Computer is unpredictable and unstable. Everything is very sluggish. Shuts down often.
aswMBR.exe gets a blue screen while running.
Here is the log from FRST64
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05.2019
Ran by Craig (administrator) on CRAIG-HP (Hewlett-Packard HP ProDesk 400 G1 DM) (22-05-2019 17:26:23)
Running from C:\Users\Craig\Downloads
Loaded Profiles: Craig (Available Profiles: Craig & DefaultAppPool)
Platform: Windows 10 Pro Version 1809 17763.503 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19041.481.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(Bleeping Computer, LLC. -> Bleeping Computer, LLC) C:\Users\Craig\Downloads\rkill.exe
(Bleeping Computer, LLC. -> Bleeping Computer, LLC) C:\Users\Craig\Downloads\rkill64.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\72.4.136\QtWebEngineProcess.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Touchpoint Manager\Discover HP Touchpoint Manager\LHBeacon.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company) C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(HP Inc. -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP DesignJet Utility\DesignJet Utility\HPDesignJetUtility.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel® pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® Services Manager -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe
(Intuit Inc.) [File not signed] C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Intuit Inc.) [File not signed] C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Intuit, Inc. -> Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.1019\SSScheduler.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.SmartMonitor.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Craig\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotificationUx.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotificationUx.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8513792 2015-08-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411328 2015-08-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2312408 2014-06-26] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Discover HP Touchpoint Manager] => C:\Program Files (x86)\Hewlett-Packard\HP Touchpoint Manager\Discover HP Touchpoint Manager\LHBeacon.exe [421000 2014-09-15] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5537600 2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650784 2015-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863776 2015-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [RunPUMonitor] => C:\Program Files (x86)\HP\HP DesignJet Utility\DesignJet Utility\HPDesignJetUtility.exe [508928 2017-10-23] (HP Inc. -> HP Development Company, L.P.)
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3792648 2017-12-12] (Intuit, Inc. -> Intuit Inc. All rights reserved.)
HKU\S-1-5-21-3336484662-4119272176-3804122616-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22588760 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb] -> Internet Explorer (Enable DEP)
HKLM\Software\...\AppCompatFlags\InstalledSDB\{a9264802-8a7a-40fe-a135-5c6d204aed7a}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb [2011-12-19]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\Installer\chrmstp.exe [2019-05-14] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
HKLM\Software\...\Winlogon\GPExtensions: [{8D90E7E9-6F48-4e24-85E0-596C8E6C4639}] -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCmsGPOClient.dll [2015-02-26] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2018-05-04]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2019-05-19]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.1019\SSScheduler.exe (McAfee, Inc. -> McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2018-05-04]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc. -> Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2018-05-04]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2016\QBW32.EXE (Intuit, Inc. -> Intuit Inc.)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {099D137B-9D65-4032-95E9-E88BDD0F695E} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [257824 2013-07-18] (Intel® Services Manager -> Intel Corporation)
Task: {100D17EA-4BD7-450E-B3F4-1E15F9325C7C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-02] (Google Inc -> Google Inc.)
Task: {103ECC2C-B769-4C11-8333-E2961367A093} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1331F41C-EA7C-4C80-AD8D-FF3EAB8A45CE} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {180F4E82-688E-499E-97F4-603642BEC859} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4639280 2018-12-02] (McAfee, Inc. -> McAfee, Inc.)
Task: {1834AA6B-D98A-428C-A057-D12408817E27} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [257824 2013-07-18] (Intel® Services Manager -> Intel Corporation)
Task: {197BC284-F6F1-423A-99E3-8D6464931F73} - System32\Tasks\EPSON WF-7610 Series Invitation {06D0CD80-94AD-4DC8-BCA2-131898986018} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {1DA53F2B-94BD-44D9-AF73-C0CD310366FD} - System32\Tasks\EPSON WF-7610 Series Update {9058A499-1424-406C-A91A-7C3ABC97E11E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {219F3096-A34E-4AC3-A673-08DDED7BB2E2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {27B57458-D4FE-46A4-931F-5E11173ECB41} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2EFD9C83-23A9-4769-BC8E-4EF38D989146} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {31BF19F1-E455-42AA-AB1E-85B55EC8EA65} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe
Task: {35DB45E1-E9D9-470B-B9AC-99511D048522} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {38A438D5-7478-4B46-B244-0860165C4EF6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-05-02] (Google Inc -> Google Inc.)
Task: {39C72344-527F-4774-AE2E-335DBF321A52} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {415C38D6-2847-49D4-9ED8-0008E3000CAE} - System32\Tasks\EPSON WF-7620 Series Invitation {B8C97CE9-DCA0-4491-B422-B2EF61B65BA8} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {482A6301-84C7-4233-BA0D-A5E8DDA67CF4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {4FC092FD-40E5-407F-B8E5-EECF5F9A607B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5C67AB8A-2064-4873-A8AA-0694C4CDFB67} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5FE87118-83CF-471A-ABC7-CA6568D4308A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {63A50B4C-AD0E-493F-9ED2-9EB72C0F63C5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6AD4744C-7DA7-4C3B-A5CF-7281C82D74EC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6D25906E-A62C-40DF-AB71-C52B82B99C8F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {74E8AECB-D3CB-492F-9662-16CD88EC1160} - System32\Tasks\EPSON WF-7610 Series Update {B386F2C0-4C2F-4FE5-831A-6B2C26127892} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {76B9C54B-8569-40E3-8171-4CD821BEBB9B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {77121C82-C997-4F73-B7B5-53A46E701186} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {783F39BF-86D9-4AC2-90C5-1B2494AE3742} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B3B4066-0950-4C4F-922B-377D37417CBB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [545080 2014-08-22] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {8DA6E151-2B4F-498C-9630-D0EBF793846B} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9745AB66-C4B2-4EA9-9965-EB212A3696F5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [545080 2014-08-22] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {9BF7AEE2-FF33-4370-ADD6-C41281D5C494} - System32\Tasks\EPSON WF-7610 Series Invitation {B386F2C0-4C2F-4FE5-831A-6B2C26127892} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {A3CCA2B1-44E2-45E4-9164-8DF2786CD052} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AF8E1D62-8094-4899-9560-3920F11024B5} - System32\Tasks\EPSON WF-7610 Series Invitation {9058A499-1424-406C-A91A-7C3ABC97E11E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {B1B3E064-FAED-448B-9ACC-B134C4B58789} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B3E16941-25B7-4113-9215-5B234173CACD} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B662BC9E-0144-4A5A-8CD3-945E3391C130} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B917C3EC-F77D-41F8-9556-21B40F974F92} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {BA68362E-3539-4CF4-9E89-DFB8262B112C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C0E7776B-EB31-4617-9FBA-016A85A63166} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {C3AFC384-687F-4402-881B-5D2CB1669302} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {C6DCA586-E19B-4F92-B541-3A11237BCF20} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CB0FDA7A-57F9-4199-B175-570D7FD48013} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CE899445-5BEB-47FF-BBA5-C686F53AF19F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D969C07E-09D4-4325-9E3D-098148249376} - System32\Tasks\EPSON WF-7620 Series Update {B8C97CE9-DCA0-4491-B422-B2EF61B65BA8} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {DC648C5C-6761-42BF-BC40-A4AA4D42D41B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {E25C48CB-95F4-4652-A0AD-F94D5D4FCF0F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {E2ACC2A3-DFD1-4656-989C-DB6F5ED67109} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E3457CA1-214A-42FD-99B4-2424798D4A0E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E4DC02DC-8678-469F-A206-D40C42FFB805} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-26] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E66C792C-D368-49E1-BBDB-E6DD0E4EE675} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {E8E8FD32-213B-4F32-A3B6-A441C92AF058} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E93ECF5A-2E3A-44D9-9A03-E8C8F52D5AD5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EA956834-7F5C-46A5-A959-4E063FB069FC} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {ED6BD6D0-005D-4F0D-9831-C05DD33D6602} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [630584 2014-05-12] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {EDDA35DC-B7DA-4323-B86E-202A735E40F7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F4C2D23C-1DCF-4484-B594-871314808A13} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F877B755-4460-446D-B910-B53E9103363E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {F9F968BB-F643-4540-AE10-28FBBEF38CA7} - System32\Tasks\EPSON WF-7610 Series Update {06D0CD80-94AD-4DC8-BCA2-131898986018} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {FEAF0A4F-4363-405A-A5C5-D6BAFCC38385} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {FFB18CC3-3E76-4733-A13E-DB295597589E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON WF-7610 Series Invitation {06D0CD80-94AD-4DC8-BCA2-131898986018}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE
Task: C:\WINDOWS\Tasks\EPSON WF-7610 Series Invitation {9058A499-1424-406C-A91A-7C3ABC97E11E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE
Task: C:\WINDOWS\Tasks\EPSON WF-7610 Series Invitation {B386F2C0-4C2F-4FE5-831A-6B2C26127892}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE
Task: C:\WINDOWS\Tasks\EPSON WF-7610 Series Update {06D0CD80-94AD-4DC8-BCA2-131898986018}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE:/EXE:{06D0CD80-94AD-4DC8-BCA2-131898986018} /F:UpdateWORKGROUP\CRAIG-HP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-7610 Series Update {9058A499-1424-406C-A91A-7C3ABC97E11E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE:/EXE:{9058A499-1424-406C-A91A-7C3ABC97E11E} /F:UpdateWORKGROUP\CRAIG-HP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-7610 Series Update {B386F2C0-4C2F-4FE5-831A-6B2C26127892}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKBE.EXE:/EXE:{B386F2C0-4C2F-4FE5-831A-6B2C26127892} /F:UpdateWORKGROUP\CRAIG-HP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-7620 Series Invitation {3D2080EC-927D-4738-94DF-918A0CA9E0A2}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE
Task: C:\WINDOWS\Tasks\EPSON WF-7620 Series Invitation {B8C97CE9-DCA0-4491-B422-B2EF61B65BA8}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE
Task: C:\WINDOWS\Tasks\EPSON WF-7620 Series Update {3D2080EC-927D-4738-94DF-918A0CA9E0A2}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE:/EXE:{3D2080EC-927D-4738-94DF-918A0CA9E0A2} /F:UpdateWORKGROUP\CRAIG-HP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-7620 Series Update {B8C97CE9-DCA0-4491-B422-B2EF61B65BA8}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE:/EXE:{B8C97CE9-DCA0-4491-B422-B2EF61B65BA8} /F:UpdateWORKGROUP\CRAIG-HP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{1cd42aaf-503c-4fb1-80f3-f917c9b9d46b}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{8cf43380-a7b7-41c4-bf02-1d6360fd357b}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp13-comm.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13-comm.msn.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp13-comm.msn.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13-comm.msn.com
HKU\S-1-5-21-3336484662-4119272176-3804122616-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp13-comm.msn.com/
HKU\S-1-5-21-3336484662-4119272176-3804122616-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13-comm.msn.com
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2014-06-26] (Hewlett-Packard Company -> Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKU\S-1-5-21-3336484662-4119272176-3804122616-1001 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Handler-x32: intu-help-qb9 - {C1252096-0E63-4C06-A38B-03DF9A16AA12} - C:\Program Files (x86)\Intuit\QuickBooks 2016\HelpAsyncPluggableProtocol.dll [2019-02-21] (Intuit, Inc. -> Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\SysWOW64\mscoree.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: (HP Client Security Manager) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2016-01-06] [Legacy] [not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] (Foxit Corporation -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-08-13] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-08-13] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2015-02-26] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Chrome:
=======
CHR Profile: C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default [2019-05-22]
CHR Extension: (Adobe Acrobat) - C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-05-15]
CHR Extension: (HP Client Security Manager) - C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2017-04-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Craig\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-03]
CHR HKU\S-1-5-21-3336484662-4119272176-3804122616-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2015-02-26]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7126928 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2014-08-15] () [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-26] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-26] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2015-02-26] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [677376 2016-08-02] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [563000 2014-07-16] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 HpDamServiceHost; c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [18232 2014-07-16] (Hewlett-Packard Company -> Hewlett-Packard Development Company)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373704 2017-12-22] (Intel® pGFX -> Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Trusted Connect Service -> Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-08-13] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.1019\McCHSvc.exe [406424 2019-04-24] (McAfee, Inc. -> McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268968 2018-02-07] (Intel® Wireless Connectivity Solutions -> )
R3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2017-12-12] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2017-12-12] (Intuit Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312064 2015-08-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5382448 2019-04-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2019-02-12] (Microsoft Windows -> Microsoft Corporation)
R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3851432 2018-02-07] (Intel® Wireless Connectivity Solutions -> Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [207448 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [262496 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [205848 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61472 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-05-22] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279120 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167872 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477584 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225096 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385640 2019-05-22] (AVAST Software s.r.o. -> AVAST Software)
S3 DAMDrv; C:\WINDOWS\System32\DRIVERS\DAMDrv64.sys [65752 2013-10-07] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 dbx; C:\WINDOWS\System32\DRIVERS\dbx.sys [47600 2019-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [125952 2014-08-13] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3530176 2018-03-06] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S3 Ser2pl; C:\WINDOWS\system32\drivers\ser2pl64.sys [170496 2014-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [206744 2013-06-20] (Intel Wireless Display -> Windows ® Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-04-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344544 2019-04-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-04-23] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-22 17:26 - 2013-04-25 20:20 - 000000076 _____ C:\Users\Craig\Desktop\JRT.exe
2019-05-22 17:23 - 2019-05-22 17:25 - 000001622 _____ C:\Users\Craig\Desktop\Rkill.txt
2019-05-22 17:22 - 2019-05-22 17:28 - 000041425 _____ C:\Users\Craig\Downloads\FRST.txt
2019-05-22 17:22 - 2019-05-22 17:22 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Craig\Downloads\rkill.exe
2019-05-22 17:21 - 2019-05-22 17:22 - 000000000 ____D C:\FRST
2019-05-22 17:21 - 2019-05-22 17:21 - 002435072 _____ (Farbar) C:\Users\Craig\Downloads\FRST64.exe
2019-05-22 17:19 - 2019-05-22 17:19 - 002950750 _____ (Thisisu) C:\Users\Craig\Downloads\JRT.exe
2019-05-22 17:18 - 2019-05-22 17:18 - 000050688 _____ (Atribune.org) C:\Users\Craig\Downloads\ATF_Cleaner.exe
2019-05-22 17:17 - 2019-05-22 17:17 - 000036864 _____ (Appleoddity) C:\Users\Craig\Downloads\JavaMSIFix.exe
2019-05-22 17:16 - 2019-05-22 17:16 - 005660510 _____ (Swearware) C:\Users\Craig\Downloads\ComboFix.exe
2019-05-22 17:03 - 2019-05-22 17:03 - 026807808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 023438848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 020814848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 019022336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 012844032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 012140032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 007879680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 006072320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 005436904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 004660736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 003905536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 003602944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 003551112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 003426816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 003406848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 002393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 002205184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 001467552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2019-05-22 17:03 - 2019-05-22 17:03 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000649064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2019-05-22 17:03 - 2019-05-22 17:03 - 000553656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-22 17:03 - 2019-05-22 17:03 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000451080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-05-22 17:03 - 2019-05-22 17:03 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000317240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-05-22 17:03 - 2019-05-22 17:03 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
2019-05-22 17:03 - 2019-05-22 17:03 - 000263576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2019-05-22 17:03 - 2019-05-22 17:03 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-22 17:03 - 2019-05-22 17:03 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-22 17:03 - 2019-05-22 17:03 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000146744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqmigplugin.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000129848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000109568 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-22 17:03 - 2019-05-22 17:03 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-05-22 17:02 - 2019-05-22 17:03 - 001382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 007645384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 005498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 005296640 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 004997096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 003982848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-22 17:02 - 2019-05-22 17:02 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 003363856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-22 17:02 - 2019-05-22 17:02 - 002995712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 002780000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 002708480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-22 17:02 - 2019-05-22 17:02 - 002701512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 002422272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-22 17:02 - 2019-05-22 17:02 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 002073960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 001860096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 001768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 001699496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-22 17:02 - 2019-05-22 17:02 - 001674696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 001671352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 001653760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 001470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 001395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 001342608 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-22 17:02 - 2019-05-22 17:02 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 001253904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 001225728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-05-22 17:02 - 2019-05-22 17:02 - 001219640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 001179680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 001048376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 000999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000895792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000807464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 000806600 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-22 17:02 - 2019-05-22 17:02 - 000806600 _____ C:\WINDOWS\system32\locale.nls
2019-05-22 17:02 - 2019-05-22 17:02 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000780632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000758896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 000725696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000676256 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000660992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 000638376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000586280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-05-22 17:02 - 2019-05-22 17:02 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000514632 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000508432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000454160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-05-22 17:02 - 2019-05-22 17:02 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000444944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000421392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-05-22 17:02 - 2019-05-22 17:02 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000280592 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000254952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-22 17:02 - 2019-05-22 17:02 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-22 17:02 - 2019-05-22 17:02 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 000203272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000202768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-22 17:02 - 2019-05-22 17:02 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-22 17:02 - 2019-05-22 17:02 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-22 17:02 - 2019-05-22 17:02 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 000179728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-22 17:02 - 2019-05-22 17:02 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000177976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-22 17:02 - 2019-05-22 17:02 - 000163240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 000161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000157200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000147736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000121656 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-05-22 17:02 - 2019-05-22 17:02 - 000090640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000086960 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 000080184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-22 17:02 - 2019-05-22 17:02 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 000066688 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000055792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-22 17:02 - 2019-05-22 17:02 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2019-05-22 17:02 - 2019-05-22 17:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-05-22 17:02 - 2019-05-22 17:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-05-22 17:02 - 2019-05-22 17:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-05-22 17:02 - 2019-05-22 17:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-05-22 17:02 - 2019-05-22 17:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-05-22 17:02 - 2019-05-22 17:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-05-22 17:02 - 2019-05-22 17:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-05-22 17:02 - 2019-05-22 17:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-05-22 16:50 - 2019-05-22 16:50 - 000000000 ____D C:\AdwCleaner
2019-05-22 16:48 - 2019-05-22 16:48 - 007025360 _____ (Malwarebytes) C:\Users\Craig\Downloads\adwcleaner_7.3.exe
2019-05-22 16:34 - 2019-05-22 16:34 - 857141513 _____ C:\WINDOWS\MEMORY.DMP
2019-05-22 16:34 - 2019-05-22 16:34 - 000000000 ____D C:\WINDOWS\Minidump
2019-05-22 16:34 - 2019-05-22 16:34 - 000000000 _____ C:\WINDOWS\Minidump\052219-37656-01.dmp
2019-05-22 16:18 - 2019-05-22 16:18 - 005198336 _____ (AVAST Software) C:\Users\Craig\Desktop\aswMBR.exe
2019-05-22 16:08 - 2019-05-22 16:08 - 000000000 _____ C:\WINDOWS\system32\last.dump
2019-05-22 16:02 - 2019-05-22 16:02 - 000002096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-05-22 16:02 - 2019-05-22 16:02 - 000002084 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-05-22 16:02 - 2019-05-22 16:02 - 000000000 ____D C:\Users\Craig\AppData\Roaming\AVAST Software
2019-05-22 16:02 - 2019-05-22 16:02 - 000000000 ____D C:\Users\Craig\AppData\Local\AVAST Software
2019-05-22 15:59 - 2019-05-22 15:59 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-05-22 15:59 - 2019-05-22 15:59 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-05-22 15:57 - 2019-05-22 15:57 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-05-22 15:57 - 2019-05-22 15:55 - 000477584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-05-22 15:57 - 2019-05-22 15:55 - 000385640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-05-22 15:57 - 2019-05-22 15:55 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-05-22 15:57 - 2019-05-22 15:55 - 000279120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-05-22 15:57 - 2019-05-22 15:55 - 000225096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-05-22 15:57 - 2019-05-22 15:55 - 000167872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-05-22 15:57 - 2019-05-22 15:55 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-05-22 15:57 - 2019-05-22 15:55 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-05-22 15:57 - 2019-05-22 15:55 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-05-22 15:57 - 2019-05-22 15:55 - 000015488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-05-22 15:57 - 2019-05-22 15:54 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-05-22 15:57 - 2019-05-22 15:54 - 000262496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-05-22 15:57 - 2019-05-22 15:54 - 000207448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-05-22 15:57 - 2019-05-22 15:54 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-05-22 15:57 - 2019-05-22 15:54 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-05-22 15:57 - 2019-05-22 15:54 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-05-22 15:53 - 2019-05-22 15:53 - 000000000 ____D C:\Program Files\AVAST Software
2019-05-22 15:52 - 2019-05-22 15:57 - 000000000 ____D C:\ProgramData\AVAST Software
2019-05-22 15:52 - 2019-05-22 15:52 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-05-22 15:52 - 2019-05-22 15:52 - 000002874 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-05-22 15:52 - 2019-05-22 15:52 - 000000871 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-05-22 15:52 - 2019-05-22 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-05-22 15:52 - 2019-05-22 15:52 - 000000000 ____D C:\Program Files\CCleaner
2019-05-22 15:35 - 2019-05-14 18:03 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-22 15:35 - 2019-05-14 18:03 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-22 15:21 - 2019-05-22 15:21 - 000000000 ____D C:\Users\Craig\AppData\Local\D3DSCache
2019-05-19 13:46 - 2019-05-19 13:47 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2019-05-19 13:46 - 2019-05-19 13:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2019-05-08 16:58 - 2019-05-08 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-05-07 15:51 - 2019-05-07 15:51 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-05-07 15:51 - 2019-05-07 15:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-05-07 15:51 - 2019-05-07 15:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-05-07 15:51 - 2019-05-07 15:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-05-07 15:51 - 2019-05-07 15:51 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx.sys
2019-05-01 12:42 - 2019-05-01 12:42 - 014163458 _____ C:\Users\Craig\Downloads\AUNTIE ANNE'S CUT SHEETS VV.pdf
2019-04-29 18:08 - 2019-04-29 18:08 - 008898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 007919104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 004527624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 003690496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2019-04-29 18:08 - 2019-04-29 18:08 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 003421696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2019-04-29 18:08 - 2019-04-29 18:08 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 001459080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 001370624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 001294520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-04-29 18:08 - 2019-04-29 18:08 - 001072424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000964096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000828728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-04-29 18:08 - 2019-04-29 18:08 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2019-04-29 18:08 - 2019-04-29 18:08 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2019-04-29 18:08 - 2019-04-29 18:08 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2019-04-29 18:08 - 2019-04-29 18:08 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-04-29 18:08 - 2019-04-29 18:08 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2019-04-29 18:08 - 2019-04-29 18:08 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2019-04-29 18:08 - 2019-04-29 18:08 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-04-29 18:08 - 2019-04-29 18:08 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscapi.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
2019-04-29 18:08 - 2019-04-29 18:08 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscdll.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 017513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 015223296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 006925824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 005765120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 004704272 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 004304896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 003496448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 003334496 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 002925880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-29 18:07 - 2019-04-29 18:07 - 002871304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-04-29 18:07 - 2019-04-29 18:07 - 002842624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 002689024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 002627384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-29 18:07 - 2019-04-29 18:07 - 002592816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 002438368 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 002042368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 002022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-04-29 18:07 - 2019-04-29 18:07 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001892864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001856000 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001844448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001647632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001615872 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001590064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001567232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001478968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001458056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001360184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-04-29 18:07 - 2019-04-29 18:07 - 001311232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-04-29 18:07 - 2019-04-29 18:07 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001221944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001191728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001155072 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-04-29 18:07 - 2019-04-29 18:07 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-29 18:07 - 2019-04-29 18:07 - 001053192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-04-29 18:07 - 2019-04-29 18:07 - 001035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001022616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000998712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-04-29 18:07 - 2019-04-29 18:07 - 000984888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-04-29 18:07 - 2019-04-29 18:07 - 000982880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000981816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-04-29 18:07 - 2019-04-29 18:07 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000974352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000909840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-04-29 18:07 - 2019-04-29 18:07 - 000888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-29 18:07 - 2019-04-29 18:07 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-04-29 18:07 - 2019-04-29 18:07 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000871792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000865784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2019-04-29 18:07 - 2019-04-29 18:07 - 000821048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000809784 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-29 18:07 - 2019-04-29 18:07 - 000799568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000793832 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-04-29 18:07 - 2019-04-29 18:07 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000761280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000730936 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000653040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000620560 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000598544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-29 18:07 - 2019-04-29 18:07 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-04-29 18:07 - 2019-04-29 18:07 - 000540448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000508208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000506168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000485192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000474928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-04-29 18:07 - 2019-04-29 18:07 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-04-29 18:07 - 2019-04-29 18:07 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-04-29 18:07 - 2019-04-29 18:07 - 000408528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000407504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-04-29 18:07 - 2019-04-29 18:07 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000386872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000386360 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000384312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-29 18:07 - 2019-04-29 18:07 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000343984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000322568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000312632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-29 18:07 - 2019-04-29 18:07 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000283032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000257696 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000255128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmBroker.exe
2019-04-29 18:07 - 2019-04-29 18:07 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000169784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-29 18:07 - 2019-04-29 18:07 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-04-29 18:07 - 2019-04-29 18:07 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000159272 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-29 18:07 - 2019-04-29 18:07 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000157496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-04-29 18:07 - 2019-04-29 18:07 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys
2019-04-29 18:07 - 2019-04-29 18:07 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000147496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-04-29 18:07 - 2019-04-29 18:07 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000143880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-29 18:07 - 2019-04-29 18:07 - 000134456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000115360 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-04-29 18:07 - 2019-04-29 18:07 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-04-29 18:07 - 2019-04-29 18:07 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000098664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000097808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2019-04-29 18:07 - 2019-04-29 18:07 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2019-04-29 18:07 - 2019-04-29 18:07 - 000071208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscapi.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WppRecorder.sys
2019-04-29 18:07 - 2019-04-29 18:07 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-04-29 18:07 - 2019-04-29 18:07 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-29 18:07 - 2019-04-29 18:07 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscdll.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-29 18:07 - 2019-04-29 18:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-29 18:07 - 2019-04-29 18:07 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-29 18:06 - 2019-04-29 18:06 - 002017792 _____ C:\WINDOWS\system32\rdpnano.dll
2019-04-29 18:06 - 2019-04-29 18:06 - 001672704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-29 18:06 - 2019-04-29 18:06 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-29 18:06 - 2019-04-29 18:06 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-04-29 18:06 - 2019-04-29 18:06 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-29 18:06 - 2019-04-29 18:06 - 000306488 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-04-29 18:06 - 2019-04-29 18:06 - 000234808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2019-04-29 18:06 - 2019-04-29 18:06 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-29 18:06 - 2019-04-29 18:06 - 000131384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-04-29 18:06 - 2019-04-29 18:06 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-25 14:15 - 2019-04-25 14:15 - 000025283 _____ C:\Users\Craig\Downloads\WEC Informed Consent and Release of Liability.pdf
2019-04-24 14:29 - 2019-04-24 14:29 - 000012425 _____ C:\Users\Craig\Desktop\Permiss.html
2019-04-24 14:23 - 2019-04-24 14:23 - 000757695 _____ C:\Users\Craig\Downloads\4089
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-22 17:15 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2019-05-22 17:14 - 2019-02-12 19:54 - 000972156 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-22 17:14 - 2018-09-15 03:31 - 000000000 ____D C:\WINDOWS\INF
2019-05-22 17:10 - 2016-05-02 09:52 - 000000000 __SHD C:\Users\Craig\IntelGraphicsProfiles
2019-05-22 17:09 - 2018-09-15 03:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-22 17:09 - 2017-08-01 15:48 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-05-22 17:07 - 2019-02-12 19:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-22 17:07 - 2019-02-12 19:34 - 000457064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-22 17:06 - 2018-09-15 02:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-05-22 17:05 - 2018-09-15 03:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-22 17:05 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-05-22 17:05 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-05-22 17:05 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-05-22 17:05 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-22 17:05 - 2018-09-15 03:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-22 16:51 - 2019-02-12 19:42 - 000000000 ____D C:\Users\Craig
2019-05-22 16:50 - 2019-02-12 19:42 - 000000000 ____D C:\Users\DefaultAppPool
2019-05-22 16:34 - 2019-02-12 19:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-22 16:16 - 2019-02-12 19:59 - 000004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{18833ABF-2840-4621-9B7C-613DBF760B9A}
2019-05-22 15:57 - 2019-01-28 10:21 - 000000000 ___DC C:\WINDOWS\Panther
2019-05-22 15:57 - 2018-09-15 03:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-05-22 15:57 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-05-22 15:47 - 2018-09-15 03:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-22 15:47 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-22 15:34 - 2016-05-04 13:54 - 000000000 ____D C:\Program Files (x86)\McAfee
2019-05-22 15:31 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-05-22 15:30 - 2018-09-15 05:11 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-05-22 15:30 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-05-22 15:30 - 2018-09-15 02:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-05-21 15:13 - 2016-05-02 11:09 - 000000000 ____D C:\EAll
2019-05-19 13:46 - 2019-04-21 13:46 - 000002026 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2019-05-19 13:46 - 2016-05-10 10:09 - 000000000 ____D C:\Program Files\McAfee Security Scan
2019-05-19 13:46 - 2016-05-04 13:45 - 000000000 ____D C:\ProgramData\McAfee
2019-05-16 17:00 - 2016-05-04 13:45 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-16 10:22 - 2019-02-12 19:59 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3336484662-4119272176-3804122616-1001
2019-05-16 10:22 - 2019-02-12 19:42 - 000002413 _____ C:\Users\Craig\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-16 10:22 - 2016-05-02 09:57 - 000000000 ___RD C:\Users\Craig\OneDrive
2019-05-15 07:47 - 2016-04-28 09:36 - 000000000 ___RD C:\Users\Craig\Dropbox (EFSS, LLC)
2019-05-15 00:26 - 2019-02-12 19:59 - 000003418 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-15 00:26 - 2019-02-12 19:59 - 000003294 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-14 18:02 - 2016-05-03 15:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-14 17:59 - 2016-05-03 15:02 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-14 14:27 - 2016-05-02 10:40 - 000002309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-14 14:27 - 2016-05-02 10:40 - 000002268 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-08 16:59 - 2016-04-26 13:45 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-04-30 17:48 - 2018-01-15 19:42 - 000000000 ____D C:\Users\Craig\AppData\Local\Packages
2019-04-29 23:43 - 2019-02-12 19:59 - 000003710 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2019-04-29 22:45 - 2016-05-04 13:54 - 000001201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2019-04-29 22:45 - 2016-05-04 13:54 - 000001187 _____ C:\Users\Public\Desktop\True Key.lnk
2019-04-29 11:46 - 2018-01-15 20:00 - 000000000 ___RD C:\Users\Craig\3D Objects
2019-04-29 11:46 - 2016-02-13 09:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-04-29 11:11 - 2018-09-15 03:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-29 11:11 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-04-23 17:54 - 2018-02-19 11:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================