Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
Ran by Vapor 2 (administrator) on HOMEOFFICE (30-01-2017 16:34:52)
Running from C:\Users\Janet\Downloads
Loaded Profiles: Vapor 2 (Available Profiles: Vapor 2 & DefaultAppPool)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(PC Drivers HeadQuarters LP) C:\Program Files (x86)\Driver Support\svc\DriverSupportAOsvc.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(PC Drivers HeadQuarters LP) C:\Program Files (x86)\Driver Support\svc\DriverSupportAO.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Intel Corporation) C:\WINDOWS\System32\igfxHK.exe
(Microsoft Corporation) C:\WINDOWS\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\wbem\WmiPrvSE.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Janet\AppData\Roaming\HP Photo Creations\Communicator.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7666392 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe [764544 2012-09-14] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [127616 2012-09-14] (Qualcomm Atheros Commnucations)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink Corp.)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-09] ()
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2180680 2017-01-20] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2419766067-897465512-1457611607-1001\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.)
HKU\S-1-5-21-2419766067-897465512-1457611607-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2014-10-28] (Microsoft Corporation)
HKU\S-1-5-21-2419766067-897465512-1457611607-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8894680 2016-08-05] (Piriform Ltd)
HKU\S-1-5-21-2419766067-897465512-1457611607-1001\...\MountPoints2: {19538001-eca6-11e3-be94-b8763f90b512} - "E:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-2419766067-897465512-1457611607-1001\...\MountPoints2: {19812951-30b2-11e5-bee2-a41f7275f882} - "F:\windows\AutoRun.exe"
HKU\S-1-5-21-2419766067-897465512-1457611607-1001\...\Winlogon: [Shell] - <==== ATTENTION
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Janet\AppData\Local\Microsoft\OneDrive\17.3.6743.1212_1\amd64\FileSyncShell64.dll [2017-01-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Janet\AppData\Local\Microsoft\OneDrive\17.3.6743.1212_1\amd64\FileSyncShell64.dll [2017-01-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Janet\AppData\Local\Microsoft\OneDrive\17.3.6743.1212_1\amd64\FileSyncShell64.dll [2017-01-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Janet\AppData\Local\Microsoft\OneDrive\17.3.6743.1212_1\FileSyncShell.dll [2017-01-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Janet\AppData\Local\Microsoft\OneDrive\17.3.6743.1212_1\FileSyncShell.dll [2017-01-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Janet\AppData\Local\Microsoft\OneDrive\17.3.6743.1212_1\FileSyncShell.dll [2017-01-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2014-07-24]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8610.lnk [2016-01-27]
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8610.lnk -> C:\Program Files\HP\HP Officejet Pro 8610\bin\HPStatusBL.dll (No File)
Startup: C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RocketTab3.1.zip.lnk [2015-04-06]
ShortcutTarget: RocketTab3.1.zip.lnk -> C:\ProgramData\{27ab82c5-3ee8-cd3a-27ab-b82c53ee0b14}\RocketTab3.1.zip.exe (No File)
Startup: C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8610.lnk [2016-01-27]
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8610.lnk -> C:\Program Files\HP\HP Officejet Pro 8610\bin\HPStatusBL.dll (No File)
Startup: C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RocketTab3.1.zip.lnk [2015-04-06]
ShortcutTarget: RocketTab3.1.zip.lnk -> C:\ProgramData\{27ab82c5-3ee8-cd3a-27ab-b82c53ee0b14}\RocketTab3.1.zip.exe (No File)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-2419766067-897465512-1457611607-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{675728CD-5C35-4E9A-84FE-40A4764BA05F}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{C6317661-4504-43B6-82D2-6B90DFC400DB}: [NameServer] 8.8.8.8,8.8.4.4
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2419766067-897465512-1457611607-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-2419766067-897465512-1457611607-1001 -> DefaultScope {37E3C407-2C46-468D-B9CC-129B87553529} URL =
SearchScopes: HKU\S-1-5-21-2419766067-897465512-1457611607-1001 -> {37E3C407-2C46-468D-B9CC-129B87553529} URL =
SearchScopes: HKU\S-1-5-21-2419766067-897465512-1457611607-1001 -> {E0DAB97B-D92F-4DF4-8ACA-20C88E161F60} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-01-23] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2012-09-14] (Qualcomm Atheros Commnucations)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2017-01-20] (AVG)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-23] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-01-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-14] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2017-01-20] (AVG)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-14] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-23] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-23] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-10-11] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-23] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-23] (Microsoft Corporation)
Handler-x32: qbpos - {662E7FAE-5C17-491C-AD9D-98C1F66CC6A0} - C:\WINDOWS\SysWOW64\QBPOSProtocol.dll [2006-09-18] (Intuit Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\a79gg3hn.default [2017-01-27]
FF user.js: detected! => C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\a79gg3hn.default\user.js [2015-07-14]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\a79gg3hn.default -> Search Provided by Yahoo
FF DefaultSearchEngine,S: Mozilla\Firefox\Profiles\a79gg3hn.default -> WebSearch
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\a79gg3hn.default -> Search Provided by Yahoo
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\a79gg3hn.default -> WebSearch
FF SearchEngineOrder.1,S: Mozilla\Firefox\Profiles\a79gg3hn.default -> WebSearch
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\a79gg3hn.default -> Search Provided by Yahoo
FF SelectedSearchEngine,S: Mozilla\Firefox\Profiles\a79gg3hn.default -> WebSearch
FF Homepage: Mozilla\Firefox\Profiles\a79gg3hn.default -> hxxps://www.malwarebytes.org/restorebro ... dows%2B8.1
FF Extension: (SilveOSWidget) - C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\a79gg3hn.default\Extensions\jid0-8PuBX6ppPYHJ9qopWqHMf11w69g@jetpack.xpi [2015-06-24]
FF Extension: (S3.Google Translator) - C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\a79gg3hn.default\Extensions\s3google@translator.xpi [2016-04-23]
FF Extension: (translator) - C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\a79gg3hn.default\Extensions\translator@dontfollowme.net.xpi [2015-06-24]
FF Extension: (Quick Translator) - C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\a79gg3hn.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2015-06-24]
FF Extension: (NoScript) - C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\a79gg3hn.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-23]
FF Extension: (Adblock Plus) - C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\a79gg3hn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-26]
FF SearchPlugin: C:\Users\Janet\AppData\Roaming\Mozilla\Firefox\Profiles\a79gg3hn.default\searchplugins\bing-avast.xml [2014-06-09]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-03-24]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [No File]
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [No File]
FF Plugin-x32: @alawar.com/npapi -> C:\WINDOWS\npapi.dll [2013-09-12] (Alawar)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\\npsitesafety.dll [No File]
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-19] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-01-23] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2419766067-897465512-1457611607-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Janet\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-02] (RocketLife, LLP)
FF Plugin HKU\S-1-5-21-2419766067-897465512-1457611607-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Janet\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-14] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2419766067-897465512-1457611607-1001: JoongwonGames.com/JWPlugin -> C:\Users\Janet\AppData\Roaming\JWPlugin\Plugin\npJWPlugin.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 2
CHR HomePage: Profile 2 -> hxxp://google.com/
CHR DefaultSearchURL: Profile 2 -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Profile 2 -> Yahoo
CHR DefaultSuggestURL: Profile 2 -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.885\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\PepperFlash\pepflashplayer.dll => No File
CHR Profile: C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-01-30]
CHR Extension: (Google Docs) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-11]
CHR Extension: (Google Drive) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-11]
CHR Extension: (YouTube) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-11]
CHR Extension: (Google Search) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11]
CHR Extension: (Adobe Acrobat) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-30]
CHR Extension: (Google Docs Offline) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-11]
CHR Extension: (Chrome Media Router) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-14]
CHR Profile: C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3 [2017-01-30]
CHR Extension: (Google Slides) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-15]
CHR Extension: (Google Docs) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-15]
CHR Extension: (Google Drive) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-15]
CHR Extension: (YouTube) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-15]
CHR Extension: (Adblock Plus) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-15]
CHR Extension: (Google Search) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-15]
CHR Extension: (soulshine) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\enbjgfinbinhckicnbfbmgjhloecioof [2015-11-15]
CHR Extension: (Google Sheets) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-15]
CHR Extension: (Google Docs Offline) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-15]
CHR Extension: (Pin It Button) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-11-15]
CHR Extension: (Little Alchemy) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2015-11-15]
CHR Extension: (Skype Click to Call) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-15]
CHR Extension: (Gmail) - C:\Users\Janet\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-15]
CHR Profile: C:\Users\Janet\AppData\Local\Google\Chrome\User Data\System Profile [2016-07-03]
CHR HKU\S-1-5-21-2419766067-897465512-1457611607-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kincmhfambjnciidkendiplanfiiemgm] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaffhmecfaelkngcbnfdkcckmillnoki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros Commnucations) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
S4 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
S4 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-10] (Dell Inc.)
S4 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 DSAO; C:\Program Files (x86)\driver support\svc\DriverSupportAOsvc.exe [2033104 2016-10-22] (PC Drivers HeadQuarters LP)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S4 Intuit Entitlement Service v3; C:\Program Files (x86)\Common Files\Intuit\Entitlement Client\v3\Server\Intuit.Spc.Map.EntitlementClient.Server.Service.exe [24576 2006-05-24] (Intuit, Inc.) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 PhoneMyPC_Helper; C:\Program Files\SoftwareForMe Inc\PhoneMyPC\PhoneMyPC_Helper.exe [31232 2011-07-15] (SoftwareForMe Inc) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 QBPOSDBServiceV6; C:\Program Files (x86)\Intuit\QuickBooks Point of Sale 6.0\DatabaseServer\QBPOSDBServiceV6.exe [1464832 2006-09-18] (Intuit Inc.) [File not signed]
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S4 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-12-11] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2065808 2016-01-04] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2016-09-09] (Dell Inc.)
S4 VolumeCtlSrv; C:\Program Files\DELLOSD\VolumeCtlSrv.exe [221696 2012-07-20] (Wistron Corporation) [File not signed]
S2 vToolbarUpdater40.3.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe [1349704 2017-01-20] (AVG Secure Search)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [980552 2017-01-20] ()
S4 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [24240 2016-01-05] (Dell Computer Corporation)
S3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2012-08-04] (OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 ITECIRfilter; C:\WINDOWS\system32\DRIVERS\ITECIRfilter.sys [18064 2012-06-20] (ITE Tech. Inc. )
S3 LVPr2M64; C:\WINDOWS\system32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-19] (Intel Corporation)
S3 PQAWRwa; C:\Program Files\DELLOSD\PQAWDrv.sys [12384 2008-03-01] () [File not signed]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Apple, Inc.) [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 AndnetBus; \SystemRoot\system32\DRIVERS\lgandnetbus64.sys [X]
S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
R3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]
========================== Drivers MD5 =======================
C:\WINDOWS\System32\drivers\1394ohci.sys E1832BD9FD7E0FC2DC9FA5935DE3E8C1
C:\WINDOWS\System32\drivers\3ware.sys AD508A1A46EC21B740AB31C28EFDFDB1
C:\WINDOWS\System32\drivers\ACPI.sys E796AE43DDD1844281DB4D57294D17C0
C:\WINDOWS\System32\Drivers\acpiex.sys AC8279D229398BCF05C3154ADCA86813
C:\WINDOWS\System32\drivers\acpipagr.sys A8970D9BF23CD309E0403978A1B58F3F
C:\WINDOWS\System32\drivers\acpipmi.sys 111A89C99C5B4F1A7BCE5F643DD86F65
C:\WINDOWS\System32\drivers\acpitime.sys 5758387D68A20AE7D3245011B07E36E7
C:\WINDOWS\System32\drivers\ADP80XX.SYS 7C1FDF1B48298CBA7CE4BDD4978951AD
C:\Windows\SysWow64\drivers\Afc.sys 6CCD1135320109D6B219F1A6E04AD9F6
C:\WINDOWS\system32\drivers\afd.sys A460C3AF3755A2A79A3C8EFE72E147B5
C:\WINDOWS\System32\drivers\agp440.sys 7DFAEBA9AD62D20102B576D5CAC45EC8
C:\WINDOWS\System32\DRIVERS\ahcache.sys FE14D249D39368CA62D8DA6BC94AC694
C:\WINDOWS\System32\drivers\amdk8.sys 7589DE749DB6F71A68489DCE04158729
C:\WINDOWS\System32\drivers\amdppm.sys B46D2D89AFF8A9490FA8C98C7A5616E3
C:\WINDOWS\System32\drivers\amdsata.sys D2BF2F94A47D332814910FD47C6BBCD2
C:\WINDOWS\System32\drivers\amdsbs.sys A8E04943C7BBA7219AA50400272C3C6E
C:\WINDOWS\System32\drivers\amdxata.sys CEA5F4F27CFC08E3A44D576811B35F50
C:\WINDOWS\system32\drivers\appid.sys 415DD71628795197F7AFC176CBADC74E
C:\WINDOWS\System32\drivers\arcsas.sys 65045784366F7EC5FB4E71BCF923187B
C:\WINDOWS\System32\drivers\atapi.sys 74B14192CF79A72F7536B27CB8814FBD
C:\WINDOWS\system32\DRIVERS\athw8x.sys 2C7676F892E88FD190F08D98048C7C6C
C:\WINDOWS\System32\drivers\bxvbda.sys A4A73F631FE2AA2826FBE4A399B04DEF
C:\WINDOWS\System32\drivers\BasicDisplay.sys 8CC7F7E4AFCBA605921B137ED7992C68
C:\WINDOWS\System32\drivers\BasicRender.sys 38A82F4EE8C416A6744B6D30381ED768
C:\WINDOWS\System32\drivers\bcmfn2.sys C1ABB0F7E3BEA48A0417BDF6FF14AB21
C:\Windows\System32\Drivers\Beep.sys EC19013E4CF87609534165DF897274D6
C:\WINDOWS\System32\DRIVERS\bowser.sys 4938A9236300A356F97E378491EE4844
C:\WINDOWS\system32\DRIVERS\BrSerIb.sys 63A00CDBEB300522C49EC7CA77324060
C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys BBCFD6C6EF66449F55AF1BFDB08C9B12
C:\WINDOWS\system32\DRIVERS\btfilter.sys 25B35FDD5FE5666DC49CCC0BC6A9AD81
C:\WINDOWS\System32\drivers\BthAvrcpTg.sys A8F23D453A424FF4DE04989C4727ECC7
C:\WINDOWS\System32\drivers\BthEnum.sys 12418846B057E4F92FC621F5C6CF737D
C:\WINDOWS\System32\drivers\bthhfenum.sys 272A62B660A48AEF366F8A1836CED19F
C:\WINDOWS\System32\drivers\BthHFHid.sys 71FE2A48E4C93DDB9798C024880B6C07
C:\WINDOWS\System32\drivers\BthLEEnum.sys D30C67473A2E229662D21F27EAA9AAA5
C:\WINDOWS\System32\drivers\bthmodem.sys 07E33226AD218A2A162662A05CAFB52F
C:\WINDOWS\System32\drivers\bthpan.sys FEA8FC81431AD93F44D5FBFBBF096AA7
C:\WINDOWS\System32\Drivers\BTHport.sys B810B2B39CCA90DC6BF42AF1658AE0D1
C:\WINDOWS\System32\Drivers\BTHUSB.sys 52A1B7ECAB4C9EF70FD41241691E09D3
C:\WINDOWS\System32\DRIVERS\cdfs.sys 2FA6510E33F7DEFEC03658B74101A9B9
C:\WINDOWS\System32\drivers\cdrom.sys C6796EA22B513E3457514D92DCDB1A3D
C:\WINDOWS\System32\drivers\circlass.sys BE9936EDD3267FAAFF94A7835867F00B
C:\WINDOWS\System32\drivers\CLFS.sys 9DA497AEAF35AA7BF7710132FC2A9906
C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys 075CCE75090786F124573A788C8656E6
C:\WINDOWS\System32\drivers\CmBatt.sys EF6EF85DADC3184A10D8F2F7159973CB
C:\WINDOWS\System32\Drivers\cng.sys EFC79D3224D19FD926FFEA0A24729FEF
C:\WINDOWS\System32\drivers\CompositeBus.sys 03AAED827C36F35D70900558B8274905
C:\WINDOWS\System32\drivers\condrv.sys A1FF7DFBFBE164CF92603C651D304DD2
C:\WINDOWS\System32\drivers\dam.sys 389C998C64319CD97625B0550E52ECFA
C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys B56714DED87E29377F1EE930691DADA2
C:\WINDOWS\system32\drivers\DellProf.sys DC3BD578642252FD9569B9CD75CEF81E
C:\WINDOWS\System32\drivers\DellRbtn.sys DC253191A553DACA7684CFB5B03A4268
C:\WINDOWS\System32\Drivers\dfsc.sys FBFF94FC1FE0699A6BC5ACE270AB9EA1
C:\WINDOWS\system32\DRIVERS\ssudbus.sys 9593475FBC857A05D93BFF4FA7323C2B
C:\WINDOWS\System32\drivers\disk.sys 8B1E62881D5AC68E673CD94B136B34AC
C:\WINDOWS\System32\drivers\dmvsc.sys EB70A894708D1BC176AFD690FF06085F
C:\WINDOWS\system32\DRIVERS\Dot4.sys 27069CFFF29B7F04F4B1BB10154BE52B
C:\WINDOWS\System32\drivers\Dot4Prt.sys 0BD906A79F9CE3013F7D9D0AC45F9F9D
C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys B1C63BBF395499AD3BFB64A4F2FA0CE4
C:\WINDOWS\system32\DRIVERS\dot4usb.sys B7D595F2F464F7B628AD53F06547792C
C:\WINDOWS\system32\drivers\drmkaud.sys 00C594D5A1DBD22AD8B2902B9F6EFF94
C:\WINDOWS\System32\drivers\dxgkrnl.sys F74B839FA0F4E6060CA1DA6B8DA17941
C:\WINDOWS\System32\drivers\evbda.sys 114BCFDF367FF37C3F1B0A96AF542E4D
C:\WINDOWS\System32\drivers\EhStorClass.sys 43531A5993380CC5113242C29D265FD9
C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys 6F8E738A9505A388B1157FDDE7B3101B
C:\WINDOWS\System32\drivers\errdev.sys DFFFAE1442BA4076E18EED5E406FA0D3
C:\Windows\System32\Drivers\exfat.sys 7729D294A555C7AEB281ED8E4D0E01E4
C:\Windows\System32\Drivers\fastfat.sys 7C4E0D5900B2A1D11EDD626D6DDB937B
C:\WINDOWS\System32\drivers\fdc.sys 5D8402613E778B3BD45E687A8372710B
C:\WINDOWS\System32\drivers\fileinfo.sys BCFD8B149B3ADF92D0DB1E909CAF0265
C:\WINDOWS\System32\drivers\filetrace.sys A1A66C4FDAFD6B0289523232AFB7D8AF
C:\WINDOWS\System32\drivers\flpydisk.sys BE743083CF7063C486A4398E3AEFE59A
C:\WINDOWS\System32\drivers\fltmgr.sys C1FB505A73FA2E9019D32444AB33B75A
C:\WINDOWS\System32\drivers\FsDepends.sys A7C31B168F371E8E6796219F23E354DB
C:\Windows\System32\Drivers\Fs_Rec.sys 09F460AFEDCA03F3BF6E07D1CCC9AC42
C:\WINDOWS\System32\DRIVERS\fvevol.sys D4AB6EE3D715BC44C00277FD934FAACF
C:\WINDOWS\System32\drivers\fxppm.sys 9591D0B9351ED489EAFD9D1CE52A8015
C:\WINDOWS\System32\drivers\gagp30kx.sys FC3EF65EE20D39F8749C2218DBA681CA
C:\WINDOWS\System32\drivers\vmgencounter.sys 0BF5CAD281E25F1418E5B8875DC5ADD1
C:\WINDOWS\System32\Drivers\msgpioclx.sys 8DF1254093B5C354CE725EB6B9B0DE19
C:\WINDOWS\system32\drivers\HdAudio.sys 56F69F7C25FB67C970997D7066DBC593
C:\WINDOWS\System32\drivers\HDAudBus.sys D4B7ED39C7900384D9E5C1283F1E7926
C:\WINDOWS\System32\drivers\HidBatt.sys 10A70BC1871CD955D85CD88372724906
C:\WINDOWS\System32\drivers\hidbth.sys 42F88B57CAE42FC10059C887B3FCFCEA
C:\WINDOWS\System32\drivers\hidi2c.sys C241A8BAFBBFC90176EA0F5240EACC17
C:\WINDOWS\System32\drivers\hidir.sys 9BDDEE26255421017E161CCB9D5EDA95
C:\WINDOWS\System32\drivers\hidusb.sys 49676FEC898AB2A11B157F848269A56E
C:\WINDOWS\System32\drivers\HpSAMD.sys A6AACEA4C785789BDA5912AD1FEDA80D
C:\WINDOWS\System32\drivers\HTTP.sys 76A6FDA32A21515B67633497D8FDB1E4
C:\WINDOWS\System32\drivers\hwpolicy.sys 90656C0B3864804B090434EFC582404F
C:\WINDOWS\System32\drivers\hyperkbd.sys 6D6F9E3BF0484967E52F7E846BFF1CA1
C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 907C870F8C31F8DDD6F090857B46AB25
C:\WINDOWS\System32\drivers\i8042prt.sys 49EE0AE9E5B64FFBBD06D55C4984B598
C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 5D90E32E36CE5D4C535D17CE08AEAF05
C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys DD05E7E80F52ADE9AEB292819920F32C
C:\WINDOWS\System32\drivers\iaStorAV.sys 08BFE413B0B4AA8DFA4B5684CE06D3DC
C:\WINDOWS\System32\drivers\iaStorV.sys A2200C3033FA4EF249FC096A7A7D02A2
C:\WINDOWS\system32\DRIVERS\igdkmd64.sys CEFA6BDB4789F3DA003ACBDCC64F5877
C:\WINDOWS\system32\drivers\intelaud.sys B1F193AB8FB72E9FC34B3A39314ED872
C:\WINDOWS\system32\drivers\RTKVHD64.sys CC279B89A16615B8DD13422544F6B478
C:\WINDOWS\System32\drivers\intelide.sys 4E448FCFFD00E8D657CD9E48D3E47157
C:\WINDOWS\System32\drivers\intelpep.sys 7AA01AB1C110916825E6E1389F1B9AF2
C:\WINDOWS\System32\drivers\intelppm.sys 47E74A8E53C7C24DCE38311E1451C1D9
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 9DB76D7F9E4E53EFE5DD8C53DE837514
C:\WINDOWS\System32\drivers\IPMIDrv.sys C800DCD904016B2BF6AB541083770A3A
C:\WINDOWS\System32\drivers\ipnat.sys B7342B3C58E91107F6E946A93D9D4EFD
C:\WINDOWS\System32\drivers\irenum.sys AE44C526AB5F8A487D941CEB57B10C97
C:\WINDOWS\System32\drivers\isapnp.sys 8AFEEA3955AA43616A60F133B1D25F21
C:\WINDOWS\System32\drivers\msiscsi.sys AD3C1F4BD9167420F04052FDA197CF29
C:\WINDOWS\system32\DRIVERS\itecir.sys 7940C1782C703D8305F81B0449072B7B
C:\WINDOWS\system32\DRIVERS\ITECIRfilter.sys 0C70C2127D01CAD333DDF5EFE4B308AB
C:\WINDOWS\System32\drivers\iwdbus.sys DD1F43B86AD84E53203F92FD3EF3AEB6
C:\WINDOWS\System32\drivers\kbdclass.sys 5917AFE4A3F695A54B99C1849C8207FE
C:\WINDOWS\System32\drivers\kbdhid.sys 8CD840A062F6BDF41DDE3ACB96164B72
C:\WINDOWS\system32\DRIVERS\kdnic.sys 813871C7D402A05F2E3A7075F9584A05
C:\WINDOWS\System32\Drivers\ksecdd.sys 304DA394D958BC3B62AF6DF514005B01
C:\WINDOWS\System32\Drivers\ksecpkg.sys 3D4AE520CD6F6FFE549DD195C1F515BE
C:\WINDOWS\system32\drivers\ksthunk.sys 11AFB527AA370B1DAFD5C36F35F6D45F
C:\WINDOWS\system32\DRIVERS\lltdio.sys C09010B3680860131631F53E8FE7BAD8
C:\WINDOWS\System32\drivers\lsi_sas.sys C755AE4635457AA2A11F79C0DF857ABC
C:\WINDOWS\System32\drivers\lsi_sas2.sys ADAC09CBE7A2040B7F68B5E5C9A75141
C:\WINDOWS\System32\drivers\lsi_sas3.sys 04D1274BB9BBCCF12BD12374002AA191
C:\WINDOWS\System32\drivers\lsi_sss.sys 327469EEF3833D0C584B7E88A76AEC0C
C:\WINDOWS\system32\drivers\luafv.sys DDEE191AB32DFC22C6465002ECDF5EE4
C:\WINDOWS\system32\DRIVERS\lv302a64.sys 4A503882318BB2F59218D401614E6AF6
C:\WINDOWS\system32\DRIVERS\LVPr2M64.sys DED333DBDBBCC3555A6E6244522E2F1A
C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys DED333DBDBBCC3555A6E6244522E2F1A
C:\WINDOWS\system32\DRIVERS\lvrs64.sys 125AE13C293889001B8456CF3EB04A40
C:\WINDOWS\system32\DRIVERS\LVUSBS64.sys 5C3FF68267A5D242EE79EE01B993D6CE
C:\WINDOWS\System32\drivers\megasas.sys EB5C03A070F30D64A6DF80E53B22F53F
C:\WINDOWS\System32\drivers\megasr.sys F6F13533196DE7A582D422B0241E4363
C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys 18B9AD128EC84E8D16A83F70CF36594F
C:\WINDOWS\System32\drivers\modem.sys 8B38C44F69259987C95135C9627E2378
C:\WINDOWS\System32\drivers\monitor.sys 601589000CC90F0DF8DA2CC254A3CCC9
C:\WINDOWS\System32\drivers\mouclass.sys 08374E4E5B8914DE6067CBA99F61E930
C:\WINDOWS\System32\drivers\mouhid.sys 5FCBAB60598AE119E02B4C27DE6B99EA
C:\WINDOWS\System32\drivers\mountmgr.sys 24DABC0A77FAFDC0E379AB3B30F61BB6
C:\WINDOWS\System32\drivers\mpsdrv.sys 6FC047578785B0435F4E2660946D1ADC
C:\WINDOWS\system32\drivers\mrxdav.sys 3F818C1518DA702C8F10259095C9BDE0
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys C3B0566DE49265AE98405825938C20A1
C:\WINDOWS\System32\DRIVERS\mrxsmb10.sys 15D7AF1A26CCEBA32DF21A8E2098F463
C:\WINDOWS\System32\DRIVERS\mrxsmb20.sys 0790EEB1EC199F8BE8259E47B373ED23
C:\WINDOWS\system32\DRIVERS\bridge.sys F3C060444777A59FC63D920719E43CCD
C:\Windows\System32\Drivers\Msfs.sys D13329FBF8345B28AB30F44CC247DC08
C:\WINDOWS\System32\drivers\msgpiowin32.sys C6B474E46F9E543B875981ED3FFE6ADD
C:\WINDOWS\System32\drivers\mshidkmdf.sys 65C92EB9D08DB5C69F28C7FFD4E84E31
C:\WINDOWS\System32\drivers\mshidumdf.sys 52299F086AC2DAFD100DD5DC4A8614BA
C:\WINDOWS\System32\drivers\msisadrv.sys 36D92AF3343C3A3E57FEF11C449AEA4C
C:\WINDOWS\system32\drivers\MSKSSRV.sys A9BBBD2BAE6142253B9195E949AC2E8D
C:\WINDOWS\system32\DRIVERS\mslldp.sys 51B3AC0560848CD6D65AC2033E293113
C:\WINDOWS\system32\drivers\MSPCLOCK.sys 7B2128EB875DCBC006E6A913211006D6
C:\WINDOWS\system32\drivers\MSPQM.sys 1E88171579B218115C7A772F8DE04BD8
C:\Windows\System32\Drivers\MsRPC.sys BBE2A455053E63BECBF42C2F9B21FAE0
C:\WINDOWS\System32\drivers\mssmbios.sys 8D6B7D515C5CBCDB75B928A0B73C3C5E
C:\WINDOWS\system32\drivers\MSTEE.sys 115019AE01E0EB9C048530D2928AB4A2
C:\WINDOWS\System32\drivers\MTConfig.sys 96D604A35070360F0DD4A7A8AF410B5E
C:\WINDOWS\System32\Drivers\mup.sys 438EA7A2D8D4F9B8AFB64748ACA70BA8
C:\WINDOWS\System32\drivers\mvumis.sys B8C35C94DCB2DFEAF03BB42131F2F77F
C:\WINDOWS\system32\DRIVERS\nwifi.sys 008F7CED69FD5B30CBDE1E03C6F36A27
C:\WINDOWS\System32\drivers\ndis.sys 97DC5967F65503213FD1F1B3E4A6F983
C:\WINDOWS\system32\DRIVERS\ndiscap.sys 8CECC8DA55F3274181FD1EA28AD76664
C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys 269882812E9A68FFF1AFE1283D428322
C:\WINDOWS\system32\DRIVERS\ndistapi.sys DC1D9F692C2AD84C214584C28501C1F7
C:\WINDOWS\system32\DRIVERS\ndisuio.sys B832B35055BA2B7B4181861FF94D8E59
C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 1F58E48EF75F34C35D8E93A0DC535CFE
C:\WINDOWS\system32\DRIVERS\ndiswan.sys C3755FCF9A0B5C6FE8ED9E873B85D3CE
C:\WINDOWS\system32\DRIVERS\ndiswan.sys C3755FCF9A0B5C6FE8ED9E873B85D3CE
C:\Windows\System32\Drivers\NDProxy.sys B8F36CBC72FC5C8B8A30AD850165EA8E
C:\WINDOWS\System32\drivers\Ndu.sys 3083926D1CC5B56EA0786527B557DD1B
C:\WINDOWS\System32\DRIVERS\netbios.sys 42FF4975D032CAE558AE4BB8448F6E5A
C:\WINDOWS\System32\DRIVERS\netbt.sys 9DC17B7D9D84C37C102D379FCC7D4942
C:\WINDOWS\System32\drivers\netvsc63.sys D4DCE03870314D3354F3501F9DDD4123
C:\Windows\System32\Drivers\Npfs.sys 8F44A2F57C9F1A19AC9C6288C10FB351
C:\WINDOWS\System32\drivers\npsvctrig.sys CBDB4F0871C88DF930FC0E8588CA67FC
C:\WINDOWS\System32\drivers\nsiproxy.sys 0E046FF5823B95326D10CF1B4AF23541
C:\Windows\System32\Drivers\Ntfs.sys 9980B262DBE439AE6BDC91AA985F19EE
C:\Windows\System32\Drivers\Null.sys EF1B290FC9F0E47CC0B537292BEE5904
C:\WINDOWS\System32\drivers\nvraid.sys BC6B5942AFF25EBAF62DE43C3807EDF8
C:\WINDOWS\System32\drivers\nvstor.sys 1F43ABFFAC3D6CA356851D517392966E
C:\WINDOWS\System32\drivers\nv_agp.sys 6934A936A7369DFE37B7DBA93F5E5E49
C:\WINDOWS\System32\drivers\parport.sys 57DCE4FB0467986AE78E1C6FC5240D32
C:\WINDOWS\System32\drivers\partmgr.sys BAFF6122CFC9F95CA175AD8C348179A4
C:\WINDOWS\System32\drivers\pci.sys 91ED124E261EA8FAA1C0FFDF2A71B0C4
C:\WINDOWS\System32\drivers\pciide.sys 346E38FCC6859A727DD28AFAD1F0AFF4
C:\WINDOWS\System32\drivers\pcmcia.sys 4D3BDCC1C7B40C9D7B6AD990E6DEC397
C:\WINDOWS\System32\drivers\pcw.sys BF28771D1436C88BE1D297D3098B0F7D
C:\WINDOWS\System32\drivers\pdc.sys ED54A75050211DC77F9B98C41E026858
C:\WINDOWS\System32\drivers\peauth.sys 0ECEE590F2E2EF969FB74A6FC583A1E6
C:\WINDOWS\system32\DRIVERS\LV302V64.SYS AE0B94363DA0F60D42B9D05B352F61ED
C:\Program Files\DELLOSD\PQAWDrv.sys 3191D910590F6210089498F536CFC25F
C:\WINDOWS\System32\drivers\processr.sys ECD373F9571C745894367CC2635EA44F
C:\WINDOWS\system32\DRIVERS\pacer.sys FC0141B4A5AD6D637D883C1A89FC45C5
C:\WINDOWS\system32\drivers\qwavedrv.sys 83868EB2924E6BC21A54337C65D614D1
C:\WINDOWS\System32\DRIVERS\rasacd.sys B337B1F1E82A83E20A1743E008E25C0F
C:\WINDOWS\system32\DRIVERS\raspppoe.sys 5247F308C4103CDC4FE12AE1D235800A
C:\WINDOWS\system32\DRIVERS\rassstp.sys 41F631007A158FEBB67F0E2AD1601BBA
C:\WINDOWS\System32\DRIVERS\rdbss.sys D67ED4AB59D1EF66B05AD1A81AC28B26
C:\WINDOWS\System32\drivers\rdpbus.sys 6B21EBF892CD8CACB71669B35AB5DE32
C:\WINDOWS\System32\drivers\rdpdr.sys 680C1DAE268B6FB67FA21B389A8B79EF
C:\WINDOWS\System32\drivers\rdpvideominiport.sys BC8A79C625568DDB7DCA49D0C2741A64
C:\WINDOWS\System32\drivers\rdyboost.sys A26AEC49F318FEE141DDDB2C5F99B3E6
C:\Windows\System32\Drivers\ReFS.sys 2D39BCFA4DD1081B8F282B623456B858
C:\WINDOWS\System32\drivers\rfcomm.sys DC66AE45816614D2999DCD3834DCCC4E
C:\WINDOWS\system32\DRIVERS\rspndr.sys 2D05A5508F4685412F2B89E8C2189ABC
C:\WINDOWS\system32\DRIVERS\Rt630x64.sys 19764658C1468C2C0CEF133D28414A6B
C:\WINDOWS\System32\drivers\vms3cap.sys 1A063730F221B2746FF00457AE17E4F0
C:\WINDOWS\System32\drivers\sbp2port.sys C624A1B32211C3166EDB3F4AB02A30B7
C:\WINDOWS\System32\DRIVERS\scfilter.sys 13BEA6C882D4D877A5A85CA149C86BC1
C:\WINDOWS\System32\drivers\sdbus.sys C54B6B2170BF628FD42F799A66956D75
C:\WINDOWS\System32\drivers\sdstor.sys 0B1E929D11A8E358106955603FAC65E8
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\WINDOWS\System32\drivers\SerCx.sys DB2FF24CE0BDD15FE75870AFE312BA89
C:\WINDOWS\System32\drivers\SerCx2.sys 0044B31F93946D5D41982314381FE431
C:\WINDOWS\System32\drivers\serenum.sys 1F0135949A6AD6025F363F80FE268251
C:\WINDOWS\System32\drivers\serial.sys 81633C87B42B63BA484A6177179AC750
C:\WINDOWS\System32\drivers\sermouse.sys 148195AE95D9BC7375A08846439FDAC1
C:\WINDOWS\System32\drivers\sfloppy.sys 472B7A5AC181C050888DB454663DD764
C:\WINDOWS\System32\drivers\SiSRaid2.sys 2F518D13DD6F3053837FE606F1A2EA1F
C:\WINDOWS\System32\drivers\sisraid4.sys 1AC9A200A9C49C4508F04AAFFCA34A3F
C:\WINDOWS\System32\drivers\spaceport.sys 546B88E6906EE9813EFE314DC95E3488
C:\WINDOWS\System32\drivers\SpbCx.sys F337BE11071818FC3F5DC2940B6BDE34
C:\WINDOWS\System32\DRIVERS\srv.sys 36B082C7A764A34FB1DC72D975870B61
C:\WINDOWS\System32\DRIVERS\srv2.sys F5849909D4B29B4E3D4445F943E5C7E3
C:\WINDOWS\System32\DRIVERS\srvnet.sys FABC49666708EA562549E78E6FBF3191
C:\WINDOWS\system32\DRIVERS\ssudmdm.sys 592FF34A2FD6C6351B8A3AA76B2C0A9E
C:\WINDOWS\System32\drivers\stexstor.sys 366DEA74BBA65B362BCCFC6FC2ADFD8B
C:\WINDOWS\System32\drivers\storahci.sys 0ED2E318ABB68C1A35A8B8038BDB4C90
C:\WINDOWS\System32\drivers\vmstorfl.sys 8B9486B64E5FC17FB9CC04CA10B77A34
C:\WINDOWS\System32\drivers\stornvme.sys 0EDD1F4D470C775740625B06A60C9DD5
C:\WINDOWS\System32\drivers\storvsc.sys 548759755BC73DAD663250239D7E0B9F
C:\WINDOWS\System32\drivers\swenum.sys 65454187E0F8B6C0DCECB0287D06EC43
C:\WINDOWS\System32\drivers\tcpip.sys 2F10C145F517419E17203632FCDA0A13
C:\WINDOWS\system32\DRIVERS\tcpip.sys 2F10C145F517419E17203632FCDA0A13
C:\WINDOWS\System32\drivers\tcpipreg.sys 41CF802064F72E55F50CA0A221FD36D4
C:\WINDOWS\system32\DRIVERS\tdx.sys E0BD2D83875464FEEEB242CBA8B7E073
C:\WINDOWS\System32\drivers\terminpt.sys 232D185D2337F141311D0CF1983E1431
C:\WINDOWS\system32\drivers\tpm.sys 80A2FC1A089A71F2DBE5D8394FFB009F
C:\WINDOWS\System32\drivers\tsusbflt.sys BF8F54CA37E9C9D6582C31C5761F8C93
C:\WINDOWS\System32\drivers\TsUsbGD.sys 20185BEB7512EDE4EFECDFA148AC9F99
C:\WINDOWS\system32\DRIVERS\tunnel.sys E85916632CD3B9E9B546968DB950BF42
C:\WINDOWS\System32\drivers\uagp35.sys F6EEAD052943B5A3104C1405BB856C54
C:\WINDOWS\System32\drivers\uaspstor.sys FE6067B1FD4E63650C667B33D080565B
C:\WINDOWS\System32\drivers\ucx01000.sys 807F8CF3E973305FC435C61CBBEE2A49
C:\WINDOWS\System32\DRIVERS\udfs.sys C61EAF8E1E4B2F62BA4FDF457440B2C6
C:\WINDOWS\System32\drivers\UEFI.sys 9578691F297E1B1F519970FE6D47CB21
C:\WINDOWS\System32\drivers\uliagpkx.sys 5EAB5117DDB24FC4D39E6FFFCF1837B9
C:\WINDOWS\System32\drivers\umbus.sys DA34C39A18E60E7C3FA0630566408034
C:\WINDOWS\System32\drivers\umpass.sys AE8294875E5446E359B1E8035D40C05E
C:\WINDOWS\System32\Drivers\usbaapl64.sys F957092C63CD71D85903CA0D8370F473
C:\WINDOWS\system32\drivers\usbaudio.sys DF355EB0199198728027962DCFCDE5FB
C:\WINDOWS\System32\drivers\usbccgp.sys FF78D053A05E5A394F4E3C1816CC65A8
C:\WINDOWS\System32\drivers\usbcir.sys 0139248F6B95CF0D837B5B46A2722D40
C:\WINDOWS\System32\drivers\usbehci.sys C996CBEF922B5653A01E3F50DDCE2F86
C:\WINDOWS\System32\drivers\usbhub.sys CD81683F4553677B9BF5163A922153EB
C:\WINDOWS\System32\drivers\UsbHub3.sys 5C90D5379B53590FBB24BBAD4FA682EE
C:\WINDOWS\System32\drivers\usbohci.sys A0F0484C97D6441ED6A75D7426ECCC9E
C:\WINDOWS\System32\drivers\usbprint.sys 4D655E3B684BE9B0F7FFD8A2935C348C
C:\WINDOWS\System32\drivers\usbscan.sys 0F030491BA4A27BD46F8B8ACEEE83F1A
C:\WINDOWS\System32\drivers\USBSTOR.SYS 9D168BFA334D47BE404367EB58D4E130
C:\WINDOWS\System32\drivers\usbuhci.sys FC974B03C8B87455F44F734C8F31A3C8
C:\WINDOWS\System32\Drivers\usbvideo.sys 5C8F604F6DC74177CDD8372D7B1ADFF0
C:\WINDOWS\System32\drivers\USBXHCI.SYS 44603DA5A87FB491EF59C889EBBB4DDB
C:\WINDOWS\system32\DRIVERS\usb8023x.sys 3CAAB947B1F247A570DE15983BEDEBCF
C:\WINDOWS\System32\drivers\vdrvroot.sys FEB26E3B8345A7E8D62F945C4AE86562
C:\WINDOWS\System32\drivers\VerifierExt.sys A026EDEAA5EECAE0B08E2748B616D4BD
C:\WINDOWS\System32\drivers\vhdmp.sys 8ABB4BABF59F092DF0B43778D8FD1884
C:\WINDOWS\System32\drivers\viaide.sys 06D38968028E9AB19DE9B618C7B6D199
C:\WINDOWS\System32\drivers\vmbus.sys 511AD3FF957A0127E6BD336FF6F89C38
C:\WINDOWS\System32\drivers\VMBusHID.sys DA40BEA0A863CE768C940CA9723BF81F
C:\WINDOWS\System32\drivers\volmgr.sys 436E1A724E7E683F6B612D3D58F04241
C:\WINDOWS\System32\drivers\volmgrx.sys CCB9E901F7254BF96D28EB1B0E5329B7
C:\WINDOWS\System32\drivers\volsnap.sys 17F7B0F2298D97F4B6C7A69511033D3D
C:\WINDOWS\System32\drivers\vpci.sys DAC438FB5FF85A9E72806E2341D5D732
C:\WINDOWS\System32\drivers\vsmraid.sys 4539F45F9F4C9757A86A56C949421E07
C:\WINDOWS\System32\drivers\vstxraid.sys 0849B7260F26FE05EA56DED0672E2F4B
C:\WINDOWS\System32\drivers\vwifibus.sys 71066FF95C487327E44C8AF1B72EBE8B
C:\WINDOWS\system32\DRIVERS\vwififlt.sys 29AB43937FFDA0B0FB56984226E698C6
C:\WINDOWS\system32\DRIVERS\vwifimp.sys 8B8624A93E3F88CB923AEB05B6313227
C:\WINDOWS\System32\drivers\wacompen.sys 0910AB9ED404C1434E2D0376C2AD5D8B
C:\WINDOWS\System32\drivers\WdBoot.sys 81285DDC994F03379DB46419300B2DCB
C:\WINDOWS\System32\drivers\Wdf01000.sys CB6C63FF8342B467E2EF76E98D5B934D
C:\WINDOWS\System32\drivers\WdFilter.sys 26B8FED3F3B85F5F0C4BD03FD00B9941
C:\WINDOWS\System32\Drivers\WdNisDrv.sys CE67080F00E0AF32755096CEA6430ABA
C:\WINDOWS\System32\DRIVERS\wfplwfs.sys 715ABA3DD164D06457A2A3C92F6EA9D5
C:\WINDOWS\System32\drivers\wimmount.sys 5F66B7BB330AA80067FC66149A692620
C:\WINDOWS\System32\drivers\WinUsb.sys 3AF1FA17F1C4ACBDB660D8F98B1A9C13
C:\WINDOWS\System32\drivers\wmiacpi.sys 2834D9D3B4F554A39C72F00EA3F0E128
C:\Windows\System32\Drivers\Wof.sys 7FC5667DF73D4B04AA457CC3A4180E09
C:\WINDOWS\System32\DRIVERS\wpcfltr.sys A2468CC3509394A33C4C32F99563D845
C:\WINDOWS\System32\drivers\WpdUpFltr.sys 9F2904B55F6CECCD1A8D986B5CE2609A
C:\WINDOWS\system32\drivers\ws2ifsl.sys AE072B0339D0A18E455DC21666CAD572
C:\WINDOWS\System32\drivers\WSDPrint.sys F586F3F1BF962FE9AE4316E0D896B22F
C:\WINDOWS\system32\DRIVERS\WSDScan.sys 58035FD3369879E02D65989C44D27450
C:\WINDOWS\System32\drivers\WudfPf.sys 481286719402E4BAEFEA0604AB1B5113
C:\WINDOWS\System32\drivers\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F
C:\WINDOWS\System32\drivers\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F
C:\WINDOWS\System32\drivers\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-30 16:34 - 2017-01-30 16:35 - 00053091 _____ C:\Users\Janet\Downloads\FRST.txt
2017-01-30 16:33 - 2017-01-30 16:34 - 00000000 ____D C:\FRST
2017-01-30 16:33 - 2017-01-30 16:33 - 02420736 _____ (Farbar) C:\Users\Janet\Downloads\FRST64.exe
2017-01-28 13:39 - 2017-01-28 14:07 - 00064898 _____ C:\WINDOWS\ntbtlog.txt
2017-01-28 09:46 - 2017-01-28 09:46 - 00497432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-27 20:48 - 2017-01-30 16:11 - 00000000 ____D C:\Users\Janet\AppData\Local\ElevatedDiagnostics
2017-01-27 20:47 - 2017-01-27 20:47 - 00165671 _____ C:\Users\Janet\Downloads\latestwu.diagcab
2017-01-27 20:47 - 2017-01-27 20:47 - 00165671 _____ C:\Users\Janet\Downloads\latestwu (1).diagcab
2017-01-26 10:16 - 2017-01-26 10:16 - 00066744 _____ C:\Users\Janet\Desktop\vp222.pdf
2017-01-26 09:03 - 2017-01-27 16:14 - 00004974 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for HOMEOFFICE-Vapor 2 HomeOffice
2017-01-26 08:49 - 2017-01-26 08:49 - 03666416 _____ (Microsoft Corporation) C:\Users\Janet\Downloads\gkall2013-kb2760544-fullfile-x64-glb.exe
2017-01-26 08:42 - 2017-01-26 08:43 - 460681368 _____ (Microsoft Corporation) C:\Users\Janet\Downloads\projectsp2013-kb2817433-fullfile-x64-en-us.exe
2017-01-26 08:27 - 2017-01-26 08:27 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2017-01-26 08:27 - 2017-01-26 08:27 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2017-01-25 13:19 - 2017-01-25 13:19 - 21681421 _____ C:\Users\Janet\Downloads\handy-pro-1.13.1 (1).apk
2017-01-23 16:16 - 2017-01-28 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-01-23 16:15 - 2017-01-23 16:15 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-01-23 16:15 - 2017-01-23 16:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2017-01-23 16:14 - 2017-01-23 16:15 - 00000000 ____D C:\Program Files\Microsoft Office
2017-01-23 16:14 - 2017-01-23 16:14 - 00000000 __RHD C:\MSOCache
2017-01-23 16:12 - 2017-01-23 16:12 - 339799344 _____ (Microsoft Corporation) C:\Users\Janet\Downloads\sharepointdesigner_64bit.exe
2017-01-23 16:00 - 2017-01-23 16:00 - 00002479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-01-23 16:00 - 2017-01-23 16:00 - 00002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2017-01-23 16:00 - 2017-01-23 16:00 - 00002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-01-23 16:00 - 2017-01-23 16:00 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-01-23 16:00 - 2017-01-23 16:00 - 00002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-01-23 16:00 - 2017-01-23 16:00 - 00002400 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-01-23 16:00 - 2017-01-23 16:00 - 00002394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-01-23 16:00 - 2017-01-23 16:00 - 00002388 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-01-23 16:00 - 2017-01-23 16:00 - 00002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-01-23 16:00 - 2017-01-23 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
2017-01-23 16:00 - 2017-01-23 16:00 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-01-23 15:48 - 2017-01-23 15:48 - 03907384 _____ (Microsoft Corporation) C:\Users\Janet\Downloads\Setup.X86.en-us_O365ProPlusRetail_092a201a-fb23-4698-b52b-2efc73b17ccb_TX_PR_b_32_.exe
2017-01-23 12:21 - 2017-01-23 12:21 - 21681421 _____ C:\Users\Janet\Downloads\handy-pro-1.13.1.apk
2017-01-21 19:34 - 2017-01-21 19:34 - 00007149 _____ C:\Users\Janet\Downloads\resume (1).pdf
2017-01-21 13:39 - 2016-12-22 14:42 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-01-21 13:39 - 2016-12-22 14:42 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-21 13:22 - 2016-12-01 06:13 - 00869576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-01-21 13:22 - 2016-12-01 06:13 - 00678592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-01-21 13:22 - 2016-12-01 06:11 - 00875720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2017-01-21 13:22 - 2016-12-01 06:11 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2017-01-21 13:22 - 2016-10-20 05:14 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2017-01-21 13:22 - 2016-10-20 05:10 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2017-01-21 13:20 - 2016-11-19 13:24 - 00567152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-21 13:20 - 2016-11-19 13:24 - 00152856 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-01-21 13:20 - 2016-11-19 11:29 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-01-21 13:20 - 2016-11-19 10:44 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-01-21 13:20 - 2016-11-19 09:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-01-21 13:20 - 2016-11-19 09:22 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-01-21 13:20 - 2016-11-16 13:49 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-01-21 13:20 - 2016-11-12 13:06 - 00738104 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2017-01-21 13:20 - 2016-11-12 11:38 - 00613632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2017-01-21 13:20 - 2016-11-12 11:25 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-01-21 13:20 - 2016-11-12 11:08 - 25759744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-21 13:20 - 2016-11-12 11:07 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-01-21 13:20 - 2016-11-12 10:53 - 06049280 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-01-21 13:20 - 2016-11-12 10:29 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-01-21 13:20 - 2016-11-12 10:23 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-01-21 13:20 - 2016-11-12 10:17 - 20302848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-21 13:20 - 2016-11-12 10:14 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-01-21 13:20 - 2016-11-12 10:10 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-01-21 13:20 - 2016-11-12 09:45 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-01-21 13:20 - 2016-11-12 09:41 - 15257088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-01-21 13:20 - 2016-11-12 09:38 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-01-21 13:20 - 2016-11-12 09:37 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-01-21 13:20 - 2016-11-12 09:35 - 02920960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-01-21 13:20 - 2016-11-12 09:21 - 13653504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-01-21 13:20 - 2016-11-12 09:20 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-01-21 13:20 - 2016-11-12 09:11 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-01-21 13:20 - 2016-11-12 09:05 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-01-21 13:20 - 2016-11-12 09:02 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-01-21 13:20 - 2016-11-12 09:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-01-21 13:20 - 2016-11-10 18:33 - 01541240 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-01-21 13:20 - 2016-11-09 09:25 - 01376768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-01-21 13:20 - 2016-11-05 12:46 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-01-21 13:20 - 2016-11-05 10:35 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-21 13:20 - 2016-11-05 09:57 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-01-21 13:20 - 2016-11-05 09:11 - 03606528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-01-21 13:20 - 2016-11-05 07:56 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-01-21 13:20 - 2016-11-05 07:46 - 02463744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-01-21 13:20 - 2016-11-02 12:48 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-01-21 13:20 - 2016-11-02 12:48 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-01-21 13:20 - 2016-11-02 06:03 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-01-21 13:20 - 2016-11-02 06:00 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-01-21 13:20 - 2016-10-27 18:56 - 01380048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2017-01-21 13:20 - 2016-10-27 10:51 - 02896384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-01-21 13:20 - 2016-10-27 10:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-01-21 13:20 - 2016-10-27 10:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-01-21 13:20 - 2016-10-27 10:05 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-01-21 13:20 - 2016-10-27 09:49 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-01-21 13:20 - 2016-10-27 09:47 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-01-21 13:20 - 2016-10-27 09:46 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-21 13:20 - 2016-10-27 09:44 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-01-21 13:20 - 2016-10-27 06:28 - 01097728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-01-21 13:20 - 2016-10-22 09:34 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-01-21 13:20 - 2016-10-22 09:27 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-01-21 13:20 - 2016-10-22 08:58 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-01-21 13:20 - 2016-10-22 08:57 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-01-21 13:20 - 2016-10-22 08:56 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-01-21 13:20 - 2016-10-22 08:46 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-01-21 13:20 - 2016-10-22 08:45 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-01-21 13:20 - 2016-10-22 08:43 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-01-21 13:20 - 2016-10-13 11:06 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-01-21 13:20 - 2016-10-13 11:06 - 01124376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-01-21 13:20 - 2016-10-12 13:49 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-01-21 13:20 - 2016-10-12 13:11 - 00922968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2017-01-21 13:20 - 2016-10-11 12:21 - 00497448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-01-21 13:20 - 2016-10-11 12:21 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-01-21 13:20 - 2016-10-11 10:34 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2017-01-21 13:20 - 2016-10-11 09:47 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-01-21 13:20 - 2016-10-11 08:55 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-01-21 13:20 - 2016-10-11 08:45 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-01-21 13:20 - 2016-10-10 15:31 - 00990040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-01-21 13:20 - 2016-10-10 13:17 - 00444248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-21 13:20 - 2016-10-10 13:17 - 00333656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-21 13:20 - 2016-10-10 10:18 - 00069976 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll
2017-01-21 13:20 - 2016-10-10 10:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2017-01-21 13:20 - 2016-10-09 14:59 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-21 13:20 - 2016-10-09 06:17 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2017-01-21 13:20 - 2016-10-09 06:08 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2017-01-21 13:20 - 2016-10-09 06:08 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2017-01-21 13:20 - 2016-10-08 14:53 - 03754496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2017-01-21 13:20 - 2016-10-08 14:24 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-01-21 13:20 - 2016-10-08 14:21 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-21 13:20 - 2016-10-08 14:18 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-01-21 13:20 - 2016-10-08 14:07 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2017-01-21 13:20 - 2016-10-08 13:49 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2017-01-21 13:20 - 2016-10-08 13:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-01-21 13:20 - 2016-10-08 13:21 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2017-01-21 13:20 - 2016-10-08 13:10 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-21 13:20 - 2016-10-07 17:34 - 01660040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-01-21 13:20 - 2016-10-07 17:34 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-01-21 13:20 - 2016-10-05 06:01 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-01-21 13:20 - 2016-10-05 06:00 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-01-21 13:20 - 2016-10-05 06:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2017-01-21 13:20 - 2016-10-05 05:52 - 00513456 _____ C:\WINDOWS\SysWOW64\locale.nls
2017-01-21 13:20 - 2016-10-05 05:52 - 00513456 _____ C:\WINDOWS\system32\locale.nls
2017-01-21 13:20 - 2016-10-04 20:15 - 01969944 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-01-21 13:20 - 2016-10-04 20:15 - 01613528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-01-21 13:20 - 2016-10-04 20:15 - 00324896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-01-21 13:20 - 2016-10-04 20:15 - 00245320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2017-01-21 13:20 - 2016-10-04 12:39 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2017-01-21 13:20 - 2016-10-04 12:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-01-21 13:20 - 2016-10-04 12:08 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-01-21 13:20 - 2016-10-04 12:08 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-01-21 13:20 - 2016-09-30 16:22 - 07444312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-21 13:20 - 2016-09-27 12:16 - 00445873 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-01-21 13:20 - 2016-09-20 14:30 - 02462040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-01-21 13:20 - 2016-09-17 10:16 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2017-01-21 13:20 - 2016-09-17 09:21 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2017-01-21 13:20 - 2016-09-13 17:53 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-01-21 13:20 - 2016-09-13 17:53 - 01523208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-01-21 13:20 - 2016-09-13 17:53 - 01490112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-01-21 13:20 - 2016-09-13 17:53 - 01358952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-01-21 13:20 - 2016-09-12 14:03 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-01-21 13:20 - 2016-09-12 13:01 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-01-21 13:20 - 2016-09-09 14:14 - 00275800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-01-21 13:20 - 2016-09-09 06:15 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-01-21 13:20 - 2016-09-09 06:09 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-01-21 13:20 - 2016-09-09 06:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-01-21 13:20 - 2016-09-09 06:03 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2017-01-21 13:20 - 2016-09-09 06:02 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2017-01-21 13:20 - 2016-09-08 12:41 - 00121176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-01-21 13:20 - 2016-09-08 06:00 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2017-01-21 13:20 - 2016-09-08 06:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-01-21 13:20 - 2016-09-07 14:07 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-01-21 13:20 - 2016-09-07 13:59 - 01754112 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-01-21 13:20 - 2016-09-07 13:59 - 01377792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-01-21 13:20 - 2016-09-07 13:57 - 01560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-01-21 13:20 - 2016-09-07 13:56 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-01-21 13:20 - 2016-09-03 10:20 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsidsc.dll
2017-01-21 13:20 - 2016-09-03 10:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2017-01-21 13:20 - 2016-09-03 09:21 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsidsc.dll
2017-01-21 13:20 - 2016-09-03 08:12 - 00512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-01-21 13:20 - 2016-09-03 08:05 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-01-21 13:20 - 2016-09-03 07:58 - 00397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-01-21 13:20 - 2016-09-02 06:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2017-01-21 13:20 - 2016-09-02 06:05 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2017-01-21 13:20 - 2016-09-01 06:33 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2017-01-21 13:20 - 2016-09-01 06:33 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2017-01-21 13:20 - 2016-09-01 06:31 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2017-01-21 13:20 - 2016-08-30 06:11 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-01-21 13:20 - 2016-08-29 18:45 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xolehlp.dll
2017-01-21 13:20 - 2016-08-29 18:18 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2017-01-21 13:20 - 2016-08-29 18:18 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2017-01-21 13:20 - 2016-08-29 18:03 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-01-21 13:20 - 2016-08-25 12:50 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-01-21 13:20 - 2016-08-25 11:40 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2017-01-21 13:20 - 2016-08-22 05:34 - 01628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-01-21 13:20 - 2016-08-12 16:05 - 09323008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2017-01-21 13:20 - 2016-08-12 16:03 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifibus.sys
2017-01-21 13:20 - 2016-08-12 16:02 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2017-01-21 13:20 - 2016-08-12 16:01 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-01-21 13:20 - 2016-08-12 14:35 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2017-01-21 13:20 - 2016-08-12 14:19 - 09323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2017-01-21 13:20 - 2016-08-12 13:47 - 15431168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-01-21 13:20 - 2016-08-12 13:17 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2017-01-21 13:20 - 2016-08-12 12:52 - 13317120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-01-21 13:20 - 2016-08-11 17:58 - 02315496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-01-21 13:20 - 2016-08-11 17:58 - 01946176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-01-21 13:20 - 2016-08-11 10:33 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\parport.sys
2017-01-21 13:20 - 2016-08-11 10:33 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2017-01-21 13:20 - 2016-08-11 10:33 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serenum.sys
2017-01-21 13:20 - 2016-08-11 09:17 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-01-21 13:20 - 2016-08-03 07:42 - 01317888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-01-21 13:20 - 2016-08-03 07:36 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-01-21 13:20 - 2016-08-03 07:36 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-01-21 13:20 - 2016-08-03 07:33 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-01-21 13:20 - 2016-07-30 09:12 - 02896384 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2017-01-21 13:20 - 2016-07-30 08:36 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2017-01-21 13:20 - 2016-07-26 05:40 - 00162850 _____ C:\WINDOWS\SysWOW64\C_932.NLS
2017-01-21 13:20 - 2016-07-26 05:40 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2017-01-21 13:20 - 2016-07-23 10:18 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-01-21 13:20 - 2016-07-23 10:12 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-01-21 13:19 - 2016-08-20 15:22 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-01-21 13:19 - 2016-08-20 14:50 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-01-21 13:19 - 2016-08-09 14:47 - 00803176 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-01-21 13:19 - 2016-08-09 14:47 - 00611576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-01-21 13:19 - 2016-08-04 06:17 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-01-21 13:19 - 2016-08-03 10:06 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-01-21 13:19 - 2016-08-03 10:05 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-01-21 13:18 - 2016-08-27 11:44 - 22360288 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-21 13:18 - 2016-08-27 11:44 - 02755504 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-01-21 13:18 - 2016-08-27 11:44 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2017-01-21 13:18 - 2016-08-27 10:26 - 19789232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-21 13:18 - 2016-08-27 10:26 - 02411048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-01-21 13:18 - 2016-08-27 10:26 - 00113656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RestoreOptIn.exe
2017-01-21 13:18 - 2016-08-27 08:33 - 02881536 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-01-21 13:18 - 2016-08-27 08:11 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-01-21 13:18 - 2016-08-27 08:09 - 14466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-21 13:18 - 2016-08-27 07:55 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-21 13:18 - 2016-08-22 08:06 - 00179248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-01-21 13:18 - 2016-08-22 08:06 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-01-21 13:18 - 2016-08-20 17:03 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-01-21 13:18 - 2016-08-20 17:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-01-21 13:18 - 2016-08-20 14:55 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-01-21 13:18 - 2016-08-12 23:40 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-01-21 13:18 - 2016-08-12 16:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2017-01-21 13:18 - 2016-08-11 08:26 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-01-21 13:18 - 2016-08-11 08:17 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-01-21 13:18 - 2016-08-11 08:16 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-01-21 12:39 - 2016-08-20 15:45 - 07076864 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2017-01-21 12:39 - 2016-08-20 15:05 - 05273600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2017-01-21 12:39 - 2016-08-20 14:42 - 07795712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-01-21 12:39 - 2016-08-20 14:27 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-01-21 11:57 - 2017-01-21 12:26 - 00021504 _____ C:\WINDOWS\system32\umstartup.etl
2017-01-20 06:09 - 2017-01-20 06:09 - 00000000 ____D C:\Users\Janet\AppData\Local\Avg2015
2017-01-19 13:33 - 2017-01-19 13:33 - 00252104 _____ (Facebook) C:\Users\Janet\Downloads\FacebookGameroom.exe
2017-01-19 13:33 - 2017-01-19 13:33 - 00252104 _____ (Facebook) C:\Users\Janet\Downloads\FacebookGameroom (2).exe
2017-01-19 13:33 - 2017-01-19 13:33 - 00252104 _____ (Facebook) C:\Users\Janet\Downloads\FacebookGameroom (1).exe
2017-01-18 09:28 - 2017-01-18 09:34 - 00000000 ____D C:\Users\Vapor 2\Documents\Profile1
2017-01-15 20:49 - 2017-01-15 20:49 - 00003505 _____ C:\Users\Janet\Desktop\ltr resume.txt
2017-01-15 19:44 - 2017-01-15 19:50 - 00000000 ____D C:\Users\Janet\Desktop\Cover ltr & Resume
2017-01-13 16:47 - 2017-01-15 20:14 - 00000000 ____D C:\Users\Janet\Documents\Janet
2017-01-12 22:38 - 2017-01-12 22:38 - 00099987 _____ C:\Users\Janet\Desktop\OHClaim.pdf
2017-01-12 21:59 - 2017-01-12 21:59 - 00130170 _____ C:\Users\Janet\Desktop\faith background.pdf
2017-01-10 16:15 - 2017-01-10 16:15 - 21639159 _____ C:\Users\Janet\Desktop\Printing Your Coupons _ Coupons.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-30 16:35 - 2013-07-14 00:09 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-30 16:33 - 2015-04-25 20:19 - 00000428 _____ C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2017-01-30 16:22 - 2013-07-13 23:45 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2419766067-897465512-1457611607-1001
2017-01-30 16:17 - 2014-06-15 21:55 - 00002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-30 16:11 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-30 16:05 - 2016-01-14 22:05 - 00000296 _____ C:\WINDOWS\Tasks\UpdateTask.job
2017-01-30 15:27 - 2015-06-23 19:57 - 00000000 ____D C:\ProgramData\softthinks
2017-01-30 15:27 - 2013-04-27 07:42 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2017-01-30 15:23 - 2015-07-25 16:32 - 00002836 _____ C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2419766067-897465512-1457611607-1001
2017-01-30 15:22 - 2014-03-13 14:13 - 00000000 ___DO C:\Users\Janet\SkyDrive
2017-01-30 15:19 - 2012-07-25 23:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-28 15:14 - 2016-06-24 07:24 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-01-28 14:36 - 2013-08-22 06:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-28 10:01 - 2013-09-29 20:04 - 01005208 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-28 10:01 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS\Inf
2017-01-28 09:43 - 2013-08-22 07:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-01-27 11:22 - 2016-05-06 23:37 - 00000000 ____D C:\Users\Janet\AppData\Roaming\Kodi
2017-01-27 05:38 - 2013-12-11 13:48 - 00000000 ____D C:\Users\Janet
2017-01-26 13:57 - 2015-10-12 12:29 - 00000000 ____D C:\ProgramData\Avg
2017-01-26 13:57 - 2015-10-06 10:32 - 00000000 ____D C:\Users\Janet\AppData\Local\AvgSetupLog
2017-01-26 13:57 - 2015-07-14 10:29 - 00000000 ____D C:\Program Files (x86)\AVG
2017-01-26 13:56 - 2013-09-21 14:10 - 00000000 ____D C:\Users\Janet\AppData\Local\Facebook
2017-01-26 13:54 - 2015-03-21 21:54 - 00000000 ____D C:\ProgramData\iolo
2017-01-26 09:53 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-26 09:32 - 2016-05-10 03:38 - 00000000 ____D C:\found.000
2017-01-26 08:58 - 2016-01-14 22:24 - 00014576 _____ C:\WINDOWS\System32\Tasks\Driver Support-RTMScan
2017-01-26 08:58 - 2016-01-14 22:24 - 00009238 _____ C:\WINDOWS\System32\Tasks\Driver Support-RTMUpdater
2017-01-26 08:58 - 2016-01-14 22:24 - 00009224 _____ C:\WINDOWS\System32\Tasks\Driver Support-RTMRules
2017-01-26 08:56 - 2014-06-17 11:13 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2017-01-26 08:54 - 2013-08-22 05:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2017-01-26 08:32 - 2013-08-22 07:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-26 08:32 - 2013-07-13 23:36 - 00000000 ____D C:\Users\Janet\AppData\Local\Packages
2017-01-26 07:58 - 2015-08-13 11:21 - 00000000 ____D C:\Users\Janet\AppData\Local\Avg
2017-01-26 07:58 - 2015-07-14 10:17 - 00000000 ____D C:\ProgramData\MFAData
2017-01-26 07:53 - 2012-07-26 00:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-01-26 07:49 - 2013-12-11 14:18 - 00000000 ____D C:\Users\Janet\AppData\Local\Deployment
2017-01-26 07:48 - 2014-06-15 19:36 - 00000000 ____D C:\ProgramData\Citrix
2017-01-26 07:48 - 2014-06-15 19:35 - 00000000 ____D C:\Program Files (x86)\Citrix
2017-01-26 07:47 - 2014-06-15 19:35 - 00000000 ____D C:\Users\Janet\AppData\Local\Citrix
2017-01-26 05:14 - 2016-10-13 00:18 - 00000374 _____ C:\WINDOWS\Tasks\PC Health Advisor Update.job
2017-01-24 12:25 - 2015-07-14 10:49 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2017-01-24 06:37 - 2013-07-31 13:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-23 16:16 - 2013-08-22 07:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-21 13:37 - 2013-07-15 20:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-01-21 13:37 - 2013-07-15 20:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-01-21 13:34 - 2013-08-22 07:36 - 00000000 ___RD C:\WINDOWS\ToastData
2017-01-21 13:34 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-21 13:29 - 2013-08-07 11:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-21 13:25 - 2015-07-15 10:56 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-21 13:25 - 2013-07-15 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-01-21 12:32 - 2016-06-24 07:24 - 00003864 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-01-21 12:32 - 2014-07-27 14:45 - 00000000 ____D C:\Users\Janet\AppData\Local\Adobe
2017-01-21 12:32 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-21 12:32 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-21 12:32 - 2013-07-14 00:09 - 00003582 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-01-21 12:10 - 2016-02-03 13:27 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-21 12:10 - 2015-05-21 12:07 - 00004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-21 11:50 - 2013-08-22 05:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2017-01-21 04:31 - 2016-09-07 08:13 - 00001315 _____ C:\Users\Janet\Desktop\jlmid 001.jpg - Shortcut.lnk
2017-01-20 06:09 - 2015-07-14 10:49 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2017-01-20 06:09 - 2015-07-14 10:49 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2017-01-18 09:34 - 2013-04-27 09:06 - 00000000 __SHD C:\System Recovery
2017-01-18 07:29 - 2016-12-07 15:00 - 00003180 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-18 07:29 - 2016-04-20 17:44 - 00002342 _____ C:\Users\Janet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-01-18 07:29 - 2014-02-20 04:36 - 00003188 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2419766067-897465512-1457611607-1001
2017-01-18 07:24 - 2016-01-14 22:24 - 00003484 _____ C:\WINDOWS\System32\Tasks\Driver Support
2017-01-18 07:24 - 2016-01-14 22:24 - 00000000 ____D C:\ProgramData\UAB
2017-01-18 07:24 - 2016-01-14 22:20 - 00000000 ____D C:\Program Files (x86)\Driver Support
2017-01-15 23:23 - 2014-08-08 11:51 - 00000000 ____D C:\Users\DefaultAppPool
2017-01-15 23:23 - 2014-01-11 13:34 - 00000000 ____D C:\Users\QBPOSDBSrvUser
2017-01-15 23:22 - 2016-08-26 00:03 - 00000000 ____D C:\Users\Janet\AppData\Roaming\ICAClient
2017-01-15 23:22 - 2014-04-09 13:35 - 00000000 ____D C:\Users\Janet\AppData\Local\Microsoft Help
2017-01-15 23:22 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\SystemResources
2017-01-15 23:22 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\Globalization
2017-01-15 23:22 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-01-15 23:22 - 2013-08-22 05:36 - 00000000 ____D C:\WINDOWS\servicing
2017-01-15 23:14 - 2013-08-22 07:36 - 00000000 ____D C:\WINDOWS\registration
2017-01-15 23:08 - 2013-04-27 07:38 - 00000000 ____D C:\ProgramData\PCDr
2017-01-13 16:55 - 2015-08-31 01:02 - 00000000 ____D C:\Users\Janet\Documents\David Mich
2017-01-13 16:55 - 2013-07-31 17:21 - 00000000 ____D C:\Users\Janet\Documents\Custom Office Templates
==================== Files in the root of some directories =======
2014-01-11 13:55 - 2014-01-11 13:55 - 0000093 _____ () C:\Users\Janet\AppData\Local\fusioncache.dat
2014-07-24 16:52 - 2016-03-02 14:48 - 0007608 _____ () C:\Users\Janet\AppData\Local\resmon.resmoncfg
2015-07-12 11:35 - 2015-07-12 11:35 - 0000000 _____ () C:\Users\Janet\AppData\Local\Temp.dat
2015-04-23 19:34 - 2015-04-23 19:34 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-06-15 22:00 - 2014-06-15 22:00 - 6696936 _____ (Dell ) C:\ProgramData\Dell Click 2 Fix+-64-bit-V2546.exe
2014-06-15 19:38 - 2014-06-15 19:41 - 6729688 _____ (Dell ) C:\ProgramData\Dell Click 2 Fix-64-bit-V2546.exe
2014-04-10 11:43 - 2016-07-03 17:38 - 0005740 _____ () C:\ProgramData\hpzinstall.log
2016-01-15 23:44 - 2016-01-15 23:44 - 1134080 _____ () C:\ProgramData\TrezaaSetupx30039.msi
2013-04-27 07:42 - 2013-04-27 07:42 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-04-27 07:39 - 2013-04-27 07:40 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-04-27 07:40 - 2013-04-27 07:41 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-04-27 07:39 - 2013-04-27 07:39 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-04-27 07:41 - 2013-04-27 07:42 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
Files to move or delete:
====================
C:\ProgramData\Dell Click 2 Fix+-64-bit-V2546.exe
C:\ProgramData\Dell Click 2 Fix-64-bit-V2546.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== BCD ================================
Firmware Boot Manager
---------------------
identifier {fwbootmgr}
displayorder {bootmgr}
{513644df-dc41-11e6-bf2f-806e6f6e6963}
{513644e0-dc41-11e6-bf2f-806e6f6e6963}
timeout 1
Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale en-US
inherit {globalsettings}
integrityservices Enable
default {current}
resumeobject {d9419594-af62-11e2-8eeb-a41f7275f882}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Firmware Application (101fffff)
-------------------------------
identifier {513644df-dc41-11e6-bf2f-806e6f6e6963}
description SATA PM: ST1000DM003-1CH162
Firmware Application (101fffff)
-------------------------------
identifier {513644e0-dc41-11e6-bf2f-806e6f6e6963}
description SATA SM: PLDS DVD+/-RW DS-8A9SH
Windows Boot Loader
-------------------
identifier {88d41bea-af4e-11e2-901a-a41f7275f882}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{88d41beb-af4e-11e2-901a-a41f7275f882}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-us
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{88d41beb-af4e-11e2-901a-a41f7275f882}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Windows Boot Loader
-------------------
identifier {d9419591-af62-11e2-8eeb-a41f7275f882}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{d9419592-af62-11e2-8eeb-a41f7275f882}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-us
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{d9419592-af62-11e2-8eeb-a41f7275f882}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 8.1
locale en-US
inherit {bootloadersettings}
recoverysequence {d9419596-af62-11e2-8eeb-a41f7275f882}
integrityservices Enable
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {d9419594-af62-11e2-8eeb-a41f7275f882}
nx OptIn
bootmenupolicy Standard
Windows Boot Loader
-------------------
identifier {d9419596-af62-11e2-8eeb-a41f7275f882}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{d9419597-af62-11e2-8eeb-a41f7275f882}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale en-US
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{d9419597-af62-11e2-8eeb-a41f7275f882}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Resume from Hibernate
---------------------
identifier {88d41be8-af4e-11e2-901a-a41f7275f882}
device partition=C:
path \Windows\system32\winresume.efi
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
recoverysequence {d9419591-af62-11e2-8eeb-a41f7275f882}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Resume from Hibernate
---------------------
identifier {d9419594-af62-11e2-8eeb-a41f7275f882}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
recoverysequence {d9419596-af62-11e2-8eeb-a41f7275f882}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes
EMS Settings
------------
identifier {emssettings}
bootems No
Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM Defects
-----------
identifier {badmemory}
Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}
Device options
--------------
identifier {88d41beb-af4e-11e2-901a-a41f7275f882}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Device options
--------------
identifier {d9419592-af62-11e2-8eeb-a41f7275f882}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
Device options
--------------
identifier {d9419593-af62-11e2-8eeb-a41f7275f882}
description Windows Setup
ramdisksdidevice partition=C:
ramdisksdipath \$WINDOWS.~BT\Sources\SafeOS\boot.sdi
Device options
--------------
identifier {d9419597-af62-11e2-8eeb-a41f7275f882}
description Windows Recovery
ramdisksdidevice unknown
ramdisksdipath \Recovery\WindowsRE\boot.sdi
LastRegBack: 2016-03-10 12:00
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-01-2017
Ran by Vapor 2 (30-01-2017 16:36:15)
Running from C:\Users\Janet\Downloads
Windows 8.1 (Update) (X64) (2013-12-11 22:16:46)
Boot Mode: Normal
==========================================================