Corporation)
S3 dg_ssudbus; C:\Windows\System32\drivers\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 e2xw10x64; C:\Windows\System32\drivers\e2xw10x64.sys [165584 2018-06-05] (Rivet Networks LLC -> Qualcomm Atheros, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [218336 2017-10-09] (McAfee, Inc. -> McAfee, Inc.)
S3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [98968 2017-10-15] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [69632 2017-11-27] (Intel® Rapid Storage Technology -> Intel Corporation)
S3 IntelReadyModeDriver; C:\Windows\System32\drivers\IntelReadyModeDriver.sys [34712 2017-08-08] (Intel Corporation -> Intel Corporation)
S3 KfeCoSvc; C:\Windows\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [144592 2018-07-27] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [492520 2017-10-17] (McAfee, Inc. -> McAfee LLC)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [355304 2017-10-17] (McAfee, Inc. -> McAfee LLC)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [84024 2017-10-17] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee LLC)
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [505320 2017-10-17] (McAfee, Inc. -> McAfee LLC)
S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [936936 2017-10-17] (McAfee, Inc. -> McAfee LLC)
S3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [505768 2017-11-14] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [108456 2017-11-14] (McAfee, Inc. -> McAfee LLC.)
S3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [115176 2017-10-17] (McAfee, Inc. -> McAfee LLC)
S0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [252896 2017-10-17] (McAfee, Inc. -> McAfee LLC)
S3 Qcamain10x64; C:\Windows\System32\drivers\Qcamain10x64.sys [2358112 2018-06-29] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
S2 RfeCoSvc; C:\Windows\system32\DRIVERS\RfeCo10X64.sys [129776 2017-09-21] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-03-18 21:43 - 2019-03-18 21:43 - 000000000 ____D C:\FRST
2019-03-17 21:07 - 2019-03-17 21:09 - 000000000 _____ C:\Recovery.txt
2019-03-17 18:28 - 2019-03-17 18:28 - 000182418 _____ C:\Windows\ntbtlog.txt
2019-03-17 10:29 - 2019-03-17 10:29 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\ConnectedDevicesPlatform
2019-03-17 10:28 - 2019-03-17 10:28 - 000000020 ___SH C:\Users\defaultuser0\ntuser.ini
2019-03-17 10:28 - 2019-03-17 08:45 - 000000000 ____D C:\users\defaultuser0
2019-03-17 08:45 - 2019-03-17 15:53 - 000000000 __SHD C:\Users\defaultuser0\IntelGraphicsProfiles
2019-03-16 21:38 - 2019-03-16 21:44 - 000000000 ____D C:\Windows.old
2019-03-16 21:38 - 2019-03-16 21:38 - 000000000 ____D C:\Windows\InfusedApps
2019-03-16 21:37 - 2019-03-16 20:51 - 000000000 ____D C:\Windows\IAStorAfsService
2019-03-16 21:36 - 2019-03-16 21:36 - 000008192 _____ C:\Windows\System32\config\userdiff
2019-03-16 21:36 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\Setup
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\zu-ZA
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\yo-NG
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\xh-ZA
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\wo-SN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\vi-VN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\uz-Latn-UZ
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\ur-PK
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\ug-CN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\tt-RU
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\tn-ZA
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\tk-TM
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\ti-ET
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\tg-Cyrl-TJ
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\te-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\ta-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\sw-KE
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\sr-Cyrl-RS
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\sr-Cyrl-BA
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\sq-AL
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\si-LK
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\sd-Arab-PK
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\rw-RW
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\quz-PE
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\quc-Latn-GT
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\prs-AF
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\pa-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\pa-Arab-PK
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\or-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\nso-ZA
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\nn-NO
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\ne-NP
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\mt-MT
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\mr-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\mn-MN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\ml-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\mk-MK
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\mi-NZ
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\lo-LA
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\lb-LU
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\ky-KG
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\ku-Arab-IQ
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\kok-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\kn-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\km-KH
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\kk-KZ
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\ka-GE
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\is-IS
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\ig-NG
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\id-ID
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\hy-AM
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\ha-Latn-NG
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\gu-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\gd-GB
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\ga-IE
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\fil-PH
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\fa-IR
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\cy-GB
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\chr-CHER-US
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\ca-ES-valencia
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\bs-Latn-BA
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\bn-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\bn-BD
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\be-BY
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\az-Latn-AZ
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\as-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\am-ET
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\af-ZA
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\zu-ZA
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\yo-NG
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\xh-ZA
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\wo-SN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\vi-VN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\uz-Latn-UZ
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\ur-PK
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\ug-CN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\tt-RU
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\tn-ZA
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\tk-TM
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\ti-ET
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\tg-Cyrl-TJ
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\te-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\sw-KE
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\sr-Cyrl-RS
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\sr-Cyrl-BA
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\sq-AL
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\sd-Arab-PK
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\rw-RW
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\quz-PE
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\quc-Latn-GT
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\prs-AF
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\pa-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\pa-Arab-PK
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\or-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\nso-ZA
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\nn-NO
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\ne-NP
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\mt-MT
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\mr-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\mn-MN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\ml-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\mk-MK
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\mi-NZ
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\lo-LA
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\lb-LU
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\ky-KG
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\ku-Arab-IQ
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\kok-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\kn-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\km-KH
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\kk-KZ
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\ka-GE
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\is-IS
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\ig-NG
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\id-ID
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\hy-AM
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\ha-Latn-NG
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\gu-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\gd-GB
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\ga-IE
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\fil-PH
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\fa-IR
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\cy-GB
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\chr-CHER-US
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\ca-ES-valencia
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\bs-Latn-BA
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\bn-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\bn-BD
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\be-BY
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\az-Latn-AZ
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\as-IN
2019-03-16 21:33 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\af-ZA
2019-03-16 21:33 - 2019-03-16 21:33 - 000000000 ____D C:\Windows\SysWOW64\MailContactsCalendarSync
2019-03-16 21:33 - 2019-03-16 21:33 - 000000000 ____D C:\Windows\SysWOW64\hi-IN
2019-03-16 21:33 - 2019-03-16 21:33 - 000000000 ____D C:\Windows\SysWOW64\gl-ES
2019-03-16 21:33 - 2019-03-16 21:33 - 000000000 ____D C:\Windows\SysWOW64\eu-ES
2019-03-16 21:33 - 2019-03-16 21:33 - 000000000 ____D C:\Windows\SysWOW64\ca-ES
2019-03-16 21:33 - 2019-03-16 21:33 - 000000000 ____D C:\Windows\System32\OpenSSH
2019-03-16 21:33 - 2019-03-16 21:33 - 000000000 ____D C:\Windows\System32\MailContactsCalendarSync
2019-03-16 21:33 - 2019-03-16 21:33 - 000000000 ____D C:\Windows\System32\hi-IN
2019-03-16 21:33 - 2019-03-16 21:33 - 000000000 ____D C:\Windows\System32\gl-ES
2019-03-16 21:33 - 2019-03-16 21:33 - 000000000 ____D C:\Windows\System32\eu-ES
2019-03-16 21:33 - 2019-03-16 21:33 - 000000000 ____D C:\Windows\System32\ca-ES
2019-03-16 21:33 - 2019-03-16 21:33 - 000000000 ____D C:\Windows\OCR
2019-03-16 21:33 - 2019-03-16 21:33 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-03-16 21:33 - 2019-03-16 21:33 - 000000000 ____D C:\Program Files\MSBuild
2019-03-16 21:33 - 2019-03-16 21:33 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-03-16 21:33 - 2019-03-16 21:33 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-03-16 21:32 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\SysWOW64\winrm
2019-03-16 21:32 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\SysWOW64\WCN
2019-03-16 21:32 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\SysWOW64\sysprep
2019-03-16 21:32 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2019-03-16 21:32 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2019-03-16 21:32 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\SysWOW64\0409
2019-03-16 21:32 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\System32\winrm
2019-03-16 21:32 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\System32\WCN
2019-03-16 21:32 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\System32\slmgr
2019-03-16 21:32 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\System32\Printing_Admin_Scripts
2019-03-16 21:32 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\System32\0409
2019-03-16 21:32 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\DigitalLocker
2019-03-16 21:29 - 2019-03-03 08:54 - 000835480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-03-16 21:29 - 2019-03-03 08:54 - 000179608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-16 21:28 - 2019-03-16 21:25 - 000215943 _____ C:\Windows\SysWOW64\dssec.dat
2019-03-16 21:28 - 2019-03-16 21:25 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2019-03-16 21:28 - 2019-03-16 21:25 - 000000741 _____ C:\Windows\SysWOW64\NOISE.DAT
2019-03-16 21:27 - 2019-03-17 17:56 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-16 21:27 - 2019-03-17 00:31 - 000000000 ____D C:\Windows\System32\WinBioDatabase
2019-03-16 21:27 - 2019-03-17 00:31 - 000000000 ____D C:\Windows\appcompat
2019-03-16 21:27 - 2019-03-16 21:39 - 000000000 ____D C:\Windows\System32\oobe
2019-03-16 21:27 - 2019-03-16 21:38 - 000028672 _____ C:\Windows\System32\config\BCD-Template
2019-03-16 21:27 - 2019-03-16 21:36 - 000000000 ___SD C:\Windows\SysWOW64\F12
2019-03-16 21:27 - 2019-03-16 21:36 - 000000000 ___SD C:\Windows\System32\UNP
2019-03-16 21:27 - 2019-03-16 21:36 - 000000000 ___SD C:\Windows\System32\F12
2019-03-16 21:27 - 2019-03-16 21:36 - 000000000 ___SD C:\Windows\System32\DiagSvcs
2019-03-16 21:27 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\TextInput
2019-03-16 21:27 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\setup
2019-03-16 21:27 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-03-16 21:27 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-03-16 21:27 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\WinBioPlugIns
2019-03-16 21:27 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\ta-in
2019-03-16 21:27 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\SystemResetPlatform
2019-03-16 21:27 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\si-lk
2019-03-16 21:27 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\ShellExperiences
2019-03-16 21:27 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\setup
2019-03-16 21:27 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\Dism
2019-03-16 21:27 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\appraiser
2019-03-16 21:27 - 2019-03-16 21:36 - 000000000 ____D C:\Windows\System32\am-et
2019-03-16 21:27 - 2019-03-16 21:35 - 000000000 ____D C:\Windows\ShellExperiences
2019-03-16 21:27 - 2019-03-16 21:35 - 000000000 ____D C:\Windows\ShellComponents
2019-03-16 21:27 - 2019-03-16 21:35 - 000000000 ____D C:\Windows\Provisioning
2019-03-16 21:27 - 2019-03-16 21:35 - 000000000 ____D C:\Windows\bcastdvr
2019-03-16 21:27 - 2019-03-16 21:35 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-03-16 21:27 - 2019-03-16 21:35 - 000000000 ____D C:\Program Files\Windows Defender
2019-03-16 21:27 - 2019-03-16 21:35 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-03-16 21:27 - 2019-03-16 21:35 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-03-16 21:27 - 2019-03-16 21:33 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-03-16 21:27 - 2019-03-16 21:32 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2019-03-16 21:27 - 2019-03-16 21:32 - 000000000 ___SD C:\Windows\System32\dsc
2019-03-16 21:27 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\SysWOW64\MUI
2019-03-16 21:27 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\SysWOW64\com
2019-03-16 21:27 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\System32\Sysprep
2019-03-16 21:27 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\System32\MUI
2019-03-16 21:27 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\System32\migwiz
2019-03-16 21:27 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\System32\com
2019-03-16 21:27 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\IME
2019-03-16 21:27 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\Help
2019-03-16 21:27 - 2019-03-16 21:32 - 000000000 ____D C:\Program Files\Common Files\system
2019-03-16 21:27 - 2019-03-16 21:32 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-03-16 21:27 - 2019-03-16 21:28 - 000000000 ___SD C:\Windows\SysWOW64\Nui
2019-03-16 21:27 - 2019-03-16 21:28 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2019-03-16 21:27 - 2019-03-16 21:28 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2019-03-16 21:27 - 2019-03-16 21:28 - 000000000 ____D C:\Windows\SysWOW64\icsxml
2019-03-16 21:27 - 2019-03-16 21:28 - 000000000 ____D C:\Windows\SysWOW64\downlevel
2019-03-16 21:27 - 2019-03-16 21:28 - 000000000 ____D C:\Windows\SysWOW64\Bthprops
2019-03-16 21:27 - 2019-03-16 21:28 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 __SHD C:\Program Files\Windows Sidebar
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 __RSD C:\Windows\media
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 __RHD C:\Users\Public\Libraries
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ___SD C:\Windows\SysWOW64\Configuration
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ___SD C:\Windows\System32\Nui
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ___SD C:\Windows\System32\Configuration
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ___SD C:\Windows\Downloaded Program Files
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ___RD C:\Windows\Offline Web Pages
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ___HD C:\Windows\LanguageOverlayCache
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\Web
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\WaaS
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\Vss
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\tracing
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\TAPI
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\SysWOW64\SMI
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\SysWOW64\ras
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\SysWOW64\NDF
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\SysWOW64\Msdtc
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\SysWOW64\Ipmi
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\SysWOW64\InputMethod
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\SysWOW64\inetsrv
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\SysWOW64\IME
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicyUsers
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\SysWOW64\FxsTmp
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\SysWOW64\AppLocker
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\SystemResources
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\SystemApps
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\WinMetadata
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\winevt
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\ta-lk
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\SecureBootUpdates
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\ras
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\ProximityToast
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\PointOfService
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\NDF
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\my-mm
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\MsDtc
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\Macromed
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\Ipmi
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\InputMethod
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\inetsrv
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\IME
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\icsxml
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\ias
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\hydrogen
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\DriverState
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\Drivers\DriverData
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\downlevel
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\DDFs
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\config\TxR
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\config\systemprofile
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\config\RegBack
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\config\Journal
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\Bthprops
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\AppLocker
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\AdvancedInstallers
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\SKB
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\ServiceState
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\security
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\schemas
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\SchCache
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\Resources
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\rescache
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\PLA
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\Performance
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\ModemLogs
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\LiveKernelReports
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\L2Schemas
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\InputMethod
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\IdentityCRL
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\Globalization
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\GameBarPresenceWriter
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\Cursors
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\Branding
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\AppReadiness
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\addins
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Program Files\Windows Security
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Program Files\Windows Portable Devices
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Program Files\windows nt
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Program Files\Common Files\Services
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Program Files (x86)\windows nt
2019-03-16 21:27 - 2019-03-16 21:27 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2019-03-16 21:27 - 2019-03-16 21:25 - 000229376 _____ (Microsoft Corporation) C:\Windows\System32\msclmd.dll
2019-03-16 21:27 - 2019-03-16 21:25 - 000215943 _____ C:\Windows\System32\dssec.dat
2019-03-16 21:27 - 2019-03-16 21:25 - 000017346 _____ C:\Windows\System32\OEMDefaultAssociations.xml
2019-03-16 21:27 - 2019-03-16 21:25 - 000003683 _____ C:\Windows\System32\Drivers\etc\lmhosts.sam
2019-03-16 21:27 - 2019-03-16 21:25 - 000000858 _____ C:\Windows\System32\DefaultQuestions.json
2019-03-16 21:27 - 2019-03-16 21:25 - 000000741 _____ C:\Windows\System32\NOISE.DAT
2019-03-16 21:27 - 2019-03-16 21:12 - 000000000 ____D C:\Windows\System32\FxsTmp
2019-03-16 21:27 - 2019-03-16 21:11 - 000000000 ____D C:\Windows\Registration
2019-03-16 21:27 - 2019-03-16 21:07 - 000000000 ___RD C:\Program Files (x86)
2019-03-16 21:27 - 2019-03-16 21:07 - 000000000 ____D C:\Windows\System32\spool
2019-03-16 21:27 - 2019-03-16 20:55 - 000000000 ___RD C:\Windows\PrintDialog
2019-03-16 21:27 - 2019-03-16 20:55 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2019-03-16 21:27 - 2019-03-16 20:54 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-16 21:27 - 2019-03-16 20:53 - 000000000 ____D C:\ProgramData\USOPrivate
2019-03-16 21:26 - 2019-03-17 10:04 - 000000000 ____D C:\Windows\INF
2019-03-16 21:21 - 2019-03-16 21:21 - 000000000 ____D C:\Windows\CbsTemp
2019-03-16 21:16 - 2019-03-17 21:23 - 000065536 _____ C:\Windows\System32\config\SAM
2019-03-16 21:16 - 2019-03-17 21:07 - 081002496 _____ C:\Windows\System32\config\SOFTWARE
2019-03-16 21:16 - 2019-03-17 21:02 - 020447232 _____ C:\Windows\System32\config\SYSTEM
2019-03-16 21:16 - 2019-03-17 15:54 - 000524288 _____ C:\Windows\System32\config\DEFAULT
2019-03-16 21:16 - 2019-03-17 15:54 - 000032768 _____ C:\Windows\System32\config\SECURITY
2019-03-16 21:16 - 2019-03-16 21:32 - 000000000 ____D C:\Windows\servicing
2019-03-16 21:16 - 2019-03-16 21:27 - 000000000 ____D C:\Windows\System32\SMI
2019-03-16 21:16 - 2019-03-16 21:13 - 000000000 ____D C:\Windows\Panther
2019-03-16 21:16 - 2019-03-16 21:12 - 000032768 _____ C:\Windows\System32\config\ELAM
2019-03-16 21:16 - 2019-03-16 21:09 - 000008192 _____ C:\Windows\System32\config\BBI
2019-03-16 21:14 - 2019-03-17 10:04 - 000840376 _____ C:\Windows\System32\PerfStringBackup.INI
2019-03-16 21:13 - 2019-03-16 21:13 - 000000000 _SHDL C:\users\Default User
2019-03-16 21:13 - 2019-03-16 21:13 - 000000000 _SHDL C:\users\All Users
2019-03-16 21:13 - 2019-03-16 21:13 - 000000000 _SHDL C:\Documents and Settings
2019-03-16 21:12 - 2019-03-17 18:17 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-16 21:12 - 2019-03-16 21:13 - 000002386 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
2019-03-16 21:12 - 2019-03-16 21:12 - 000003256 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2019-03-16 21:12 - 2019-03-16 21:12 - 000003180 _____ C:\Windows\System32\Tasks\Intel PTT EK Recertification
2019-03-16 21:12 - 2019-03-16 21:12 - 000002782 _____ C:\Windows\System32\Tasks\PCDBackgroundMonSetup
2019-03-16 21:12 - 2019-03-16 21:12 - 000002486 _____ C:\Windows\System32\Tasks\McAfeeLogon
2019-03-16 21:12 - 2019-03-16 21:12 - 000000000 ____D C:\Windows\System32\Tasks\McAfee
2019-03-16 21:12 - 2019-03-16 21:12 - 000000000 ____D C:\Windows\System32\Tasks\Intel
2019-03-16 21:12 - 2019-03-16 21:12 - 000000000 ____D C:\Windows\System32\Drivers\wd
2019-03-16 21:12 - 2018-04-11 15:33 - 002752000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2019-03-16 21:11 - 2019-03-16 21:11 - 000022744 _____ C:\Windows\System32\emptyregdb.dat
2019-03-16 21:06 - 2019-03-16 21:06 - 000000000 ____D C:\Windows\System32\config\bbimigrate
2019-03-16 20:53 - 2019-03-16 21:07 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-03-16 20:53 - 2019-03-16 20:53 - 000000000 ____D C:\Windows\System32\Drivers\RivetNetworks
2019-03-16 20:53 - 2019-03-16 20:53 - 000000000 ____D C:\ProgramData\USOShared
2019-03-16 20:53 - 2019-03-16 20:53 - 000000000 ____D C:\ProgramData\RivetNetworks
2019-03-16 20:53 - 2019-03-16 20:53 - 000000000 ____D C:\Program Files\Realtek
2019-03-16 20:52 - 2019-03-16 21:07 - 000000000 ____D C:\ProgramData\Intel
2019-03-16 20:52 - 2019-03-16 21:07 - 000000000 ____D C:\Program Files\Intel
2019-03-16 20:52 - 2019-03-16 21:06 - 000000000 ____D C:\Intel
2019-03-16 20:52 - 2019-03-16 20:52 - 000000000 ____H C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2019-03-16 20:52 - 2019-03-16 20:52 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2019-03-16 20:52 - 2019-03-16 20:52 - 000000000 _____ C:\Windows\System32\GfxValDisplayLog.bin
2019-03-16 20:52 - 2017-08-15 21:02 - 000140296 _____ (Khronos Group) C:\Windows\System32\OpenCL.DLL
2019-03-16 20:52 - 2017-08-15 21:02 - 000116736 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2019-03-16 20:52 - 2017-07-20 09:21 - 000905504 _____ C:\Windows\System32\vulkan-1.dll
2019-03-16 20:52 - 2017-07-20 09:21 - 000776992 _____ C:\Windows\SysWOW64\vulkan-1.dll
2019-03-16 20:52 - 2017-07-20 09:21 - 000578848 _____ C:\Windows\System32\vulkaninfo.exe
2019-03-16 20:52 - 2017-07-20 09:21 - 000477472 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2019-03-16 20:50 - 2019-03-18 18:28 - 000000000 ____D C:\Windows\System32\SleepStudy
2019-03-16 20:50 - 2019-03-16 21:09 - 000234720 _____ C:\Windows\System32\FNTCACHE.DAT
2019-03-16 20:50 - 2019-03-16 20:50 - 000000000 ____D C:\Windows\ServiceProfiles
2019-03-16 20:02 - 2019-03-16 21:39 - 000000000 ___HD C:\$SysReset
2019-03-12 16:16 - 2019-03-06 07:39 - 000720536 ____N (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2019-03-12 16:16 - 2019-03-06 07:37 - 001616608 ____N (Microsoft Corporation) C:\Windows\System32\sppobjs.dll
2019-03-12 16:16 - 2019-03-06 07:36 - 001047352 ____N (Microsoft Corporation) C:\Windows\System32\ReAgent.dll
2019-03-12 16:16 - 2019-03-06 07:20 - 000064000 ____N (Microsoft Corporation) C:\Windows\System32\iemigplugin.dll
2019-03-12 16:16 - 2019-03-06 07:19 - 000058368 ____N (Microsoft Corporation) C:\Windows\System32\mf3216.dll
2019-03-12 16:16 - 2019-03-06 07:17 - 012730368 ____N (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2019-03-12 16:16 - 2019-03-06 07:17 - 000810496 ____N C:\Windows\System32\MBR2GPT.EXE
2019-03-12 16:16 - 2019-03-06 07:17 - 000116736 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bridge.sys
2019-03-12 16:16 - 2019-03-06 07:14 - 001180672 ____N (Microsoft Corporation) C:\Windows\System32\localspl.dll
2019-03-12 16:16 - 2019-03-06 07:14 - 000522240 ____N (Microsoft Corporation) C:\Windows\System32\winspool.drv
2019-03-12 16:16 - 2019-03-06 07:14 - 000488448 ____N (Microsoft Corporation) C:\Windows\System32\werui.dll
2019-03-12 16:16 - 2019-03-06 07:13 - 004053504 ____N (Microsoft Corporation) C:\Windows\System32\msi.dll
2019-03-12 16:16 - 2019-03-06 07:13 - 001856512 ____N (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2019-03-12 16:16 - 2019-03-06 07:13 - 001662976 ____N (Microsoft Corporation) C:\Windows\System32\GdiPlus.dll
2019-03-12 16:16 - 2019-03-06 07:13 - 001364992 ____N (Microsoft Corporation) C:\Windows\System32\bcastdvruserservice.dll
2019-03-12 16:16 - 2019-03-06 07:12 - 001180672 ____N (Microsoft Corporation) C:\Windows\System32\reseteng.dll
2019-03-12 16:16 - 2019-03-06 04:18 - 000918032 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2019-03-12 16:16 - 2019-03-06 04:18 - 000607744 ____N (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-03-12 16:16 - 2019-03-06 04:10 - 000044544 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-03-12 16:16 - 2019-03-06 04:09 - 011919360 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-03-12 16:16 - 2019-03-06 04:06 - 000425472 ____N (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-03-12 16:16 - 2019-03-06 04:05 - 004054016 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-03-12 16:16 - 2019-03-06 04:05 - 001586176 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-03-12 16:16 - 2019-03-06 04:04 - 001471488 ____N (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-03-12 16:16 - 2019-03-06 04:04 - 000423936 ____N (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-03-12 16:16 - 2019-03-06 03:59 - 001008640 ____N (Microsoft Corporation) C:\Windows\System32\Windows.Media.MixedRealityCapture.dll
2019-03-12 16:16 - 2019-03-06 01:29 - 001035040 ____N (Microsoft Corporation) C:\Windows\System32\ApplyTrustOffline.exe
2019-03-12 16:16 - 2019-03-06 01:16 - 002822456 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2019-03-12 16:16 - 2019-03-06 01:16 - 001457032 ____N (Microsoft Corporation) C:\Windows\System32\winload.efi
2019-03-12 16:16 - 2019-03-06 01:16 - 001188000 ____N (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2019-03-12 16:16 - 2019-03-06 01:16 - 000776792 ____N (Microsoft Corporation) C:\Windows\System32\wer.dll
2019-03-12 16:16 - 2019-03-06 01:16 - 000722744 ____N (Microsoft Corporation) C:\Windows\System32\wimgapi.dll
2019-03-12 16:16 - 2019-03-06 01:16 - 000566568 ____N (Microsoft Corporation) C:\Windows\System32\tcblaunch.exe
2019-03-12 16:16 - 2019-03-06 01:16 - 000527160 ____N (Microsoft Corporation) C:\Windows\System32\wimserv.exe
2019-03-12 16:16 - 2019-03-06 01:11 - 000493880 ____N (Microsoft Corporation) C:\Windows\System32\WerFault.exe
2019-03-12 16:16 - 2019-03-06 01:10 - 000248880 ____N (Microsoft Corporation) C:\Windows\System32\weretw.dll
2019-03-12 16:16 - 2019-03-06 01:07 - 001219896 ____N (Microsoft Corporation) C:\Windows\System32\hvix64.exe
2019-03-12 16:16 - 2019-03-06 01:07 - 001023800 ____N (Microsoft Corporation) C:\Windows\System32\hvax64.exe
2019-03-12 16:16 - 2019-03-06 01:07 - 000376120 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\fastfat.sys
2019-03-12 16:16 - 2019-03-06 01:06 - 009084216 ____N (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2019-03-12 16:16 - 2019-03-06 01:06 - 000134968 ____N (Microsoft Corporation) C:\Windows\System32\hvloader.dll
2019-03-12 16:16 - 2019-03-06 01:06 - 000076088 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\hvservice.sys
2019-03-12 16:16 - 2019-03-06 01:05 - 000439224 ____N (Microsoft Corporation) C:\Windows\System32\Faultrep.dll
2019-03-12 16:16 - 2019-03-06 01:05 - 000436240 ____N (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2019-03-12 16:16 - 2019-03-06 01:05 - 000159864 ____N (Microsoft Corporation) C:\Windows\System32\WerFaultSecure.exe
2019-03-12 16:16 - 2019-03-06 01:04 - 002765856 ____N (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2019-03-12 16:16 - 2019-03-06 01:04 - 000945464 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\refsv1.sys
2019-03-12 16:16 - 2019-03-06 01:04 - 000628024 ____N (Microsoft Corporation) C:\Windows\System32\dpx.dll
2019-03-12 16:16 - 2019-03-06 01:03 - 007519896 ____N (Microsoft Corporation) C:\Windows\System32\Windows.Media.Protection.PlayReady.dll
2019-03-12 16:16 - 2019-03-06 01:03 - 002719544 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2019-03-12 16:16 - 2019-03-06 01:03 - 002465784 ____N (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2019-03-12 16:16 - 2019-03-06 01:03 - 001921848 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\refs.sys
2019-03-12 16:16 - 2019-03-06 01:03 - 000793400 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms2.sys
2019-03-12 16:16 - 2019-03-06 01:03 - 000412984 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2019-03-12 16:16 - 2019-03-06 01:03 - 000375608 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\msrpc.sys
2019-03-12 16:16 - 2019-03-06 01:02 - 002421048 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2019-03-12 16:16 - 2019-03-06 01:02 - 001257672 ____N (Microsoft Corporation) C:\Windows\System32\winload.exe
2019-03-12 16:16 - 2019-03-06 01:02 - 001140480 ____N (Microsoft Corporation) C:\Windows\System32\winresume.efi
2019-03-12 16:16 - 2019-03-06 01:02 - 000982912 ____N (Microsoft Corporation) C:\Windows\System32\winresume.exe
2019-03-12 16:16 - 2019-03-06 01:02 - 000626488 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2019-03-12 16:16 - 2019-03-06 00:44 - 025856512 ____N (Microsoft Corporation) C:\Windows\System32\edgehtml.dll
2019-03-12 16:16 - 2019-03-06 00:36 - 022716928 ____N (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2019-03-12 16:16 - 2019-03-06 00:36 - 004383744 ____N (Microsoft Corporation) C:\Windows\System32\EdgeContent.dll
2019-03-12 16:16 - 2019-03-06 00:34 - 004866048 ____N (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2019-03-12 16:16 - 2019-03-06 00:33 - 000046080 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
2019-03-12 16:16 - 2019-03-06 00:32 - 003399168 ____N (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2019-03-12 16:16 - 2019-03-06 00:32 - 000358912 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\exfat.sys
2019-03-12 16:16 - 2019-03-06 00:32 - 000287232 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2019-03-12 16:16 - 2019-03-06 00:32 - 000209408 ____N (Microsoft Corporation) C:\Windows\System32\AppXApplicabilityBlob.dll
2019-03-12 16:16 - 2019-03-06 00:31 - 007598592 _____ (Microsoft Corporation) C:\Windows\System32\Chakra.dll
2019-03-12 16:16 - 2019-03-06 00:31 - 002368512 ____N (Microsoft Corporation) C:\Windows\System32\WebRuntimeManager.dll
2019-03-12 16:16 - 2019-03-06 00:31 - 001826816 ____N (Microsoft Corporation) C:\Windows\System32\Windows.CloudStore.dll
2019-03-12 16:16 - 2019-03-06 00:31 - 000894464 ____N (Microsoft Corporation) C:\Windows\System32\webplatstorageserver.dll
2019-03-12 16:16 - 2019-03-06 00:31 - 000808448 ____N (Microsoft Corporation) C:\Windows\System32\EdgeManager.dll
2019-03-12 16:16 - 2019-03-06 00:31 - 000726528 ____N (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2019-03-12 16:16 - 2019-03-06 00:31 - 000353792 ____N (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll
2019-03-12 16:16 - 2019-03-06 00:31 - 000324608 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\udfs.sys
2019-03-12 16:16 - 2019-03-06 00:31 - 000279552 ____N (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2019-03-12 16:16 - 2019-03-06 00:31 - 000266752 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2019-03-12 16:16 - 2019-03-06 00:31 - 000154112 ____N (Microsoft Corporation) C:\Windows\System32\Chakradiag.dll
2019-03-12 16:16 - 2019-03-06 00:29 - 002364928 ____N (Microsoft Corporation) C:\Windows\System32\OpcServices.dll
2019-03-12 16:16 - 2019-03-06 00:29 - 002174976 ____N (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.onecore.dll
2019-03-12 16:16 - 2019-03-06 00:29 - 001559552 ____N (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.desktop.dll
2019-03-12 16:16 - 2019-03-06 00:29 - 000736256 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2019-03-12 16:16 - 2019-03-06 00:28 - 004937728 ____N (Microsoft Corporation) C:\Windows\System32\wininet.dll
2019-03-12 16:16 - 2019-03-06 00:28 - 001803776 ____N (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2019-03-12 16:16 - 2019-03-06 00:27 - 002224640 ____N (Microsoft Corporation) C:\Windows\System32\win32kbase.sys
2019-03-12 16:16 - 2019-03-06 00:27 - 000776192 ____N (Microsoft Corporation) C:\Windows\System32\jscript.dll
2019-03-12 16:16 - 2019-03-06 00:27 - 000542720 ____N (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2019-03-12 16:16 - 2019-03-06 00:27 - 000507392 ____N (Microsoft Corporation) C:\Windows\System32\edgeIso.dll
2019-03-12 16:16 - 2019-03-06 00:26 - 000868864 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-03-12 16:16 - 2019-03-06 00:26 - 000073216 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\npfs.sys
2019-03-12 16:16 - 2019-03-06 00:26 - 000031232 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\msfs.sys
2019-03-12 16:16 - 2019-03-06 00:25 - 000093696 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\cdfs.sys
2019-03-12 16:16 - 2019-03-05 23:08 - 000001310 ____N C:\Windows\System32\tcbres.wim
2019-03-12 16:16 - 2019-03-05 22:17 - 001989040 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-03-12 16:16 - 2019-03-05 22:17 - 000146712 ____N (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-03-12 16:16 - 2019-03-05 22:15 - 002253488 ____N (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-03-12 16:16 - 2019-03-05 22:15 - 000434488 ____N (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-03-12 16:16 - 2019-03-05 22:14 - 006568528 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-12 16:16 - 2019-03-05 22:14 - 000785568 ____N (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-03-12 16:16 - 2019-03-05 22:14 - 000665224 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-03-12 16:16 - 2019-03-05 22:14 - 000450872 ____N (Microsoft Corporation) C:\Windows\SysWOW64\dpx.dll
2019-03-12 16:16 - 2019-03-05 22:14 - 000380728 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-03-12 16:16 - 2019-03-05 22:13 - 000607248 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2019-03-12 16:16 - 2019-03-05 22:05 - 022018048 ____N (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-03-12 16:16 - 2019-03-05 21:56 - 019404288 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-03-12 16:16 - 2019-03-05 21:53 - 005307392 ____N (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2019-03-12 16:16 - 2019-03-05 21:53 - 003711488 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-03-12 16:16 - 2019-03-05 21:52 - 005790720 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-03-12 16:16 - 2019-03-05 21:52 - 000608768 ____N (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-03-12 16:16 - 2019-03-05 21:52 - 000261632 ____N (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2019-03-12 16:16 - 2019-03-05 21:51 - 000561152 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-03-12 16:16 - 2019-03-05 21:51 - 000333824 ____N (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-03-12 16:16 - 2019-03-05 21:51 - 000032768 ____N (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-03-12 16:16 - 2019-03-05 21:50 - 001628160 ____N (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-03-12 16:16 - 2019-03-05 21:50 - 001347584 ____N (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2019-03-12 16:16 - 2019-03-05 21:50 - 000578560 ____N (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-03-12 16:16 - 2019-03-05 21:49 - 004516352 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-03-12 16:16 - 2019-03-05 21:49 - 000318464 ____N (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2019-03-12 16:16 - 2019-03-05 21:49 - 000251904 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2019-03-12 16:16 - 2019-03-05 21:48 - 000669696 ____N (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-03-12 16:16 - 2019-03-05 21:48 - 000533504 ____N (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-03-12 16:16 - 2019-02-20 19:26 - 000313344 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-03-12 16:16 - 2019-02-16 05:02 - 002871304 ____N (Microsoft Corporation) C:\Windows\System32\aitstatic.exe
2019-03-12 16:16 - 2019-02-16 05:02 - 001644040 ____N (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2019-03-12 16:16 - 2019-02-16 05:02 - 000808456 ____N (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2019-03-12 16:16 - 2019-02-16 05:02 - 000735752 ____N (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2019-03-12 16:16 - 2019-02-16 05:02 - 000620040 ____N (Microsoft Corporation) C:\Windows\System32\devinv.dll
2019-03-12 16:16 - 2019-02-16 05:02 - 000460296 ____N (Microsoft Corporation) C:\Windows\System32\invagent.dll
2019-03-12 16:16 - 2019-02-16 05:02 - 000322568 ____N (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2019-03-12 16:16 - 2019-02-16 05:02 - 000147464 ____N (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2019-03-12 16:16 - 2019-02-16 05:02 - 000071176 ____N (Microsoft Corporation) C:\Windows\System32\win32appinventorycsp.dll
2019-03-12 16:16 - 2019-02-16 04:57 - 001048472 ____N (Microsoft Corporation) C:\Windows\System32\Windows.Internal.Shell.Broker.dll
2019-03-12 16:16 - 2019-02-16 04:57 - 000506088 ____N (Microsoft Corporation) C:\Windows\System32\systemreset.exe
2019-03-12 16:16 - 2019-02-16 04:56 - 000549520 ____N (Microsoft Corporation) C:\Windows\System32\AppResolver.dll
2019-03-12 16:16 - 2019-02-16 04:56 - 000540984 ____N (Microsoft Corporation) C:\Windows\System32\pcasvc.dll
2019-03-12 16:16 - 2019-02-16 04:53 - 001516416 ____N (Microsoft Corporation) C:\Windows\System32\msctf.dll
2019-03-12 16:16 - 2019-02-16 04:36 - 000127488 ____N (Microsoft Corporation) C:\Windows\System32\AppxSysprep.dll
2019-03-12 16:16 - 2019-02-16 04:34 - 004718080 ____N (Microsoft Corporation) C:\Windows\System32\twinui.pcshell.dll
2019-03-12 16:16 - 2019-02-16 04:34 - 001725952 ____N (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
2019-03-12 16:16 - 2019-02-16 04:34 - 000302080 ____N (Microsoft Corporation) C:\Windows\System32\AcLayers.dll
2019-03-12 16:16 - 2019-02-16 04:33 - 001786880 ____N (Microsoft Corporation) C:\Windows\System32\wsp_health.dll
2019-03-12 16:16 - 2019-02-16 04:32 - 003646976 ____N (Microsoft Corporation) C:\Windows\System32\win32kfull.sys
2019-03-12 16:16 - 2019-02-16 04:32 - 002051072 ____N (Microsoft Corporation) C:\Windows\System32\wsp_fs.dll
2019-03-12 16:16 - 2019-02-16 04:31 - 001271808 ____N (Microsoft Corporation) C:\Windows\System32\gpsvc.dll
2019-03-12 16:16 - 2019-02-16 04:31 - 001003520 ____N (Microsoft Corporation) C:\Windows\System32\clusapi.dll
2019-03-12 16:16 - 2019-02-16 04:31 - 000861184 ____N (Microsoft Corporation) C:\Windows\System32\mprddm.dll
2019-03-12 16:16 - 2019-02-16 04:31 - 000615424 ____N (Microsoft Corporation) C:\Windows\System32\resutils.dll
2019-03-12 16:16 - 2019-02-16 04:30 - 002019840 ____N (Microsoft Corporation) C:\Windows\System32\ResetEngine.dll
2019-03-12 16:16 - 2019-02-16 04:30 - 000877568 ____N (Microsoft Corporation) C:\Windows\System32\RecoveryDrive.exe
2019-03-12 16:16 - 2019-02-16 04:29 - 000174080 ____N (Microsoft Corporation) C:\Windows\System32\ResetEngOnline.dll
2019-03-12 16:16 - 2019-02-16 04:29 - 000091136 ____N (Microsoft Corporation) C:\Windows\System32\mcbuilder.exe
2019-03-12 16:16 - 2019-02-16 04:24 - 000444176 ____N (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2019-03-12 16:16 - 2019-02-16 04:22 - 001322176 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-03-12 16:16 - 2019-02-16 04:08 - 000373760 ____N (Microsoft Corporation) C:\Windows\SysWOW64\AcLayers.dll
2019-03-12 16:16 - 2019-02-16 04:07 - 001307648 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2019-03-12 16:16 - 2019-02-16 04:07 - 000484352 ____N (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2019-03-12 16:16 - 2019-02-16 04:06 - 002890752 ____N (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-03-12 16:16 - 2019-02-16 04:06 - 001530880 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2019-03-12 16:16 - 2019-02-16 04:06 - 001451520 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2019-03-12 16:16 - 2019-02-16 04:06 - 000774656 ____N (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2019-03-12 16:16 - 2019-02-16 04:06 - 000765952 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2019-03-12 16:16 - 2019-02-16 04:04 - 000080384 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2019-03-12 16:16 - 2019-02-16 02:24 - 023862272 ____N (Microsoft Corporation) C:\Windows\System32\Hydrogen.dll
2019-03-12 16:16 - 2019-02-16 02:22 - 019525120 ____N (Microsoft Corporation) C:\Windows\System32\HologramCompositor.dll
2019-03-12 16:16 - 2019-02-16 00:16 - 000511800 ____N (Microsoft Corporation) C:\Windows\System32\aepic.dll
2019-03-12 16:16 - 2019-02-16 00:15 - 000505656 ____N (Microsoft Corporation) C:\Windows\System32\dcntel.dll
2019-03-12 16:16 - 2019-02-16 00:15 - 000035640 ____N (Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
2019-03-12 16:16 - 2019-02-16 00:05 - 000087800 ____N (Microsoft Corporation) C:\Windows\System32\taskhostw.exe
2019-03-12 16:16 - 2019-02-16 00:04 - 000193032 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2019-03-12 16:16 - 2019-02-16 00:03 - 007901392 ____N (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2019-03-12 16:16 - 2019-02-16 00:03 - 005625360 ____N (Microsoft Corporation) C:\Windows\System32\StartTileData.dll
2019-03-12 16:16 - 2019-02-16 00:03 - 000510288 ____N (Microsoft Corporation) C:\Windows\System32\policymanager.dll
2019-03-12 16:16 - 2019-02-16 00:02 - 005821440 ____N (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2019-03-12 16:16 - 2019-02-16 00:02 - 003291632 ____N (Microsoft Corporation) C:\Windows\System32\combase.dll
2019-03-12 16:16 - 2019-02-16 00:02 - 001934800 ____N (Microsoft Corporation) C:\Windows\System32\AudioEng.dll
2019-03-12 16:16 - 2019-02-16 00:02 - 001792712 ____N (Microsoft Corporation) C:\Windows\System32\propsys.dll
2019-03-12 16:16 - 2019-02-16 00:02 - 000705848 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2019-03-12 16:16 - 2019-02-16 00:02 - 000432952 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2019-03-12 16:16 - 2019-02-16 00:02 - 000413712 ____N (Microsoft Corporation) C:\Windows\System32\AUDIOKSE.dll
2019-03-12 16:16 - 2019-02-16 00:01 - 001285424 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2019-03-12 16:16 - 2019-02-16 00:01 - 001209696 ____N (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2019-03-12 16:16 - 2019-02-16 00:01 - 001098056 ____N (Microsoft Corporation) C:\Windows\System32\msvproc.dll
2019-03-12 16:16 - 2019-02-16 00:01 - 001028920 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2019-03-12 16:16 - 2019-02-16 00:01 - 001014344 ____N (Microsoft Corporation) C:\Windows\System32\ucrtbase.dll
2019-03-12 16:16 - 2019-02-16 00:01 - 000735464 ____N (Microsoft Corporation) C:\Windows\System32\AppXDeploymentClient.dll
2019-03-12 16:16 - 2019-02-16 00:01 - 000641984 ____N (Microsoft Corporation) C:\Windows\System32\msvcp_win.dll
2019-03-12 16:16 - 2019-02-16 00:01 - 000594024 ____N (Microsoft Corporation) C:\Windows\System32\audiodg.exe
2019-03-12 16:16 - 2019-02-16 00:01 - 000527160 ____N (Microsoft Corporation) C:\Windows\System32\hal.dll
2019-03-12 16:16 - 2019-02-16 00:01 - 000480840 ____N (Microsoft Corporation) C:\Windows\System32\ucrtbase_enclave.dll
2019-03-12 16:16 - 2019-02-16 00:01 - 000335672 ____N (Microsoft Corporation) C:\Windows\System32\moshostcore.dll
2019-03-12 16:16 - 2019-02-16 00:01 - 000161664 ____N (Microsoft Corporation) C:\Windows\System32\RTWorkQ.dll
2019-03-12 16:16 - 2019-02-15 23:57 - 000383288 ____N (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2019-03-12 16:16 - 2019-02-15 23:53 - 000443632 ____N (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2019-03-12 16:16 - 2019-02-15 23:51 - 002479168 ____N (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2019-03-12 16:16 - 2019-02-15 23:51 - 001584536 ____N (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2019-03-12 16:16 - 2019-02-15 23:51 - 000170952 ____N (Microsoft Corporation) C:\Windows\SysWOW64\RTWorkQ.dll
2019-03-12 16:16 - 2019-02-15 23:50 - 001805648 ____N (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-03-12 16:16 - 2019-02-15 23:50 - 001171336 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-03-12 16:16 - 2019-02-15 23:50 - 001130568 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2019-03-12 16:16 - 2019-02-15 23:50 - 001011872 ____N (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-03-12 16:16 - 2019-02-15 23:50 - 000560384 ____N (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-03-12 16:16 - 2019-02-15 23:50 - 000504072 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msvcp_win.dll
2019-03-12 16:16 - 2019-02-15 23:37 - 009084928 ____N (Microsoft Corporation) C:\Windows\System32\BingMaps.dll
2019-03-12 16:16 - 2019-02-15 23:36 - 007057408 ____N (Microsoft Corporation) C:\Windows\System32\mos.dll
2019-03-12 16:16 - 2019-02-15 23:36 - 000144384 ____N (Microsoft Corporation) C:\Windows\System32\fcon.dll
2019-03-12 16:16 - 2019-02-15 23:35 - 008188928 ____N (Microsoft Corporation) C:\Windows\System32\Windows.Data.Pdf.dll
2019-03-12 16:16 - 2019-02-15 23:35 - 006661632 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-03-12 16:16 - 2019-02-15 23:34 - 005883904 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2019-03-12 16:16 - 2019-02-15 23:34 - 000095232 ____N (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2019-03-12 16:16 - 2019-02-15 23:34 - 000002560 ____N (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-03-12 16:16 - 2019-02-15 23:33 - 006646784 ____N (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2019-03-12 16:16 - 2019-02-15 23:33 - 004708864 ____N (Microsoft Corporation) C:\Windows\System32\cdp.dll
2019-03-12 16:16 - 2019-02-15 23:33 - 000119808 ____N (Microsoft Corporation) C:\Windows\System32\UserDataTimeUtil.dll
2019-03-12 16:16 - 2019-02-15 23:33 - 000054272 ____N (Microsoft Corporation) C:\Windows\System32\CredentialMigrationHandler.dll
2019-03-12 16:16 - 2019-02-15 23:33 - 000043520 ____N (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2019-03-12 16:16 - 2019-02-15 23:33 - 000002560 ____N (Microsoft Corporation) C:\Windows\System32\tzres.dll
2019-03-12 16:16 - 2019-02-15 23:32 - 002969088 ____N (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-03-12 16:16 - 2019-02-15 23:32 - 000173568 ____N (Microsoft Corporation) C:\Windows\System32\EnterpriseModernAppMgmtCSP.dll
2019-03-12 16:16 - 2019-02-15 23:31 - 002825728 ____N (Microsoft Corporation) C:\Windows\System32\MapGeocoder.dll
2019-03-12 16:16 - 2019-02-15 23:31 - 000392704 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2019-03-12 16:16 - 2019-02-15 23:31 - 000141312 ____N (Microsoft Corporation) C:\Windows\System32\AppointmentActivation.dll
2019-03-12 16:16 - 2019-02-15 23:31 - 000126976 ____N (Microsoft Corporation) C:\Windows\SysWOW64\srpapi.dll
2019-03-12 16:16 - 2019-02-15 23:30 - 002449408 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2019-03-12 16:16 - 2019-02-15 23:30 - 001986560 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2019-03-12 16:16 - 2019-02-15 23:30 - 001124352 ____N (Microsoft Corporation) C:\Windows\SysWOW64\cdprt.dll
2019-03-12 16:16 - 2019-02-15 23:30 - 000530432 ____N (Microsoft Corporation) C:\Windows\System32\MapConfiguration.dll
2019-03-12 16:16 - 2019-02-15 23:30 - 000357888 ____N (Microsoft Corporation) C:\Windows\System32\AppLockerCSP.dll
2019-03-12 16:16 - 2019-02-15 23:30 - 000254464 ____N (Microsoft Corporation) C:\Windows\SysWOW64\AppLockerCSP.dll
2019-03-12 16:16 - 2019-02-15 23:30 - 000145920 ____N (Microsoft Corporation) C:\Windows\System32\srpapi.dll
2019-03-12 16:16 - 2019-02-15 23:29 - 001768448 ____N (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2019-03-12 16:16 - 2019-02-15 23:29 - 000304128 ____N (Microsoft Corporation) C:\Windows\System32\domgmt.dll
2019-03-12 16:16 - 2019-02-15 23:28 - 003381248 ____N (Microsoft Corporation) C:\Windows\System32\MapRouter.dll
2019-03-12 16:16 - 2019-02-15 23:28 - 002585600 ____N (Microsoft Corporation) C:\Windows\System32\wlansvc.dll
2019-03-12 16:16 - 2019-02-15 23:28 - 001668096 ____N (Microsoft Corporation) C:\Windows\System32\cdprt.dll
2019-03-12 16:16 - 2019-02-15 23:28 - 000713216 ____N (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll
2019-03-12 16:16 - 2019-02-15 23:28 - 000705024 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2019-03-12 16:16 - 2019-02-15 23:28 - 000528384 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2019-03-12 16:16 - 2019-02-15 23:27 - 001364992 ____N (Microsoft Corporation) C:\Windows\System32\lpasvc.dll
2019-03-12 16:16 - 2019-02-15 23:27 - 000729088 ____N (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2019-03-12 16:16 - 2019-02-15 23:27 - 000686592 ____N (Microsoft Corporation) C:\Windows\System32\AudioEndpointBuilder.dll
2019-03-12 16:16 - 2019-02-15 23:26 - 001459712 ____N (Microsoft Corporation) C:\Windows\System32\dosvc.dll
2019-03-12 16:16 - 2019-02-15 23:26 - 001225216 ____N (Microsoft Corporation) C:\Windows\System32\MapsStore.dll
2019-03-12 16:16 - 2019-02-15 23:26 - 000943616 ____N (Microsoft Corporation) C:\Windows\System32\BingOnlineServices.dll
2019-03-12 16:16 - 2019-02-15 23:26 - 000935424 ____N (Microsoft Corporation) C:\Windows\System32\rasmans.dll
2019-03-12 16:16 - 2019-02-15 23:26 - 000401920 ____N (Microsoft Corporation) C:\Windows\System32\rascustom.dll
2019-03-12 16:16 - 2019-02-15 23:25 - 000884224 ____N (Microsoft Corporation) C:\Windows\System32\NMAA.dll
2019-03-12 16:16 - 2019-02-15 23:25 - 000652800 ____N (Microsoft Corporation) C:\Windows\System32\ActivationManager.dll
2019-02-16 00:53 - 2019-02-05 23:54 - 004527584 ____N (Microsoft Corporation) C:\Windows\System32\sppsvc.exe
2019-02-16 00:53 - 2019-01-09 09:35 - 002919936 ____N (Microsoft Corporation) C:\Windows\System32\Windows.UI.Logon.dll
2019-02-16 00:53 - 2019-01-08 21:43 - 006043496 ____N (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-02-16 00:53 - 2019-01-08 21:43 - 004789944 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-02-16 00:53 - 2019-01-08 21:39 - 007436016 ____N (Microsoft Corporation) C:\Windows\System32\windows.storage.dll
2019-02-16 00:53 - 2019-01-08 21:33 - 016597504 ____N (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2019-02-16 00:53 - 2019-01-08 21:32 - 013878272 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-02-16 00:52 - 2019-02-05 23:53 - 001634704 ____N (Microsoft Corporation) C:\Windows\System32\gdi32full.dll
2019-02-16 00:52 - 2019-02-05 23:11 - 001454648 ____N (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-02-16 00:52 - 2019-02-05 19:01 - 000720480 ____N (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2019-02-16 00:52 - 2019-02-05 19:01 - 000033576 ____N (Microsoft Corporation) C:\Windows\SysWOW64\NtlmShared.dll
2019-02-16 00:52 - 2019-02-05 19:00 - 000899728 ____N (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2019-02-16 00:52 - 2019-02-05 19:00 - 000466960 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2019-02-16 00:52 - 2019-02-05 19:00 - 000043536 ____N (Microsoft Corporation) C:\Windows\System32\browser_broker.exe
2019-02-16 00:52 - 2019-02-05 19:00 - 000038792 ____N (Microsoft Corporation) C:\Windows\System32\NtlmShared.dll
2019-02-16 00:52 - 2019-02-05 18:59 - 000144288 ____N (Microsoft Corporation) C:\Windows\System32\smss.exe
2019-02-16 00:52 - 2019-02-05 18:40 - 000021504 ____N (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2019-02-16 00:52 - 2019-02-05 18:28 - 000039936 ____N (Microsoft Corporation) C:\Windows\System32\npmproxy.dll
2019-02-16 00:52 - 2019-02-05 18:26 - 000174592 ____N (Microsoft Corporation) C:\Windows\System32\wuuhosdeployment.dll
2019-02-16 00:52 - 2019-02-05 18:25 - 000507392 ____N (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2019-02-16 00:52 - 2019-02-05 18:24 - 000466432 ____N (Microsoft Corporation) C:\Windows\System32\wuuhext.dll
2019-02-16 00:52 - 2019-02-05 18:23 - 000393216 ____N (Microsoft Corporation) C:\Windows\System32\WpAXHolder.dll
2019-02-16 00:52 - 2019-02-05 18:22 - 000960512 ____N (Microsoft Corporation) C:\Windows\System32\StorSvc.dll
2019-02-16 00:52 - 2019-02-05 18:22 - 000885760 ____N (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll
2019-02-16 00:52 - 2019-01-11 18:28 - 000352768 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-02-16 00:52 - 2019-01-09 09:40 - 000171520 ____N (Microsoft Corporation) C:\Windows\System32\itss.dll
2019-02-16 00:52 - 2019-01-09 09:36 - 001054720 ____N (Microsoft Corporation) C:\Windows\HelpPane.exe
2019-02-16 00:52 - 2019-01-09 01:55 - 000150016 ____N (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-02-16 00:52 - 2019-01-08 21:59 - 000611848 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2019-02-16 00:52 - 2019-01-08 21:44 - 000078688 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2019-02-16 00:52 - 2019-01-08 21:43 - 001981280 ____N (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-02-16 00:52 - 2019-01-08 21:43 - 001620264 ____N (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-02-16 00:52 - 2019-01-08 21:43 - 000607376 ____N (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-02-16 00:52 - 2019-01-08 21:43 - 000581592 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MSVideoDSP.dll
2019-02-16 00:52 - 2019-01-08 21:43 - 000287640 ____N (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-02-16 00:52 - 2019-01-08 21:43 - 000129088 ____N (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-02-16 00:52 - 2019-01-08 21:43 - 000127744 ____N (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll
2019-02-16 00:52 - 2019-01-08 21:43 - 000071456 ____N (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
2019-02-16 00:52 - 2019-01-08 21:42 - 000092704 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\bindflt.sys
2019-02-16 00:52 - 2019-01-08 21:40 - 001063224 ____N (Microsoft Corporation) C:\Windows\System32\SecConfig.efi
2019-02-16 00:52 - 2019-01-08 21:40 - 000226104 ____N (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2019-02-16 00:52 - 2019-01-08 21:40 - 000090872 ____N (Microsoft Corporation) C:\Windows\System32\wldp.dll
2019-02-16 00:52 - 2019-01-08 21:39 - 004404720 ____N (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2019-02-16 00:52 - 2019-01-08 21:39 - 002571632 ____N (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2019-02-16 00:52 - 2019-01-08 21:39 - 001943128 ____N (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2019-02-16 00:52 - 2019-01-08 21:39 - 000789696 ____N (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2019-02-16 00:52 - 2019-01-08 21:39 - 000713264 ____N (Microsoft Corporation) C:\Windows\System32\MSVideoDSP.dll
2019-02-16 00:52 - 2019-01-08 21:39 - 000349656 ____N (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2019-02-16 00:52 - 2019-01-08 21:39 - 000269624 ____N (Microsoft Corporation) C:\Windows\System32\browserbroker.dll
2019-02-16 00:52 - 2019-01-08 21:39 - 000260800 ____N (Microsoft Corporation) C:\Windows\System32\mfps.dll
2019-02-16 00:52 - 2019-01-08 21:39 - 000175416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\spacedump.sys
2019-02-16 00:52 - 2019-01-08 21:39 - 000164192 ____N (Microsoft Corporation) C:\Windows\System32\rmclient.dll
2019-02-16 00:52 - 2019-01-08 21:39 - 000085472 ____N (Microsoft Corporation) C:\Windows\System32\svchost.exe
2019-02-16 00:52 - 2019-01-08 21:29 - 002500096 ____N (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
2019-02-16 00:52 - 2019-01-08 21:27 - 001587712 ____N (Microsoft Corporation) C:\Windows\System32\Windows.Globalization.dll
2019-02-16 00:52 - 2019-01-08 21:25 - 000161792 ____N (Microsoft Corporation) C:\Windows\System32\spacebridge.dll
2019-02-16 00:52 - 2019-01-08 21:24 - 000174080 ____N (Microsoft Corporation) C:\Windows\System32\SettingsHandlers_CapabilityAccess.dll
2019-02-16 00:52 - 2019-01-08 21:24 - 000157184 ____N (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2019-02-16 00:52 - 2019-01-08 21:23 - 001708544 ____N (Microsoft Corporation) C:\Windows\System32\MSPhotography.dll
2019-02-16 00:52 - 2019-01-08 21:23 - 001361408 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll
2019-02-16 00:52 - 2019-01-08 21:23 - 001189888 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2019-02-16 00:52 - 2019-01-08 21:23 - 000898560 ____N (Microsoft Corporation) C:\Windows\System32\MusUpdateHandlers.dll
2019-02-16 00:52 - 2019-01-08 21:23 - 000100864 ____N (Microsoft Corporation) C:\Windows\System32\CapabilityAccessManagerClient.dll
2019-02-16 00:52 - 2019-01-08 21:23 - 000067072 ____N (Microsoft Corporation) C:\Windows\SysWOW64\CapabilityAccessManagerClient.dll
2019-02-16 00:52 - 2019-01-08 21:22 - 001395200 ____N (Microsoft Corporation) C:\Windows\System32\TokenBroker.dll
2019-02-16 00:52 - 2019-01-08 21:22 - 000624640 ____N (Microsoft Corporation) C:\Windows\System32\PsmServiceExtHost.dll
2019-02-16 00:52 - 2019-01-08 21:22 - 000392704 ____N (Microsoft Corporation) C:\Windows\System32\WaaSMedicSvc.dll
2019-02-16 00:52 - 2019-01-08 21:22 - 000266752 ____N (Microsoft Corporation) C:\Windows\System32\CapabilityAccessManager.dll
2019-02-16 00:52 - 2019-01-08 21:22 - 000138752 ____N (Microsoft Corporation) C:\Windows\System32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-16 00:52 - 2019-01-08 21:21 - 000197632 ____N (Microsoft Corporation) C:\Windows\System32\smartscreenps.dll
2019-02-16 00:52 - 2019-01-08 21:21 - 000106496 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-16 00:52 - 2019-01-08 21:20 - 001000448 ____N (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2019-02-16 00:52 - 2019-01-08 21:20 - 000916480 ____N (Microsoft Corporation) C:\Windows\System32\Windows.Security.Authentication.Web.Core.dll
2019-02-16 00:52 - 2019-01-08 21:20 - 000607232 ____N (Microsoft Corporation) C:\Windows\System32\updatehandlers.dll
2019-02-16 00:52 - 2019-01-08 21:20 - 000135680 ____N (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
2019-02-16 00:52 - 2019-01-08 21:19 - 000678400 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-16 00:52 - 2019-01-08 21:19 - 000316928 ____N (Microsoft Corporation) C:\Windows\System32\GlobCollationHost.dll
2019-02-16 00:52 - 2019-01-08 21:18 - 000195584 ____N (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2019-02-16 00:52 - 2019-01-07 19:06 - 001311744 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-02-16 00:52 - 2019-01-07 19:06 - 000000072 ____N C:\Windows\System32\edgehtmlpluginpolicy.bin
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-03-16 21:11 - 2017-09-29 05:46 - 000000000 ____D C:\Windows\System32\Tasks_Migrated
2019-03-16 21:07 - 2018-05-24 03:48 - 000000000 ____D C:\ProgramData\Intel Security
2019-03-16 21:07 - 2018-05-24 03:47 - 000000000 ____D C:\ProgramData\McAfee
2019-03-16 21:07 - 2018-05-24 03:47 - 000000000 ____D C:\ProgramData\Dell
2019-03-16 21:07 - 2018-05-24 03:47 - 000000000 ____D C:\Program Files\mcafee.com
2019-03-16 21:07 - 2018-05-24 03:47 - 000000000 ____D C:\Program Files\mcafee
2019-03-16 21:07 - 2018-05-24 03:47 - 000000000 ____D C:\Program Files (x86)\McAfee
2019-03-16 21:07 - 2018-05-24 03:43 - 000000000 ____D C:\Program Files (x86)\Dell Update
2019-03-16 21:07 - 2018-05-24 03:43 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery
2019-03-16 21:07 - 2018-05-24 03:41 - 000000000 ____D C:\ProgramData\Package Cache
2019-03-16 21:07 - 2018-05-24 03:40 - 000000000 ____D C:\Program Files\Killer Networking
2019-03-16 21:07 - 2018-05-24 03:36 - 000000000 ____D C:\Windows\System32\RTCOM
2019-03-16 21:07 - 2018-05-24 03:36 - 000000000 ____D C:\Windows\System32\ihvmanager
2019-03-16 21:07 - 2018-05-24 03:36 - 000000000 ____D C:\Windows\LastGood.Tmp
2019-03-16 21:07 - 2018-05-24 03:36 - 000000000 ____D C:\Program Files (x86)\Qualcomm
2019-03-16 21:07 - 2018-05-24 03:35 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-03-16 21:07 - 2018-05-24 03:35 - 000000000 ____D C:\ProgramData\SupportAssist
2019-03-16 21:07 - 2018-05-24 03:35 - 000000000 ____D C:\Program Files\Waves
2019-03-16 21:07 - 2018-05-24 03:35 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-03-16 21:07 - 2018-05-24 03:34 - 000000000 ____D C:\ProgramData\PCDr
2019-03-16 21:07 - 2018-05-24 03:34 - 000000000 ____D C:\ProgramData\PC-Doctor for Windows
2019-03-16 21:07 - 2018-05-24 03:17 - 000000000 ____D C:\Program Files (x86)\Intel
2019-03-16 21:06 - 2018-05-24 04:14 - 000000000 ____D C:\backup
2019-03-16 21:06 - 2018-05-24 03:47 - 000000000 ____D C:\Program Files\Common Files\mcafee
2019-03-16 21:06 - 2018-05-24 03:47 - 000000000 ____D C:\Program Files\Common Files\intel security
2019-03-16 21:06 - 2018-05-24 03:47 - 000000000 ____D C:\Program Files\Common Files\av
2019-03-16 21:06 - 2018-05-24 03:34 - 000000000 ____D C:\Program Files\Dell Support Center
2019-03-16 21:06 - 2018-05-24 03:34 - 000000000 ____D C:\Program Files\Dell
2019-03-16 21:06 - 2017-10-06 10:11 - 000000000 ____D C:\Dell
 
==================== KnownDLLs (Whitelisted) =========================
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe
[2019-02-16 00:52] - [2019-01-08 21:39] - 000085472 ____N (Microsoft Corporation) 0861726716C9610CE5F6BCF3F4858DA1
 
C:\Windows\SysWOW64\svchost.exe
[2019-02-16 00:52] - [2019-01-08 21:43] - 000071456 ____N (Microsoft Corporation) C01CB20D971C3262F1F856B4539DD27C
 
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2019-01-09 15:25] - [2018-12-31 22:41] - 001159680 ____N (Microsoft Corporation) 2383579559B1EB66C4FA2297119CEDD0
 
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\dllhost.exe => MD5 is legit
C:\Windows\SysWOW64\dllhost.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== Association (Whitelisted) =============
 
 
==================== Restore Points  =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 15%
Total physical RAM: 7999.7 MB
Available physical RAM: 6776.57 MB
Total Virtual: 7999.7 MB
Available Virtual: 6837.59 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:917.65 GB) (Free:888.18 GB) NTFS
Drive f: (WINRETOOLS) (Fixed) (Total:0.45 GB) (Free:0.08 GB) NTFS
Drive g: () (Removable) (Total:14.9 GB) (Free:14.89 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.49 GB) (Free:0.49 GB) NTFS
 
\\?\Volume{3fbc2897-619c-43bf-9d7a-3b26a5038010}\ (Image) (Fixed) (Total:11.58 GB) (Free:0.21 GB) NTFS
\\?\Volume{f15a707a-98aa-4052-b7da-45a6b4f021d0}\ (DELLSUPPORT) (Fixed) (Total:1.06 GB) (Free:0.45 GB) NTFS
\\?\Volume{62e39a1c-11c3-4ee7-bcca-f360f21cd4cc}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.57 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E7ACB5C9)
 
Partition: GPT.
 
========================================================
Disk: 2 (Protective MBR) (Size: 14.9 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
LastRegBack: 2019-03-16 20:50
 
==================== End of FRST.txt ============================

  • 0

#10
iMacg3
Posted 18 March 2019 - 10:19 PM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,

What happens when you try to boot the computer normally?
  • 0

Advertisements

#11
Down_with_malware
Posted 18 March 2019 - 11:17 PM

Down_with_malware

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 173 posts

Hi,

 

I did a hard reboot and this is what happens:

 

Dell logo pops up, then a black screen with the text ">>Checking media presence...." then a complete black screen with the loading dots for a little bit,

 

Then it goes back to the dell logo, loads again and then you are given a list with the title: "Lets get a few basic things out of the way." where you have to select your region, preferred app, time zone ect.

 

and that is how it boots every time without fail.


  • 0

#12
iMacg3
Posted 19 March 2019 - 07:44 AM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,

When you boot to the Recovery Environment, are there any options labeled System Restore? If so, are there any restore points set before the issue occurred?
  • 0

#13
Down_with_malware
Posted 19 March 2019 - 08:14 AM

Down_with_malware

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 173 posts

Hi,

When you boot to the Recovery Environment, are there any options labeled System Restore? If so, are there any restore points set before the issue occurred?

 

Now that I think about it, yes there should be a system restore point that I created about four days ago. One of the kids tried to uninstall a game that had no uninstall on it, so I did a force uninstall with Revo Uninstaller and it created a restore point. Want me to go ahead and try that?


Edited by Down_with_malware, 19 March 2019 - 08:17 AM.

  • 0

#14
iMacg3
Posted 19 March 2019 - 09:04 AM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Yes, try the restore point and let me know how it goes.
  • 0

#15
Down_with_malware
Posted 19 March 2019 - 09:42 AM

Down_with_malware

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 173 posts

Yes, try the restore point and let me know how it goes.

 

Bad news, it is not listed and the only restore point listed was from yesterday and the restore point is called "windows module installer" with the type being "installer".


Edited by Down_with_malware, 19 March 2019 - 09:43 AM.

  • 0
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP