Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
Hi
I am back again! I was here in June and Juliet helped me. This time there's something with firefox being too slow but still works. Plus bigger issue is my mouse acting up- its moving too slowly, freezes sometimes but the mouse control (in the middle of the keyboard works fine).Sometimes the mouse fails to respond and sometimes it works perfectly fine.
Oh and yeah the computer is unusally slow the past few days.
These are my logs:
aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2018-08-29 19:52:52
-----------------------------
19:52:52.703 OS Version: Windows x64 6.1.7601 Service Pack 1
19:52:52.703 Number of processors: 4 586 0x2505
19:52:52.703 ComputerName: USER-PC UserName: User
19:52:53.413 Initialize success
19:52:53.483 VM: initialized successfully
19:52:53.483 VM: Intel CPU supported
19:53:29.693 VM: disk I/O iaStorV.sys
19:58:14.383 AVAST engine defs: 17030301
20:01:41.924 The log file has been saved successfully to "C:\Users\User\Desktop\aswMBR.txt"
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23.08.2018
Ran by User (administrator) on USER-PC (29-08-2018 21:02:09)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Users\User\Desktop\aswMBR.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4791024 2013-07-17] (Intel® Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [392048 2010-06-04] (Alps Electric Co., Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1482575595-4210038101-985159737-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49762136 2018-08-08] (Skype Technologies S.A.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2018-08-07]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 108.166.149.2 108.166.149.3
Tcpip\..\Interfaces\{C763C0A7-6092-4AC1-B01F-2CAF0E1703AD}: [DhcpNameServer] 108.166.149.2 108.166.149.3
Internet Explorer:
==================
HKU\S-1-5-21-1482575595-4210038101-985159737-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-08-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-31] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-08-05] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-08-05] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 1rvq0t1a.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1rvq0t1a.default [2018-08-29]
FF Extension: (Xmarks Bookmark Sync) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\1rvq0t1a.default\Extensions\foxmarks@kei.com.xpi [2017-12-11]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-08-05] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-06-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1482575595-4210038101-985159737-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\User\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-06-29] (Zoom Video Communications, Inc.)
Chrome:
=======
CHR NewTab: Default -> Active:"chrome-extension://behkikojenlolaeojfhpgbcejengenag/newtabproduct.html"
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2018-08-16]
CHR Extension: (Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-12]
CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-12]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-12]
CHR Extension: (ShoppingDealsLive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\behkikojenlolaeojfhpgbcejengenag [2018-08-10]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-12]
CHR Extension: (CraniumChallenges) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflcpllegffclgmlhocgkejpninimnbe [2018-08-10]
CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-06-23]
CHR Extension: (PureLeisureFun) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehckgbmphdffipidepjgmpbldojomemm [2018-08-14]
CHR Extension: (Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-12]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-16]
CHR Extension: (PlayTo for Chromecast™) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jngkenaoceimiimeokpdbmejeonaaami [2018-06-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-09]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-12]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853984 2018-08-09] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-07-17] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3377904 2013-07-17] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-08-29] (Malwarebytes)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
U3 aswMBR; \??\C:\Users\User\AppData\Local\Temp\aswMBR.sys [X] <==== ATTENTION
U3 aswVmm; \??\C:\Users\User\AppData\Local\Temp\aswVmm.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Three Months Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-29 21:02 - 2018-08-29 21:03 - 000011462 _____ C:\Users\User\Desktop\FRST.txt
2018-08-29 21:01 - 2018-08-29 21:02 - 000000000 ____D C:\FRST
2018-08-29 21:00 - 2018-08-29 21:00 - 002413056 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2018-08-29 20:01 - 2018-08-29 20:01 - 000000604 _____ C:\Users\User\Desktop\aswMBR.txt
2018-08-29 19:52 - 2018-08-29 19:52 - 005198336 _____ (AVAST Software) C:\Users\User\Desktop\aswMBR.exe
2018-08-19 15:53 - 2018-08-19 15:53 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2018-08-19 15:53 - 2018-08-19 15:53 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-08-19 15:53 - 2018-08-19 15:53 - 000002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-08-19 15:53 - 2018-08-19 15:53 - 000002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-08-19 15:53 - 2018-08-19 15:53 - 000002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-08-19 15:53 - 2018-08-19 15:53 - 000002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-08-19 15:53 - 2018-08-19 15:53 - 000002372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-08-19 15:53 - 2018-08-19 15:53 - 000002366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-08-19 15:53 - 2018-08-19 15:53 - 000002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-08-19 15:53 - 2018-08-19 15:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-08-16 12:38 - 2018-08-16 12:38 - 000001306 _____ C:\Users\Public\Desktop\Skype.lnk
2018-08-16 12:38 - 2018-08-16 12:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-08-16 12:37 - 2018-08-16 12:37 - 062091672 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\Skype-8.28.0.41.exe
2018-08-16 12:33 - 2018-08-16 12:33 - 000002982 _____ C:\Windows\System32\Tasks\{D911ACF0-EF32-4C0B-8EC8-0C0E53D5A84C}
2018-08-16 12:33 - 2018-08-16 12:33 - 000002982 _____ C:\Windows\System32\Tasks\{37C19B4D-10DE-45EC-B250-3690871712BF}
2018-08-14 21:18 - 2018-08-14 21:18 - 000000000 ___RD C:\Users\User\ODBA
2018-08-14 15:16 - 2018-08-14 15:16 - 000002366 _____ C:\Users\User\Desktop\Publisher.lnk
2018-08-14 15:16 - 2018-08-14 15:16 - 000002276 _____ C:\Users\User\Desktop\WiFi Connection Utility (4).lnk
2018-08-14 15:12 - 2018-08-14 15:12 - 000002276 _____ C:\Users\User\Desktop\WiFi Connection Utility (3).lnk
2018-08-14 15:12 - 2018-08-14 15:12 - 000002276 _____ C:\Users\User\Desktop\WiFi Connection Utility (2).lnk
2018-08-14 15:12 - 2018-08-14 15:12 - 000001258 _____ C:\Users\User\Desktop\Magnify.lnk
2018-08-14 15:11 - 2018-08-14 15:11 - 000002457 _____ C:\Users\User\Desktop\OneDrive for Business.lnk
2018-08-14 15:05 - 2018-08-14 15:05 - 000002276 _____ C:\Users\User\Desktop\WiFi Connection Utility.lnk
2018-08-14 15:05 - 2018-08-14 15:05 - 000001345 _____ C:\Users\User\Desktop\Media Center.lnk
2018-08-14 15:04 - 2018-08-14 15:04 - 000001304 _____ C:\Users\User\Desktop\Notepad.lnk
2018-08-14 15:03 - 2018-08-14 15:03 - 000001266 _____ C:\Users\User\Desktop\displayswitch.lnk
2018-08-14 13:08 - 2018-08-01 22:05 - 005553760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-14 13:08 - 2018-08-01 21:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-08-14 13:08 - 2018-08-01 21:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-08-14 13:08 - 2018-08-01 21:16 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-08-14 13:08 - 2018-08-01 21:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-08-14 13:08 - 2018-08-01 21:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-08-14 13:08 - 2018-08-01 21:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-08-14 13:08 - 2018-07-19 01:15 - 025745408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-14 13:08 - 2018-07-18 23:35 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-14 13:08 - 2018-07-18 23:33 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-14 13:08 - 2018-07-18 23:30 - 005778432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-14 13:08 - 2018-07-18 23:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-14 13:08 - 2018-07-18 23:22 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-14 13:08 - 2018-07-18 23:14 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-14 13:08 - 2018-07-18 23:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-14 13:08 - 2018-07-18 23:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-14 13:08 - 2018-07-18 22:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-14 13:08 - 2018-07-18 22:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-14 13:08 - 2018-07-18 22:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-14 13:08 - 2018-07-18 22:31 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-14 13:08 - 2018-07-18 22:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-08-14 13:08 - 2018-07-18 22:20 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-14 13:08 - 2018-07-18 22:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-14 13:08 - 2018-07-18 22:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-08-14 13:08 - 2018-07-18 22:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-08-14 13:08 - 2018-07-13 14:19 - 001894080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-08-14 13:08 - 2018-07-07 10:24 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-14 13:08 - 2018-07-06 11:03 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-08-14 13:08 - 2018-07-06 10:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-08-14 13:08 - 2018-06-29 10:55 - 000695808 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2018-08-14 13:08 - 2018-06-29 10:55 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2018-08-14 13:08 - 2018-06-29 10:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-08-14 13:08 - 2018-06-29 10:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-08-14 13:08 - 2018-06-29 10:14 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-08-14 13:08 - 2018-06-27 10:55 - 003246592 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-14 13:08 - 2018-06-27 10:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-14 13:07 - 2018-08-03 10:55 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-14 13:07 - 2018-08-03 10:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-14 13:07 - 2018-08-01 22:20 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-08-14 13:07 - 2018-08-01 22:18 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-08-14 13:07 - 2018-08-01 22:07 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-08-14 13:07 - 2018-08-01 22:06 - 000156256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-08-14 13:07 - 2018-08-01 22:02 - 001665320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-14 13:07 - 2018-08-01 22:00 - 000633080 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-08-14 13:07 - 2018-08-01 21:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-08-14 13:07 - 2018-08-01 21:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-08-14 13:07 - 2018-08-01 21:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-08-14 13:07 - 2018-08-01 21:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-08-14 13:07 - 2018-08-01 21:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-08-14 13:07 - 2018-08-01 21:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-08-14 13:07 - 2018-08-01 21:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-08-14 13:07 - 2018-08-01 21:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-08-14 13:07 - 2018-08-01 21:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-08-14 13:07 - 2018-08-01 21:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-08-14 13:07 - 2018-08-01 21:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-08-14 13:07 - 2018-08-01 21:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-08-14 13:07 - 2018-08-01 21:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-08-14 13:07 - 2018-08-01 21:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-08-14 13:07 - 2018-08-01 21:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-08-14 13:07 - 2018-08-01 21:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-08-14 13:07 - 2018-08-01 21:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-08-14 13:07 - 2018-08-01 21:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-08-14 13:07 - 2018-08-01 21:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-08-14 13:07 - 2018-08-01 21:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-08-14 13:07 - 2018-08-01 21:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-08-14 13:07 - 2018-08-01 21:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-08-14 13:07 - 2018-08-01 21:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-08-14 13:07 - 2018-08-01 21:58 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-08-14 13:07 - 2018-08-01 21:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-08-14 13:07 - 2018-08-01 21:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-08-14 13:07 - 2018-08-01 21:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-08-14 13:07 - 2018-08-01 21:58 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:43 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-08-14 13:07 - 2018-08-01 21:42 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-08-14 13:07 - 2018-08-01 21:42 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-08-14 13:07 - 2018-08-01 21:42 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-08-14 13:07 - 2018-08-01 21:42 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-08-14 13:07 - 2018-08-01 21:42 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-08-14 13:07 - 2018-08-01 21:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-08-14 13:07 - 2018-08-01 21:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-08-14 13:07 - 2018-08-01 21:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-08-14 13:07 - 2018-08-01 21:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-08-14 13:07 - 2018-08-01 21:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-08-14 13:07 - 2018-08-01 21:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-08-14 13:07 - 2018-08-01 21:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-08-14 13:07 - 2018-08-01 21:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-08-14 13:07 - 2018-08-01 21:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-08-14 13:07 - 2018-08-01 21:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-08-14 13:07 - 2018-08-01 21:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-08-14 13:07 - 2018-08-01 21:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:26 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-08-14 13:07 - 2018-08-01 21:26 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-14 13:07 - 2018-08-01 21:26 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-08-14 13:07 - 2018-08-01 21:25 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-08-14 13:07 - 2018-08-01 21:22 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-08-14 13:07 - 2018-08-01 21:21 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-08-14 13:07 - 2018-08-01 21:21 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-08-14 13:07 - 2018-08-01 21:17 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-08-14 13:07 - 2018-08-01 21:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-08-14 13:07 - 2018-08-01 21:17 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-08-14 13:07 - 2018-08-01 21:16 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-08-14 13:07 - 2018-08-01 21:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-08-14 13:07 - 2018-08-01 21:16 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-08-14 13:07 - 2018-08-01 21:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-08-14 13:07 - 2018-08-01 21:11 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-08-14 13:07 - 2018-08-01 21:11 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-08-14 13:07 - 2018-08-01 21:11 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-08-14 13:07 - 2018-08-01 21:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-08-14 13:07 - 2018-08-01 21:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-08-14 13:07 - 2018-08-01 21:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-08-14 13:07 - 2018-07-19 18:53 - 000396936 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-08-14 13:07 - 2018-07-19 17:58 - 000350272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-14 13:07 - 2018-07-18 23:48 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-08-14 13:07 - 2018-07-18 23:47 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-08-14 13:07 - 2018-07-18 23:34 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-08-14 13:07 - 2018-07-18 23:33 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-14 13:07 - 2018-07-18 23:33 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-08-14 13:07 - 2018-07-18 23:32 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-08-14 13:07 - 2018-07-18 23:26 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-08-14 13:07 - 2018-07-18 23:25 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-08-14 13:07 - 2018-07-18 23:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-14 13:07 - 2018-07-18 23:22 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-08-14 13:07 - 2018-07-18 23:22 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-08-14 13:07 - 2018-07-18 23:21 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-14 13:07 - 2018-07-18 23:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-08-14 13:07 - 2018-07-18 23:11 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-08-14 13:07 - 2018-07-18 23:05 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-14 13:07 - 2018-07-18 23:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-08-14 13:07 - 2018-07-18 23:04 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-08-14 13:07 - 2018-07-18 23:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-08-14 13:07 - 2018-07-18 23:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-08-14 13:07 - 2018-07-18 23:03 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-14 13:07 - 2018-07-18 23:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-08-14 13:07 - 2018-07-18 23:00 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-08-14 13:07 - 2018-07-18 23:00 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-08-14 13:07 - 2018-07-18 22:58 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-08-14 13:07 - 2018-07-18 22:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-08-14 13:07 - 2018-07-18 22:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-08-14 13:07 - 2018-07-18 22:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-08-14 13:07 - 2018-07-18 22:56 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-08-14 13:07 - 2018-07-18 22:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-08-14 13:07 - 2018-07-18 22:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-14 13:07 - 2018-07-18 22:47 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-14 13:07 - 2018-07-18 22:46 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-08-14 13:07 - 2018-07-18 22:45 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-14 13:07 - 2018-07-18 22:45 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-14 13:07 - 2018-07-18 22:43 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-14 13:07 - 2018-07-18 22:43 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-08-14 13:07 - 2018-07-18 22:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-08-14 13:07 - 2018-07-18 22:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-08-14 13:07 - 2018-07-18 22:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-08-14 13:07 - 2018-07-18 22:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-08-14 13:07 - 2018-07-18 22:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-08-14 13:07 - 2018-07-18 22:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-08-14 13:07 - 2018-07-18 22:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-08-14 13:07 - 2018-07-18 22:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-08-14 13:07 - 2018-07-18 22:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-08-14 13:07 - 2018-07-18 22:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-08-14 13:07 - 2018-07-18 22:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-08-14 13:07 - 2018-07-18 22:09 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-14 13:07 - 2018-07-13 14:19 - 000377024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-08-14 13:07 - 2018-07-13 14:19 - 000287936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-08-14 13:07 - 2018-07-08 11:08 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-08-14 13:07 - 2018-07-08 11:02 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-14 13:07 - 2018-07-08 11:02 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-14 13:07 - 2018-07-08 11:02 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-08-14 13:07 - 2018-07-08 11:01 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-08-14 13:07 - 2018-07-08 11:01 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-08-14 13:07 - 2018-07-08 10:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-08-14 13:07 - 2018-07-08 10:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-14 13:07 - 2018-07-08 10:42 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-08-14 13:07 - 2018-07-08 10:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-14 13:07 - 2018-07-08 10:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-08-14 13:07 - 2018-07-08 10:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-08-14 13:07 - 2018-07-06 11:09 - 000947904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-14 13:07 - 2018-07-06 11:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-08-14 13:07 - 2018-07-06 10:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-08-14 13:07 - 2018-06-29 10:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2018-08-14 13:07 - 2018-06-29 10:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2018-08-14 13:07 - 2018-06-27 11:01 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-08-14 13:07 - 2018-06-27 10:55 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-08-14 13:07 - 2018-06-27 10:55 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-14 13:07 - 2018-06-27 10:55 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-08-14 13:07 - 2018-06-27 10:54 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-14 13:07 - 2018-06-27 10:54 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-08-14 13:07 - 2018-06-27 10:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-14 13:07 - 2018-06-27 10:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-08-14 13:07 - 2018-06-27 10:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-08-14 13:07 - 2018-06-27 10:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-08-14 13:07 - 2018-06-27 10:21 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-14 13:07 - 2018-06-27 10:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-08-14 13:07 - 2018-06-20 22:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-08-14 13:07 - 2018-06-20 22:09 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-08-14 12:43 - 2018-08-14 12:43 - 000001230 _____ C:\Users\User\Desktop\Calculator.lnk
2018-08-10 21:17 - 2018-08-10 21:27 - 000271048 _____ C:\Windows\ntbtlog.txt
2018-08-05 19:31 - 2018-08-05 19:31 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2018-08-05 19:23 - 2018-08-05 19:24 - 004751640 _____ (Microsoft Corporation) C:\Users\User\Downloads\Setup.X86.en-US_ProPlusRetail_0a377cb3-04ea-4bc1-b479-5fb3ef798d83_TX_PR_.exe
2018-08-05 19:00 - 2018-08-05 19:00 - 000000038 _____ C:\Users\User\Desktop\Excel notes.txt
2018-08-04 16:56 - 2018-08-04 16:57 - 005282841 _____ C:\Users\User\Desktop\excel-2013-fundamentals.zip
2018-07-31 21:20 - 2018-07-31 21:21 - 003161042 _____ C:\Users\User\Downloads\Webinar-Screening-101 (1).pdf
2018-07-31 20:38 - 2018-07-31 20:38 - 003161042 _____ C:\Users\User\Downloads\Cozy_Rental_Screening-101_Webinar.pdf
2018-07-29 22:30 - 2018-08-29 19:29 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-07-14 23:11 - 2018-07-14 23:11 - 000013906 _____ C:\Users\User\Desktop\Exploring User Requirements with Use Cases.htm
2018-07-14 23:11 - 2018-07-14 23:11 - 000000000 ____D C:\Users\User\Desktop\Exploring User Requirements with Use Cases_files
2018-07-14 23:09 - 2018-07-14 23:09 - 000580990 _____ C:\Users\User\Desktop\Requirements_sample.pdf
2018-07-10 14:44 - 2018-06-13 11:23 - 000140992 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-07-10 14:44 - 2018-06-13 11:18 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-07-10 14:44 - 2018-06-08 08:05 - 002860032 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-07-10 14:44 - 2018-06-08 08:05 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-07-10 14:44 - 2018-06-08 08:05 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-07-10 14:44 - 2018-06-08 08:05 - 000612352 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-07-10 14:44 - 2018-06-08 08:05 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-07-10 14:44 - 2018-06-08 08:05 - 000443392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-07-10 14:44 - 2018-06-08 08:05 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-07-10 14:44 - 2018-06-08 08:05 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-07-10 14:43 - 2018-06-13 11:20 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-07-10 14:43 - 2018-06-13 11:19 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-07-10 14:43 - 2018-06-13 10:55 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-07-10 14:43 - 2018-06-13 10:54 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-07-10 14:43 - 2018-06-08 11:21 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-07-10 14:43 - 2018-06-08 11:20 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-07-10 14:43 - 2018-06-08 11:20 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-07-10 14:43 - 2018-06-08 11:20 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-07-10 14:43 - 2018-06-08 11:19 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-07-10 14:43 - 2018-06-08 11:19 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-07-10 14:43 - 2018-06-08 11:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-07-10 14:43 - 2018-06-08 10:55 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-07-10 14:43 - 2018-06-08 10:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-07-10 14:43 - 2018-06-08 10:55 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-07-10 14:43 - 2018-06-08 10:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-07-10 14:43 - 2018-06-08 10:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2018-07-10 14:43 - 2018-06-08 10:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-07-10 14:43 - 2018-06-08 10:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2018-07-10 14:43 - 2018-06-07 11:20 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-07-10 14:43 - 2018-06-07 11:19 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-07-10 14:43 - 2018-06-07 11:19 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-07-10 14:43 - 2018-06-07 11:19 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-07-10 14:43 - 2018-06-07 10:57 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-07-10 14:43 - 2018-06-07 10:49 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-07-10 14:43 - 2018-06-07 10:34 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-07-10 14:43 - 2018-05-02 10:32 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-07-10 14:43 - 2018-05-02 10:32 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-07-10 14:43 - 2018-05-02 10:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-07-10 14:43 - 2018-05-02 10:32 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2018-07-10 14:43 - 2018-05-02 10:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2018-07-10 14:43 - 2018-05-02 10:32 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2018-07-10 14:43 - 2018-05-02 10:32 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2018-07-10 14:43 - 2018-04-26 08:05 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000918296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000065880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000021848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000019288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000018776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000015192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000013152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-10 14:43 - 2018-04-26 08:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-10 14:43 - 2018-04-25 11:02 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2018-07-10 14:43 - 2018-04-25 10:18 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-07-09 20:19 - 2018-07-09 20:20 - 000380386 _____ C:\Users\User\Downloads\Deal Analyzer for Rentals.xlsx
2018-07-08 10:56 - 2018-07-08 10:56 - 000104376 _____ C:\Users\User\Downloads\Buy and Hold Strategy Analysis.pdf
2018-07-08 10:56 - 2018-07-08 10:56 - 000104376 _____ C:\Users\User\Downloads\Buy and Hold Strategy Analysis (1).pdf
2018-07-08 10:56 - 2018-07-08 10:56 - 000065311 _____ C:\Users\User\Downloads\Buy and Hold Monthly Cash Flow Pro Forma (3).pdf
2018-07-08 10:56 - 2018-07-08 10:56 - 000065311 _____ C:\Users\User\Downloads\Buy and Hold Monthly Cash Flow Pro Forma (2).pdf
2018-07-08 10:56 - 2018-07-08 10:56 - 000065311 _____ C:\Users\User\Downloads\Buy and Hold Monthly Cash Flow Pro Forma (1).pdf
2018-07-08 10:55 - 2018-07-08 10:56 - 000065311 _____ C:\Users\User\Downloads\Buy and Hold Monthly Cash Flow Pro Forma.pdf
2018-07-06 01:18 - 2018-07-06 01:18 - 000362796 _____ C:\Users\User\Downloads\How to apply PDUs for iZenBridge _PMI-ACP® Introductory Course_ (1).pdf
2018-07-06 01:17 - 2018-07-06 01:18 - 000362796 _____ C:\Users\User\Downloads\How to apply PDUs for iZenBridge _PMI-ACP® Introductory Course_.pdf
2018-07-02 14:58 - 2018-07-02 14:58 - 001204720 _____ (Adobe Systems Incorporated) C:\Users\User\Downloads\flashplayer30_ka_install(2).exe
2018-07-02 00:33 - 2018-07-02 00:33 - 000000287 _____ C:\Users\User\Desktop\Business Analyst_to study about.txt
2018-07-01 22:14 - 2018-07-01 22:14 - 000439704 _____ (Yahoo! Inc.) C:\Users\User\Downloads\msgr11us(2).exe
2018-07-01 22:08 - 2018-07-01 22:08 - 000439704 _____ (Yahoo! Inc.) C:\Users\User\Downloads\msgr11us(1).exe
2018-07-01 22:07 - 2018-07-01 22:07 - 000439704 _____ (Yahoo! Inc.) C:\Users\User\Downloads\msgr11us.exe
2018-06-29 20:20 - 2018-06-29 20:20 - 000000000 ____D C:\Users\User\Documents\Zoom
2018-06-29 20:19 - 2018-06-29 20:19 - 000000000 ____D C:\Users\User\AppData\Roaming\Zoom
2018-06-29 20:19 - 2018-06-29 20:19 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2018-06-27 21:09 - 2018-06-27 21:09 - 000054049 _____ C:\Users\User\Downloads\Ansari bill.pdf
2018-06-25 20:18 - 2018-06-25 20:20 - 000000000 ____D C:\Users\User\Desktop\Adil_Resume
2018-06-24 23:09 - 2018-08-07 20:54 - 000000000 ____D C:\Users\User\Documents\OneNote Notebooks
2018-06-24 22:06 - 2018-06-24 22:06 - 000639096 _____ C:\Windows\Minidump\062418-45864-01.dmp
2018-06-24 22:06 - 2018-06-24 22:06 - 000000000 ____D C:\Windows\Minidump
2018-06-24 22:05 - 2018-06-24 22:05 - 364866874 _____ C:\Windows\MEMORY.DMP
2018-06-24 19:00 - 2018-08-12 13:12 - 000003168 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1482575595-4210038101-985159737-1000
2018-06-23 16:51 - 2018-06-23 16:51 - 000000000 ____D C:\Users\User\Documents\Custom Office Templates
2018-06-23 15:57 - 2018-08-12 22:57 - 000000000 ___RD C:\Users\User\OneDrive
2018-06-23 15:57 - 2018-08-12 13:12 - 000002152 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-06-23 15:57 - 2018-06-23 15:57 - 000002100 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-06-23 15:57 - 2018-06-23 15:57 - 000002100 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-06-23 15:57 - 2018-06-23 15:57 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2018-06-23 15:56 - 2018-06-23 15:56 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-06-23 15:53 - 2018-06-23 15:53 - 000000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2018-06-23 15:52 - 2018-08-19 15:57 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-06-23 15:10 - 2018-08-19 15:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-06-23 15:10 - 2018-06-23 15:10 - 000006156 _____ C:\Users\User\Downloads\291 Wheat Ave Investment Packet (1) (1).xlsx
2018-06-23 15:09 - 2018-06-23 15:09 - 000000000 ____D C:\Program Files\Microsoft Office 15
2018-06-23 15:08 - 2018-06-23 15:09 - 004751648 _____ (Microsoft Corporation) C:\Users\User\Downloads\Setup.X86.en-US_O365HomePremRetail_03f95835-a447-4cc9-947e-0e9451565871_TX_PR_.exe
2018-06-23 15:08 - 2018-06-23 15:08 - 000006156 _____ C:\Users\User\Downloads\291 Wheat Ave Investment Packet (1).xlsx
2018-06-23 15:03 - 2018-06-23 15:03 - 000000000 ____D C:\Users\User\AppData\LocalLow\Adobe
2018-06-23 15:03 - 2018-06-23 15:03 - 000000000 ____D C:\Users\User\AppData\Local\CEF
2018-06-23 15:02 - 2018-07-12 23:02 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-06-23 15:01 - 2018-08-17 17:10 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-06-23 15:00 - 2018-06-23 15:04 - 000000000 ____D C:\ProgramData\Adobe
2018-06-23 15:00 - 2018-06-23 15:00 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-06-23 14:57 - 2018-06-23 15:03 - 000000000 ____D C:\Users\User\AppData\Local\Adobe
2018-06-23 14:55 - 2018-06-23 14:55 - 003424799 _____ C:\Users\User\Desktop\291 Wheat Ave Investment Packet.pdf
2018-06-23 14:55 - 2018-06-23 14:55 - 003424799 _____ C:\Users\User\Desktop\291 Wheat Ave Investment Packet (1).pdf
2018-06-23 14:54 - 2018-06-23 14:54 - 003424799 _____ C:\Users\User\Downloads\291 Wheat Ave Investment Packet.pdf
2018-06-19 23:17 - 2018-06-19 23:17 - 000001272 _____ C:\Users\User\Desktop\Snipping Tool.lnk
2018-06-12 13:03 - 2018-05-28 19:04 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-06-12 13:03 - 2018-05-14 23:16 - 001681088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-06-12 13:03 - 2018-05-14 22:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-06-12 13:03 - 2018-05-14 22:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-06-12 13:03 - 2018-05-14 22:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-06-12 13:03 - 2018-05-14 22:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-06-12 13:03 - 2018-05-14 22:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-06-12 13:03 - 2018-05-14 22:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-06-12 13:03 - 2018-05-14 22:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-06-12 13:03 - 2018-05-14 22:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-06-12 13:03 - 2018-05-14 22:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-06-12 13:03 - 2018-05-14 22:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-06-12 13:03 - 2018-05-14 22:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-06-12 13:03 - 2018-05-14 22:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-06-12 13:03 - 2018-05-14 20:20 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-06-12 13:03 - 2018-05-14 20:20 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-06-12 13:03 - 2018-05-11 21:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-06-12 13:03 - 2018-05-11 21:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-06-12 13:03 - 2018-05-11 21:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-06-12 13:03 - 2018-05-11 16:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-06-12 13:03 - 2018-05-11 16:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-06-12 13:03 - 2018-05-10 19:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-06-12 13:03 - 2018-05-10 19:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-06-09 19:15 - 2018-06-09 19:15 - 001204720 _____ (Adobe Systems Incorporated) C:\Users\User\Downloads\flashplayer30_ka_install.exe
2018-06-09 19:15 - 2018-06-09 19:15 - 001204720 _____ (Adobe Systems Incorporated) C:\Users\User\Downloads\flashplayer30_ka_install(1).exe
2018-06-09 16:38 - 2018-06-09 16:38 - 000001268 _____ C:\Users\User\Desktop\DelFix.txt
2018-06-09 16:37 - 2018-06-09 16:38 - 000001268 _____ C:\DelFix.txt
2018-06-09 16:37 - 2018-06-09 16:37 - 000000000 ____D C:\Windows\ERUNT
2018-06-08 18:49 - 2018-06-08 18:49 - 000000000 ____D C:\ProgramData\Emsisoft
2018-06-08 18:44 - 2018-06-08 19:11 - 000000000 ____D C:\EEK
2018-06-08 18:32 - 2018-06-08 18:34 - 338163072 _____ C:\Users\User\Desktop\EmsisoftEmergencyKit.exe
2018-06-08 18:27 - 2018-06-08 18:27 - 000001299 _____ C:\Users\User\Desktop\MalwareByutes scan report 6 8 2018.txt
2018-06-08 18:18 - 2018-07-29 22:29 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-06-08 18:18 - 2018-06-08 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-06-08 18:18 - 2018-06-08 18:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-06-08 18:18 - 2018-06-08 18:18 - 000000000 ____D C:\Program Files\Malwarebytes
2018-06-06 17:09 - 2018-06-06 17:09 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2018-06-06 17:08 - 2018-06-07 18:46 - 000000000 ____D C:\ProgramData\RogueKiller
2018-06-06 17:04 - 2018-06-06 17:05 - 005333851 _____ C:\Users\User\Downloads\Unconfirmed 373878.crdownload
==================== Three Months Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-08-29 19:57 - 2009-07-13 23:45 - 000021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-29 19:57 - 2009-07-13 23:45 - 000021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-29 19:42 - 2017-10-12 16:02 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2018-08-29 19:38 - 2017-07-26 09:36 - 000000000 ___HD C:\Windows\system32\WLANProfiles
2018-08-29 19:33 - 2009-07-14 00:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-29 19:33 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2018-08-29 19:29 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-22 22:56 - 2018-02-04 23:54 - 000000000 ____D C:\Users\User\Desktop\Sabah
2018-08-18 15:42 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\rescache
2018-08-18 14:33 - 2009-07-13 23:45 - 000430024 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-17 17:18 - 2017-07-26 12:55 - 000000000 ____D C:\Windows\system32\MRT
2018-08-17 17:08 - 2017-07-26 12:55 - 137343192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-08-17 17:04 - 2017-07-26 12:43 - 000774404 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-08-16 12:28 - 2017-10-12 16:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-08-16 12:28 - 2017-10-12 16:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-10 19:24 - 2017-12-12 20:04 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Files in the root of some directories =======
2018-03-16 23:17 - 2018-03-16 23:17 - 000003584 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
2018-06-06 17:08 - 2018-04-22 19:07 - 001665336 _____ (Microsoft Corporation) C:\Users\User\AppData\Local\Temp\dllnt_dump.dll
2018-07-11 14:08 - 2018-07-11 14:10 - 057812744 _____ (Skype Technologies S.A.) C:\Users\User\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-08-28 14:44
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by User (29-08-2018 21:03:59)
Running from C:\Users\User\Desktop
Windows 7 Professional Service Pack 1 (X64) (2017-07-25 19:51:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1482575595-4210038101-985159737-500 - Administrator - Disabled)
Guest (S-1-5-21-1482575595-4210038101-985159737-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1482575595-4210038101-985159737-1002 - Limited - Enabled)
User (S-1-5-21-1482575595-4210038101-985159737-1000 - Administrator - Enabled) => C:\Users\User
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Amazon.com Fire_Devices (HKLM\...\Fire_Devices Drivers) (Version: 2 - Amazon.com)
Dell Custom Help (HKLM\...\{BE1CF6CA-3182-45D8-9535-A18055B73607}) (Version: 16.01.1000.0235 - Intel Corporation) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1107.101.210 - ALPS ELECTRIC CO., LTD.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{b6b417a3-1f40-4618-aadd-49628bda7836}) (Version: 16.1.1 - Intel Corporation)
InterActual Player (HKLM-x32\...\InterActual Player) (Version: - )
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.10325.20118 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.10325.20118 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1482575595-4210038101-985159737-1000\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 61.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 61.0.2 (x64 en-US)) (Version: 61.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Skype version 8.28 (HKLM-x32\...\Skype_is1) (Version: 8.28 - Skype Technologies S.A.)
Windows Driver Package - Amazon.com (WinUSB) FireDevicesUsbDeviceClass (10/27/2014 1.4.0000.00000) (HKLM\...\70D74CAD18BB165614511A2A67DB9EBF036D06A9) (Version: 10/27/2014 1.4.0000.00000 - Amazon.com)
Zoom (HKU\S-1-5-21-1482575595-4210038101-985159737-1000\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1482575595-4210038101-985159737-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll => No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-01-10] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {12522F29-3A2D-4BCE-B3BE-53EF43985606} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-08-19] (Microsoft Corporation)
Task: {1CCC88BD-A167-48B4-A1BE-99EB67F071C2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {1FE0FEDE-10B2-4192-A8B8-4BB3CDEBEED2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-08-19] (Microsoft Corporation)
Task: {4DF9A113-353B-47D9-A81A-BF26AE469BF7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation)
Task: {709860FF-D249-474C-B6B9-158D9D89FBDE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation)
Task: {92F68369-96AE-4E07-90C7-84113C4BF94F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-19] (Microsoft Corporation)
Task: {B28253C5-697B-4A3D-B340-2EC9EA0CAB5C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-12] (Google Inc.)
Task: {C18FB505-63A4-4859-BE12-651B457D05DB} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-08-19] (Microsoft Corporation)
Task: {C8A3AE8B-91E6-489A-95D2-9F53429F7837} - System32\Tasks\{37C19B4D-10DE-45EC-B250-3690871712BF} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2018-08-08] (Skype Technologies S.A.)
Task: {D06D47E7-4B5B-4E91-A466-06A0846576A2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-19] (Microsoft Corporation)
Task: {DBC6ABC4-C359-4923-B16D-FCB9FDCB6FC8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-12] (Google Inc.)
Task: {DD6C70B6-430D-4BDA-AD44-50E2AF3541E5} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-08-19] (Microsoft Corporation)
Task: {EE679C66-837B-4C16-BFAD-9510F1725B3D} - System32\Tasks\{D911ACF0-EF32-4C0B-8EC8-0C0E53D5A84C} => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2018-08-08] (Skype Technologies S.A.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-06-08 18:18 - 2018-07-29 22:29 - 002433744 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-06-23 15:25 - 2018-07-31 20:54 - 008933040 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2012-01-10 21:12 - 2012-01-10 21:12 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-08-05 19:24 - 2018-08-05 19:24 - 008932528 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\1033\GrooveIntlResource.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2009-06-10 16:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1482575595-4210038101-985159737-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 108.166.149.2 - 108.166.149.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{40C151B8-3FA5-443B-B5A0-4082525033B4}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{F1C6171E-BE0E-4FF0-905E-97C7DC972BDC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{30ED4AB0-777A-41CF-98AA-7717B6EAB7FD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B1BE5FA6-C61C-4475-8DC0-3F3D5B48644E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{FF594CE9-9E82-4040-B16A-4312554BB3BA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{482D8365-D264-439C-B100-CED9FC28596D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{A2E71CFA-3AE5-4FB8-8326-94500EE766E6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{8DDE278E-13CC-43E4-B5E3-0DD5670DA9E0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{164E2B4C-8B60-479B-B130-6603FA0DA084}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{984F461A-69EE-4E75-B1C1-515140A946AB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{A18A535B-EBEE-46C5-B4A3-C7663173933E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
==================== Restore Points =========================
10-08-2018 19:34:31 Windows Update
14-08-2018 13:08:43 Windows Update
17-08-2018 16:55:32 Windows Update
20-08-2018 18:52:32 Windows Update
27-08-2018 12:40:47 Windows Update
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Broadcom USH
Description: Broadcom USH
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/29/2018 08:57:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (08/29/2018 08:57:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
Error: (08/29/2018 07:29:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/29/2018 07:25:32 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (08/29/2018 07:15:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/29/2018 06:00:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ZeroConfigService.exe, version: 16.1.0.0, time stamp: 0x51e6e2e1
Faulting module name: MurocApi.dll, version: 16.1.0.0, time stamp: 0x51e6e1c8
Exception code: 0xc0000005
Fault offset: 0x0000000000026570
Faulting process id: 0x760
Faulting application start time: 0x01d43fec00d67180
Faulting application path: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
Faulting module path: C:\Program Files\Intel\WiFi\bin\MurocApi.dll
Report Id: 45767fdb-abdf-11e8-8f64-58946b4d47b0
Error: (08/29/2018 06:00:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/28/2018 02:34:26 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (08/29/2018 06:00:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).
Error: (08/29/2018 05:59:45 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:20:58 PM on 8/28/2018 was unexpected.
Error: (08/28/2018 02:25:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® PROSet/Wireless Zero Configuration Service service terminated unexpectedly. It has done this 1 time(s).
Error: (08/28/2018 02:22:39 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:01:39 PM on 8/27/2018 was unexpected.
Error: (08/27/2011 12:33:48 PM) (Source: Microsoft-Windows-Time-Service) (EventID: 34) (User: NT AUTHORITY)
Description: The time service has detected that the system time needs to be changed by 220924799 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->13.89.190.88:123) is working properly.
Error: (05/27/2011 10:09:01 AM) (Source: HECIx64) (EventID: 3) (User: )
Description: Intel® Management Engine Interface driver has failed to perform handshake with the Firmware.
Error: (05/27/2011 10:09:09 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:48:14 PM on 5/26/2011 was unexpected.
Error: (05/26/2011 04:04:23 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:03:23 PM on 5/26/2011 was unexpected.
Windows Defender:
===================================
Date: 2018-05-14 10:56:26.138
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{D218B20B-30D0-4605-A1D6-3C204B4DAE15}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
==================== Memory info ===========================
Processor: Intel® Core™ i5 CPU M 560 @ 2.67GHz
Percentage of memory in use: 66%
Total physical RAM: 3893.83 MB
Available physical RAM: 1287.09 MB
Total Virtual: 7785.81 MB
Available Virtual: 4573.44 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:148.95 GB) (Free:104 GB) NTFS
\\?\Volume{de2082f8-a4c7-11df-a5f4-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 638EC3A5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
![Computer freezing slow [Closed] - last post by Tomk](https://forums.whatthetech.com/uploads/profile/photo-75503.gif?_r=1383264505)
