CammyKretschmar Posted February 19, 2019 Report Share Posted February 19, 2019 Please help me cleaning my computer. Link to post Share on other sites
flashh4 Posted February 19, 2019 Report Share Posted February 19, 2019 Will be right back with instructions ! Link to post Share on other sites
flashh4 Posted February 19, 2019 Report Share Posted February 19, 2019 Howdy Cammy and welcome to BestTechie !!! My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer. Run these 1 at a time & post each log as you get it ! Work them as your time permits you to !! If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !! Perform all actions in the order given. Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up ! Do Not Remove anything or run any tools/programs until advised to do so ! Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections. If you think you have similar problems, please post a log in the Malware Removal forum and wait for help. =================================== Run these programs & post the logs for me !! " AdwCleaner " - Fix Mode * Download AdwCleaner and move it to your Desktop >>> https://redirect.viglink.com/?format=go&jsonp=vglnk_153499349896414&key=bf4adfcbb328b51c165afd7f95bfc060&libId=jl5zbctz010000j1000DL5lh1777x&loc=https%3A%2F%2Fforums.whatthetech.com%2Findex.php%3Fshowtopic%3D131542&v=1&out=http%3A%2F%2Fwww.bleepingcomputer.com%2Fdownload%2Fadwcleaner%2Fdl%2F125%2F&ref=https%3A%2F%2Fforums.whatthetech.com%2Findex.php%3Fs%3Dad4ec49e3bd2fd3367a33c901a13c3c6%26showforum%3D27&title=Potentially Infected%3F Targeted by an Email Scam - Virus%2C Spyware %26 Malware Removal&txt=<strong>AdwCleaner<%2Fstrong> <<< * Right-click on AdwCleaner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users) * Accept the EULA (I accept), then click on Scan * Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button. This will kill all the active processes * Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it * After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply =============================== " Malwarebytes Anti-Malware " * Please download the Malwarebytes Anti-Malware >>> https://www.malwarebytes.com/mwb-download/thankyou/ <<< setup file to your Desktop. OR from this location Here >>>> https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ * Open mbam-setup.x.x.xxxx.exe (x represents the version #) and follow the prompts to install the programme. * Windows Vista, Windows 7 , 8, 8.1 and 10 : Right click and select "Run as Administrator" * After the installation IS complete let it update if it asks. * Under SETTINGS.....APPLICATIONS leave everything at default * Under SETTINGS.....PROTECTION make sure AUTOMATIC QUARANTINE is on. * Then go to the Dashboard and click on SCAN NOW * Then on the Dashboard click on Scan * Make sure to select THREAT SCAN * Then click on Scan Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. * If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes. * Upon completion of the scan (or after the reboot), click the Reports tab. * Double-click the Scan Log. * At the bottom click Export and choose Text file. Save the file to your desktop and include its content in your next reply. Thanks Chuck Link to post Share on other sites
CammyKretschmar Posted February 19, 2019 Author Report Share Posted February 19, 2019 # ------------------------------- # Malwarebytes AdwCleaner 7.2.7.0 # ------------------------------- # Build: 01-30-2019 # Database: 2019-02-19.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 02-19-2019 # Duration: 00:00:01 # OS: Windows 10 Home # Cleaned: 30 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.babylon-software.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\translation.babylon-software.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dictionary.babylon-software.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\babylon-software.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.babylon-software.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\translation.babylon-software.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dictionary.babylon-software.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\babylon-software.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\driversupport.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\download.driversupport.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\driversupport.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\download.driversupport.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\staticimgfarm.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ak.staticimgfarm.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\staticimgfarm.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ak.staticimgfarm.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hp.myway.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hp.myway.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\yourtango.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.yourtango.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\yourtango.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.yourtango.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\artquiltsmadeeasy.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\artquiltsmadeeasy.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\thebrighttag.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\s.thebrighttag.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\thebrighttag.com Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\s.thebrighttag.com ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [8266 octets] - [19/02/2019 13:50:23] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## Link to post Share on other sites
flashh4 Posted February 19, 2019 Report Share Posted February 19, 2019 Good job Cammy on to the next program !! Chuck Link to post Share on other sites
CammyKretschmar Posted February 19, 2019 Author Report Share Posted February 19, 2019 Malwarebytes scan is okay Link to post Share on other sites
flashh4 Posted February 19, 2019 Report Share Posted February 19, 2019 OK .... cool ! One more scan then i will write up a fix to clean everything in the registery !! This is the correct site Cammy ..... so sorry !! This must be run using FireFox Browser !! Download OldTimer to your desk top ! Links: http://oldtimer.geekstogo.com/OTL.com http://oldtimer.geekstogo.com/OTL.scr http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ If you already have a copy of OTL delete it and use this version. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator). * Double click OTL.exe to launch the program. * Check the following. o Scan all users. o Standard Output. o Lop check. o Purity check. oExtra Registry > Use SafeList * Under Extra Registry section, select Use SafeList * Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins). * When finished it will produce two logs. o OTL.txt (open on your desktop). o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL. * Please post me both logs. This may have to be broken into more than one post ! Link to post Share on other sites
CammyKretschmar Posted February 20, 2019 Author Report Share Posted February 20, 2019 Extras.Txt OTL.Txt Extras TXT OTL Extras logfile created on: 2/19/2019 3:44:21 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Cammy\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.17763.0) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 7.98 Gb Total Physical Memory | 4.09 Gb Available Physical Memory | 51.23% Memory free 10.36 Gb Paging File | 5.88 Gb Available in Paging File | 56.77% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465.22 Gb Total Space | 368.99 Gb Free Space | 79.31% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: DESKTOP-10GNTI1 | User Name: Cammy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- Reg Error: Key error. http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation) Directory [UpdateEncryptionSettings] -- Reg Error: Key error. Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [opennew] -- Reg Error: Key error. http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation) Directory [UpdateEncryptionSettings] -- Reg Error: Key error. Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature] "DisableAvCheck" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP\3d67b584-9973-48d2-8f7c-5b2f87ecfccc] "GUID" = 3d67b584-9973-48d2-8f7c-5b2f87ecfccc "CALLINGBINARY" = C:\Users\Cammy\AppData\Local\Microsoft\OneDrive\OneDrive.exe -- (Microsoft Corporation) "NAMESPACE" = C:\Users\Cammy\OneDrive -- [2019/02/19 13:57:42 | 000,000,000 | R--D | M] "DISPLAYNAME" = OneDrive "EXEPATH" = C:\Users\Cammy\AppData\Local\Microsoft\OneDrive\OneDrive.exe -- (Microsoft Corporation) "ACCOUNTNAME" = Microsoft Account "USERSID" = S-1-5-21-58813982-3221096879-2923320769-1001 "TYPE" = 0 "SIGNED" = 1 "FLAGS" = 0 "STATE" = 0 "RESTOREURL" = https://onedrive.live.com?v=restore&suggestedRestoreDate=2019-02-19T20:57:41Z 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 7C 54 66 C7 CF 9E D4 01 [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature] "DisableAvCheck" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = Reg Error: Unknown registry data type -- File not found ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{6D18CA13-232F-4A62-9DFE-9B8921372B16}" = lport=30861 | protocol=6 | dir=in | name=avastutilityport | "{7DF62301-662A-4430-A8EC-F1D128C82EA2}" = lport=30871 | protocol=6 | dir=in | name=avastutilityport | "{83DCA66A-679C-40E2-94B4-E513363DFD53}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | "{C4DAE1B3-2C1E-41DB-BEF7-57D760CDB75C}" = lport=30869 | protocol=6 | dir=in | name=avastutilityport | "{EA1AC539-9408-49ED-B10D-BA621CC77951}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | "{EB50CD6A-B35C-4D90-9234-282A434B6B1D}" = lport=30870 | protocol=6 | dir=in | name=avastutilityport | "{F721177D-1D16-41E9-A932-CA97F59D4191}" = lport=4158 | protocol=6 | dir=in | name=avastutilityport | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01AF3091-BAF3-4314-914C-4BA3B95DAE38}" = dir=in | name=microsoft sticky notes | "{033D0C8F-2D46-4039-8759-26DF2C454747}" = dir=out | name=microsoft solitaire collection | "{0505C8CE-1940-4642-9C3D-E8D7ADF3863A}" = dir=out | name=@{microsoft.windows.cortana_1.11.5.17763_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} | "{05392EBD-412F-4FE7-A24F-A716B7475B37}" = dir=out | name=xbox | "{0AC36D7C-49B5-4A02-A039-73419659C59D}" = dir=out | name=@{microsoft.microsoftofficehub_17.10314.31700.1000_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} | "{0BCDF423-5A0B-4E34-88BB-E7DEBD669479}" = dir=in | name=@{microsoft.windowsstore_11811.1001.18.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | "{0DA8F514-9C38-4A7F-9674-4D0230A209DC}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1805.2331.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} | "{14691062-0113-4717-8103-571D839B6612}" = dir=in | name=@{microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} | "{19ABBE66-E48B-40A5-9D8C-6B4D980BC443}" = dir=in | name=hp smart | "{1B648D2F-85AC-43C6-B636-937D90A2BA91}" = dir=out | name=@{microsoft.gethelp_10.1706.13371.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.gethelp/resources/appdisplayname} | "{20319736-09D9-43C6-A0A5-D1CEFD121895}" = dir=out | name=dolby access | "{2295C76B-50EF-49D1-9655-D69E8563E388}" = dir=out | name=@{microsoft.windows.photos_2019.18114.17710.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | "{25CD812A-07B6-4A67-B999-3D9D25BCF344}" = dir=out | name=@{microsoft.windows.sechealthui_10.0.17763.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.sechealthui/resources/packagedisplayname} | "{2876DAC7-898F-4B46-A638-4F8734F2789E}" = dir=out | name=@{microsoft.windowsmaps_5.1811.3233.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} | "{2C5EB220-A6D9-47D0-AD98-87D0BBC7F971}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{2F3DBB8B-8C1B-4EDF-97C2-2D8B5DD1E63C}" = dir=out | name=@{microsoft.mixedreality.portal_2000.19011.1132.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mixedreality.portal/resources/pkgdisplayname} | "{388D1504-24DD-4FC0-AE91-E8A9570F7572}" = dir=in | name=print 3d | "{3933EC2F-CD09-4414-B7F7-69AE11E85F8F}" = dir=out | name=@{microsoft.microsoftedge_44.17763.1.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | "{3FE93F37-6512-4CFA-BB60-8A9A19C55E65}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.17763.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} | "{410F8F75-00FB-4F30-AB77-135EDC866F3D}" = dir=out | name=xbox tcui | "{44D79443-3F97-4F86-9748-43C3848CEC1D}" = dir=out | name=@{microsoft.microsoft3dviewer_5.1811.27012.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoft3dviewer/common.view.uwp/resources/storeappname} | "{46C09E1A-29E1-458E-9D32-73EE39C0984D}" = dir=out | name=@{microsoft.lockapp_10.0.17763.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} | "{4A412DFF-C90A-4A58-9CFE-0E86D16BB891}" = dir=out | name=@{microsoft.mspaint_5.1811.20017.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.mspaint/resources/appname} | "{4D10DEBC-7AA7-41FE-9688-45BF100F4F91}" = dir=in | name=@{microsoft.yourphone_1.0.20388.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} | "{57CB48C3-03E0-4EB6-BCE4-7086C9483D5B}" = protocol=6 | dir=in | app=c:\program files (x86)\avast software\business agent\clientmanager.exe | "{58C45C39-37B5-407B-B313-98196DA4AA91}" = dir=out | name=@{microsoft.storepurchaseapp_11811.1001.18.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.storepurchaseapp/resources/displaytitle} | "{5B099C47-12F7-4150-8F5B-3FBEDA92ADBA}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1805.2331.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} | "{5EE8A058-D7FD-4F79-A805-FD83D52E974E}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.17763.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | "{617C8AA9-121B-42C7-AB2C-805FF1278553}" = dir=out | name=@{microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} | "{639280CE-01B3-4B58-AA2A-D113AA4824B7}" = dir=out | name=skype | "{65B95D14-77D4-4733-89AA-7419CC9CA608}" = dir=out | name=@{microsoft.oneconnect_5.1901.311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} | "{6B0168B2-1472-4BD1-8DB5-65A6246B4435}" = dir=out | name=@{microsoft.xboxidentityprovider_12.46.25001.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} | "{6C433E80-56C3-4679-AF02-66CA9F972676}" = dir=out | name=@{microsoft.getstarted_7.2.13253.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} | "{71346CC7-B075-44A1-BA23-99AE8AD9DEFF}" = dir=in | name=dolby access | "{71BEA9EB-7E8D-4F71-892D-8C242E014151}" = dir=out | name=@{microsoft.ppiprojection_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | "{71C519AC-9A7C-4629-B878-95FE83C335EE}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | "{727D76B7-BD6B-4D01-AAD1-D29A436B6B6A}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.17763.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} | "{743BC235-0CE8-455C-B6AC-DAECBC4B2BEA}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.17763.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | "{782314F2-097D-46EE-9D31-8011B1F3F7F2}" = dir=in | name=onenote | "{7F052A03-B9F5-4753-811C-02409C40583B}" = dir=in | name=@{microsoft.microsoftedge_44.17763.1.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | "{813015AC-66B7-4E67-A0CF-39F930367FEA}" = dir=out | name=windows_ie_ac_001 | "{84E290B1-1000-46A0-A0CA-10956D061B67}" = dir=out | name=@{microsoft.yourphone_1.0.20388.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.yourphone/resources/appname} | "{876096B2-0E43-4511-99AA-218A7B6AF32E}" = dir=out | name=shell input application | "{8778A166-988B-401F-9C47-1DC90767B015}" = dir=out | name=minecraft for windows 10 | "{8C3392EB-F5DF-4BDE-8DC4-D7D5DBFCAD99}" = dir=out | name=hp smart | "{9059584C-DBE0-4876-BDAA-4211B627C68A}" = dir=out | name=@{microsoft.windows.narratorquickstart_10.0.17763.1_neutral_neutral_8wekyb3d8bbwe?ms-resource://microsoft.windows.narratorquickstart/resources/appdisplayname} | "{90BBB8AE-0E4C-4508-B88E-923B149599A3}" = dir=out | name=@{microsoft.bingweather_4.28.10351.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} | "{941346E9-4BCE-4381-8432-0B837FE7F234}" = dir=in | name=@{microsoft.windows.photos_2019.18114.17710.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | "{95EA3E2A-8BE8-4E46-B6C5-DC85B9374A18}" = dir=out | name=@{microsoft.desktopappinstaller_1.0.30311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} | "{974F242E-2DD5-4B1E-AD3C-8FD30B3D4B7D}" = dir=out | name=@{microsoft.windowscalculator_10.1811.3241.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscalculator/resources/appstorename} | "{9BA44C92-C631-4C4F-B9F5-01D51954E111}" = dir=out | name=@{microsoft.windowscamera_2018.825.100.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscamera/resources/appstorename} | "{9D0CF851-E653-42E7-90C9-76D80551C922}" = dir=out | name=microsoft pay | "{A152C3FF-FD78-4FD0-B246-FCA6497E8CD8}" = dir=in | name=microsoft solitaire collection | "{A2A4AAB5-374B-4691-A137-1171552F66C9}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} | "{A6B576C2-7780-4333-AFC5-102838B05C0E}" = dir=in | name=@{microsoft.ppiprojection_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | "{A6E1F45F-7EFA-4E00-8162-60AA848AC820}" = dir=in | name=@{microsoft.zunemusic_10.19011.11311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{A91B6EE8-7725-4EDB-88C3-EE60D94F05C9}" = dir=in | name=skype | "{AB4ADFB2-BDD7-44CE-8199-45294FB88D6E}" = dir=out | name=@{microsoft.win32webviewhost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} | "{AB96BFE3-277E-4DE2-9F26-6FC131B4069A}" = dir=in | name=@{microsoft.xboxgamingoverlay_2.24.5004.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxgamingoverlay/resources/gamebar} | "{AE613B24-909B-41E8-BF2A-B7AD2D01BA6D}" = dir=out | name=candy crush soda saga | "{AEC40343-7DC7-474D-9460-E1E1DF64940E}" = protocol=6 | dir=in | app=c:\program files\avast software\avast\avemupdate.exe | "{AFD19E3B-11E3-4567-88EB-9263ACEE3CB5}" = dir=out | name=@{microsoft.xboxgamingoverlay_2.24.5004.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxgamingoverlay/resources/gamebar} | "{B005EC36-61FC-4F45-82D2-ADE885A88A8E}" = protocol=17 | dir=in | app=c:\program files (x86)\avast software\business agent\clientmanager.exe | "{B115F9EA-A885-4028-8EE5-076C3A4BFF32}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} | "{B45B0B28-BA6C-42CB-9527-96FC9550DEBA}" = dir=out | name=candy crush saga | "{B82232BA-C660-4631-A409-FDA13E7F95B3}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | "{B9164B22-1C9E-4EBB-82EB-C27111FE977B}" = dir=out | name=@{microsoft.windows.peopleexperiencehost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.peopleexperiencehost/resources/pkgdisplayname} | "{C53C5A4D-41AC-458B-99A2-2334D7CAD6C8}" = dir=out | name=@{microsoft.zunevideo_10.19011.11311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{C84406D2-475F-45AA-82AA-F6E1740F58C7}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.17763.1.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} | "{C948F4F9-1F21-4E5E-B4F4-2F9105B5710F}" = dir=in | name=@{microsoft.win32webviewhost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.win32webviewhost/resources/displayname} | "{CF0E3D16-D638-4F36-88FF-5A097E2F44CC}" = dir=in | name=@{microsoft.messaging_4.1810.2922.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} | "{D4AF8906-5ADD-4129-B0E7-4234EA364C0A}" = dir=in | name=@{microsoft.desktopappinstaller_1.0.30311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.desktopappinstaller/resources/appdisplayname} | "{DA54F6D4-AA2C-4AC4-A3CE-45D3CF5FD4FA}" = dir=in | name=minecraft for windows 10 | "{DAE8113A-8FFA-473A-BAD3-BF494C305465}" = dir=in | name=@{microsoft.zunevideo_10.19011.11311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{DBB6835E-99B5-4A66-92F5-9B3F11D4F549}" = dir=out | name=@{microsoft.windows.oobenetworkcaptiveportal_10.0.17763.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.windows.oobenetworkcaptiveportal/resources/appdisplayname} | "{E29AAC18-8328-4BB9-BB8B-16706CD3A0C8}" = dir=out | name=xbox game bar | "{E5426EF9-75C9-4B91-8474-85535E122E38}" = dir=in | name=@{microsoft.oneconnect_5.1901.311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnectstrings/oneconnect/appstorename} | "{E6B5FCDF-D174-4276-AB3C-82536E464255}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | "{E7069F7E-89D8-49F7-80B4-42075FA96970}" = protocol=58 | dir=out | [email protected],-503 | "{E7E9F01D-E15C-4935-901B-A4E1BB4074D6}" = dir=out | name=@{microsoft.messaging_4.1810.2922.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} | "{EBC6FCD9-8A43-416C-84C4-D7B6AD92133E}" = dir=in | name=@{microsoft.windows.cortana_1.11.5.17763_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} | "{EBEECCE2-AA47-46D1-963F-87BF06CC1BA4}" = dir=out | name=@{microsoft.windowsstore_11811.1001.18.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | "{EDF9C2CF-39D6-4F47-A820-92AAE3EC5F61}" = dir=in | name=@{microsoft.microsoftofficehub_17.10314.31700.1000_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} | "{EFBE0793-66FC-4D4F-9E44-8339061002C6}" = protocol=58 | dir=in | app=system | "{F0F4659D-121E-4516-9FFB-C1D449C7631B}" = dir=out | name=@{microsoft.people_10.1811.3343.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} | "{F2CC69FA-BE35-44AA-B0D8-28DF53EC19A2}" = dir=in | name=xbox | "{F2D204B4-4545-4693-A20E-9E8A4B2E3258}" = dir=out | name=@{microsoft.accountscontrol_10.0.17763.1_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} | "{F682D275-949A-426C-87B4-0DF628365EF7}" = dir=out | name=microsoft sticky notes | "{F6E02DF6-87A8-4BE1-9B1E-C4A4B082546C}" = dir=out | name=onenote | "{F80939CE-907E-47DA-863C-9591B2A576E9}" = dir=out | name=@{microsoft.zunemusic_10.19011.11311.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{FBB4AB0B-3A93-441E-90D7-885651F9E672}" = dir=out | name=print 3d | "{FFA3A02C-91E4-469E-B503-AF237CF130F5}" = protocol=17 | dir=in | app=c:\program files\avast software\avast\avemupdate.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0D3E9E15-DE7A-300B-96F1-B4AF12B96488}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23026 "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes version 3.7.1.2839 "{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-003D-0000-1000-0000000FF1CE}" = Microsoft Office Single Image 2010 "{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010 "{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010 "{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 "{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) "{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 "{AA1B5CB3-7646-3858-A35C-158DB3846A9F}" = Google Chrome "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 388.73 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer" = NVIDIA Display Container "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS" = NVIDIA Display Container LS "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog" = NVIDIA Display Watchdog Plugin "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer" = NVIDIA Display Session Container "{BC958BD2-5DAC-3862-BB1A-C1BE0790438D}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23026 "{FBC7499A-8DB8-49E5-937B-5D8A6A4BD024}" = Aurora HDR Express "Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) "Office14.SingleImage" = Microsoft Office Home and Business 2010 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 "{11D08055-939C-432b-98C3-E072478A0CD7}" = PSE10 STI Installer "{15e9f44d-22e8-4359-944b-d6ce32d3493a}" = Aurora HDR Express "{22D3A614-482C-444A-932C-9DA1B8ECDFD2}" = Elements 10 Organizer "{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper "{e46eca4f-393b-40df-9f49-076faf788d83}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 "{EE549AF9-8FAA-4584-83B2-ECF1BC9DC1FF}" = Adobe Photoshop Elements 10 "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Adobe Photoshop Elements 10" = Adobe Photoshop Elements 10 "Avast Business CloudCare" = Avast Business CloudCare "PortraitProStudioMaxv15_is1" = PortraitPro Studio Max v15.7 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "OneDriveSetup.exe" = Microsoft OneDrive ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 1/19/2019 11:09:10 AM | Computer Name = DESKTOP-10GNTI1 | Source = Application Hang | ID = 1002 Description = The program MicrosoftEdgeCP.exe version 11.0.17763.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 12c0 Start Time: 01d4b002533b8f7f Termination Time: 9 Application Path: C:\Windows\System32\MicrosoftEdgeCP.exe Report Id: 4ab05c9b-a5c4-4eaf-bfa9-0e6c47c40049 Faulting package full name: Microsoft.MicrosoftEdge_44.17763.1.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftEdge Hang type: Unknown Error - 1/19/2019 11:13:03 AM | Computer Name = DESKTOP-10GNTI1 | Source = Application Hang | ID = 1002 Description = The program MicrosoftEdgeCP.exe version 11.0.17763.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 218 Start Time: 01d4b008e8b9c094 Termination Time: 7 Application Path: C:\Windows\System32\MicrosoftEdgeCP.exe Report Id: f6bdd34a-7cdd-4e69-bcd6-2f439e24cd8f Faulting package full name: Microsoft.MicrosoftEdge_44.17763.1.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftEdge Hang type: Unknown Error - 1/21/2019 10:07:48 AM | Computer Name = DESKTOP-10GNTI1 | Source = Application Error | ID = 1000 Description = Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.17763.1, time stamp: 0x90f701bc Faulting module name: EdgeContent.dll, version: 11.0.17763.194, time stamp: 0x28d8a9b5 Exception code: 0xc0000409 Fault offset: 0x00000000000a9597 Faulting process id: 0x1a4 Faulting application start time: 0x01d4b13369c7441d Faulting application path: C:\Windows\System32\MicrosoftEdgeCP.exe Faulting module path: C:\Windows\System32\EdgeContent.dll Report Id: f69a261e-ac3e-49c8-96e2-03a6ce6df77c Faulting package full name: Microsoft.MicrosoftEdge_44.17763.1.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftEdge Error - 1/26/2019 7:48:43 PM | Computer Name = DESKTOP-10GNTI1 | Source = Application Hang | ID = 1002 Description = The program MicrosoftEdgeCP.exe version 11.0.17763.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 2f70 Start Time: 01d4b5cd14fa228a Termination Time: 11 Application Path: C:\Windows\System32\MicrosoftEdgeCP.exe Report Id: 15e33ccb-32f8-4ba5-b6ec-4aea7f547c85 Faulting package full name: Microsoft.MicrosoftEdge_44.17763.1.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftEdge Hang type: Unknown Error - 2/2/2019 8:30:45 PM | Computer Name = DESKTOP-10GNTI1 | Source = Application Error | ID = 1000 Description = Faulting application name: ClientManager.exe, version: 1.0.0.1, time stamp: 0x5c09dcd2 Faulting module name: ucrtbase.dll, version: 10.0.17763.1, time stamp: 0xc3ae1887 Exception code: 0xc0000409 Fault offset: 0x000a5d0b Faulting process id: 0xef8 Faulting application start time: 0x01d4b98111e8f2de Faulting application path: C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe Faulting module path: C:\WINDOWS\System32\ucrtbase.dll Report Id: 3c11ace9-14ed-4a81-af83-b22231b876ae Faulting package full name: ? Faulting package-relative application ID: ? Error - 2/3/2019 8:31:15 PM | Computer Name = DESKTOP-10GNTI1 | Source = Application Hang | ID = 1002 Description = The program MicrosoftEdgeCP.exe version 11.0.17763.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: e68 Start Time: 01d4ba9882f945a7 Termination Time: 25 Application Path: C:\Windows\System32\MicrosoftEdgeCP.exe Report Id: 8a77519a-c38e-4c4d-bbeb-512d7a42cb00 Faulting package full name: Microsoft.MicrosoftEdge_44.17763.1.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftEdge Hang type: Unknown Error - 2/14/2019 8:55:45 PM | Computer Name = DESKTOP-10GNTI1 | Source = Application Error | ID = 1000 Description = Faulting application name: ClientManager.exe, version: 1.0.0.1, time stamp: 0x5c09dcd2 Faulting module name: ucrtbase.dll, version: 10.0.17763.1, time stamp: 0xc3ae1887 Exception code: 0xc0000409 Fault offset: 0x000a5d0b Faulting process id: 0xee4 Faulting application start time: 0x01d4c3efb61c6a4f Faulting application path: C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe Faulting module path: C:\WINDOWS\System32\ucrtbase.dll Report Id: a9f3701c-880e-4224-9aa1-dde1792ef74a Faulting package full name: ? Faulting package-relative application ID: ? Error - 2/15/2019 8:56:37 AM | Computer Name = DESKTOP-10GNTI1 | Source = Application Error | ID = 1000 Description = Faulting application name: ClientManager.exe, version: 1.0.0.1, time stamp: 0x5c09dcd2 Faulting module name: ucrtbase.dll, version: 10.0.17763.1, time stamp: 0xc3ae1887 Exception code: 0xc0000409 Fault offset: 0x000a5d0b Faulting process id: 0x3344 Faulting application start time: 0x01d4c4c9320d3f80 Faulting application path: C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe Faulting module path: C:\WINDOWS\System32\ucrtbase.dll Report Id: 808d4016-3a02-47fd-a626-626646316c4e Faulting package full name: ? Faulting package-relative application ID: ? Error - 2/15/2019 4:33:43 PM | Computer Name = DESKTOP-10GNTI1 | Source = Application Error | ID = 1000 Description = Faulting application name: ClientManager.exe, version: 1.0.0.1, time stamp: 0x5c09dcd2 Faulting module name: ucrtbase.dll, version: 10.0.17763.1, time stamp: 0xc3ae1887 Exception code: 0xc0000409 Fault offset: 0x000a5d0b Faulting process id: 0x998 Faulting application start time: 0x01d4c52de4d8119e Faulting application path: C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe Faulting module path: C:\WINDOWS\System32\ucrtbase.dll Report Id: 8caee474-cba2-4b06-ba60-9ce95ea5538c Faulting package full name: ? Faulting package-relative application ID: ? Error - 2/19/2019 4:40:50 PM | Computer Name = DESKTOP-10GNTI1 | Source = SecurityCenter | ID = 17 Description = [ Parameters Events ] OTL encountered an error while reading this event log. It may be corrupt. [ State Events ] OTL encountered an error while reading this event log. It may be corrupt. Error - 2/19/2019 4:56:27 PM | Computer Name = DESKTOP-10GNTI1 | Source = DCOM | ID = 10010 Description = Error - 2/19/2019 4:56:28 PM | Computer Name = DESKTOP-10GNTI1 | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003 Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll Error - 2/19/2019 4:56:29 PM | Computer Name = DESKTOP-10GNTI1 | Source = DCOM | ID = 10005 Description = Error - 2/19/2019 4:56:29 PM | Computer Name = DESKTOP-10GNTI1 | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003 Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll Error - 2/19/2019 4:56:29 PM | Computer Name = DESKTOP-10GNTI1 | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10003 Description = WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll Error - 2/19/2019 4:57:14 PM | Computer Name = DESKTOP-10GNTI1 | Source = DCOM | ID = 10016 Description = Error - 2/19/2019 4:57:14 PM | Computer Name = DESKTOP-10GNTI1 | Source = DCOM | ID = 10016 Description = Error - 2/19/2019 4:57:16 PM | Computer Name = DESKTOP-10GNTI1 | Source = DCOM | ID = 10016 Description = Error - 2/19/2019 5:00:22 PM | Computer Name = DESKTOP-10GNTI1 | Source = Service Control Manager | ID = 7031 Description = The Avast Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. Error - 2/19/2019 6:33:23 PM | Computer Name = DESKTOP-10GNTI1 | Source = DCOM | ID = 10016 Description = < End of report > =============================== OTL Log OTL logfile created on: 2/19/2019 3:44:21 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Cammy\Desktop 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.17763.0) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 7.98 Gb Total Physical Memory | 4.09 Gb Available Physical Memory | 51.23% Memory free 10.36 Gb Paging File | 5.88 Gb Available in Paging File | 56.77% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465.22 Gb Total Space | 368.99 Gb Free Space | 79.31% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: DESKTOP-10GNTI1 | User Name: Cammy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found -- PRC - [2019/02/19 15:33:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cammy\Desktop\OTL.com PRC - [2019/02/07 09:08:05 | 001,506,616 | ---- | M] (Microsoft Corporation) -- C:\Users\Cammy\AppData\Local\Microsoft\OneDrive\OneDrive.exe PRC - [2019/02/01 09:55:58 | 003,951,008 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe PRC - [2019/01/24 09:24:16 | 002,797,784 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\bccavsvc.exe PRC - [2019/01/20 11:24:57 | 001,073,672 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\bcc.exe PRC - [2019/01/20 11:24:56 | 011,200,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2018/12/19 11:37:45 | 000,292,648 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe PRC - [2018/12/06 19:37:42 | 000,490,800 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AVAST Software\Business Agent\ContentFilter.exe PRC - [2018/12/06 19:37:40 | 000,812,344 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe PRC - [2018/12/06 19:37:40 | 000,593,104 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AVAST Software\Business Agent\AvastAvWrapper.exe PRC - [2018/12/06 19:37:40 | 000,587,920 | ---- | M] (AVAST Software) -- C:\Program Files (x86)\AVAST Software\Business Agent\AvastTrayApp.exe PRC - [2018/09/15 00:29:08 | 000,660,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\fontdrvhost.exe PRC - [2017/12/18 20:24:13 | 000,463,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe PRC - [2011/09/01 01:22:18 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe ========== Modules (No Company Name) ========== MOD - [2018/12/19 10:19:59 | 000,596,696 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\streamback.dll MOD - [2018/12/06 19:37:52 | 000,070,528 | ---- | M] () -- C:\Program Files (x86)\AVAST Software\Business Agent\ZlibStream.dll MOD - [2018/11/20 10:59:59 | 067,126,928 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll ========== Services (SafeList) ========== SRV:64bit: - [2019/02/13 05:51:38 | 001,387,520 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\bcastdvruserservice.dll -- (BcastDVRUserService) SRV:64bit: - [2019/02/13 05:51:38 | 000,913,920 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Microsoft.Graphics.Display.DisplayEnhancementService.dll -- (DisplayEnhancementService) SRV:64bit: - [2019/02/13 05:51:27 | 000,577,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:64bit: - [2019/02/13 05:51:26 | 000,556,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\BTAGService.dll -- (BTAGService) SRV:64bit: - [2019/02/13 05:51:26 | 000,433,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService) SRV:64bit: - [2019/02/13 05:51:25 | 001,462,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TokenBroker.dll -- (TokenBroker) SRV:64bit: - [2019/02/13 05:51:25 | 000,864,056 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SecurityHealthService.exe -- (SecurityHealthService) SRV:64bit: - [2019/02/13 05:51:24 | 003,386,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc) SRV:64bit: - [2019/02/13 05:51:22 | 000,744,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:64bit: - [2019/02/13 05:51:21 | 003,556,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack) SRV:64bit: - [2019/02/13 05:51:20 | 004,991,096 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository) SRV:64bit: - [2019/02/01 11:19:44 | 006,562,472 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService) SRV:64bit: - [2019/01/24 09:24:16 | 002,797,784 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\bccavsvc.exe -- (Avast Business Console Client Antivirus Service) SRV:64bit: - [2019/01/20 11:24:57 | 001,073,672 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\bcc.exe -- (aswBcc) SRV:64bit: - [2019/01/09 07:24:57 | 000,155,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc) SRV:64bit: - [2018/12/28 09:30:32 | 000,701,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer) SRV:64bit: - [2018/12/28 09:30:29 | 000,359,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dusmsvc.dll -- (DusmSvc) SRV:64bit: - [2018/12/28 09:30:24 | 000,949,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc) SRV:64bit: - [2018/12/28 09:30:21 | 000,889,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc) SRV:64bit: - [2018/12/28 09:30:18 | 000,241,664 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\psmsrv.dll -- (BrokerInfrastructure) SRV:64bit: - [2018/12/28 09:30:17 | 000,246,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc) SRV:64bit: - [2018/12/28 09:30:16 | 002,185,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:64bit: - [2018/12/28 09:30:16 | 000,514,048 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc) SRV:64bit: - [2018/12/28 09:30:15 | 000,273,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:64bit: - [2018/12/28 09:30:10 | 000,918,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar) SRV:64bit: - [2018/12/28 09:30:10 | 000,310,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss) SRV:64bit: - [2018/12/28 09:30:10 | 000,310,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv) SRV:64bit: - [2018/12/28 09:30:10 | 000,300,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession) SRV:64bit: - [2018/12/28 09:30:10 | 000,300,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:64bit: - [2018/12/28 09:30:10 | 000,300,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:64bit: - [2018/12/28 09:30:10 | 000,300,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:64bit: - [2018/12/28 09:30:10 | 000,300,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:64bit: - [2018/12/28 09:30:10 | 000,300,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface) SRV:64bit: - [2018/12/19 10:19:59 | 000,057,504 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\AVAST Software\Avast\wsc_proxy.exe -- (AvastWscReporter) SRV:64bit: - [2018/12/19 10:19:58 | 000,324,000 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2018/12/19 10:19:57 | 008,188,768 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe -- (aswbIDSAgent) SRV:64bit: - [2018/09/15 02:09:47 | 000,384,512 | ---- | M] () [Disabled | Stopped] -- C:\Windows\SysNative\OpenSSH\ssh-agent.exe -- (ssh-agent) SRV:64bit: - [2018/09/15 00:29:46 | 000,676,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness) SRV:64bit: - [2018/09/15 00:29:46 | 000,658,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo) SRV:64bit: - [2018/09/15 00:29:46 | 000,456,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Windows.Devices.Picker.dll -- (DevicePickerUserSvc) SRV:64bit: - [2018/09/15 00:29:46 | 000,431,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService) SRV:64bit: - [2018/09/15 00:29:25 | 001,332,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lpasvc.dll -- (wlpasvc) SRV:64bit: - [2018/09/15 00:29:24 | 002,176,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc) SRV:64bit: - [2018/09/15 00:29:24 | 000,982,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Spectrum.exe -- (spectrum) SRV:64bit: - [2018/09/15 00:29:24 | 000,642,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SharedRealitySvc.dll -- (SharedRealitySvc) SRV:64bit: - [2018/09/15 00:29:24 | 000,584,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter) SRV:64bit: - [2018/09/15 00:29:24 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvc.dll -- (diagsvc) SRV:64bit: - [2018/09/15 00:29:24 | 000,120,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:64bit: - [2018/09/15 00:29:24 | 000,089,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:64bit: - [2018/09/15 00:29:23 | 000,310,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService) SRV:64bit: - [2018/09/15 00:29:23 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:64bit: - [2018/09/15 00:29:16 | 000,961,024 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CBDHSvc.dll -- (cbdhsvc) SRV:64bit: - [2018/09/15 00:29:16 | 000,083,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:64bit: - [2018/09/15 00:29:14 | 000,157,696 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\ConsentUxClient.dll -- (ConsentUxUserSvc) SRV:64bit: - [2018/09/15 00:29:14 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC) SRV:64bit: - [2018/09/15 00:29:14 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost) SRV:64bit: - [2018/09/15 00:29:13 | 001,228,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc) SRV:64bit: - [2018/09/15 00:29:13 | 000,254,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SgrmBroker.exe -- (SgrmBroker) SRV:64bit: - [2018/09/15 00:29:13 | 000,078,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PerceptionSimulation\PerceptionSimulationService.exe -- (perceptionsimulation) SRV:64bit: - [2018/09/15 00:29:13 | 000,061,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost) SRV:64bit: - [2018/09/15 00:28:59 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum) SRV:64bit: - [2018/09/15 00:28:58 | 001,269,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService) SRV:64bit: - [2018/09/15 00:28:57 | 000,156,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc) SRV:64bit: - [2018/09/15 00:28:56 | 000,177,152 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PrintWorkflowService.dll -- (PrintWorkflowUserSvc) SRV:64bit: - [2018/09/15 00:28:51 | 000,169,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:64bit: - [2018/09/15 00:28:51 | 000,058,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice) SRV:64bit: - [2018/09/15 00:28:50 | 000,079,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:64bit: - [2018/09/15 00:28:47 | 001,255,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager) SRV:64bit: - [2018/09/15 00:28:46 | 000,864,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:64bit: - [2018/09/15 00:28:46 | 000,092,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service) SRV:64bit: - [2018/09/15 00:28:45 | 000,332,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc) SRV:64bit: - [2018/09/15 00:28:45 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:64bit: - [2018/09/15 00:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_27375) SRV:64bit: - [2018/09/15 00:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_27375) SRV:64bit: - [2018/09/15 00:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_27375) SRV:64bit: - [2018/09/15 00:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (PrintWorkflowUserSvc_27375) SRV:64bit: - [2018/09/15 00:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_27375) SRV:64bit: - [2018/09/15 00:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_27375) SRV:64bit: - [2018/09/15 00:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_27375) SRV:64bit: - [2018/09/15 00:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicesFlowUserSvc_27375) SRV:64bit: - [2018/09/15 00:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (DevicePickerUserSvc_27375) SRV:64bit: - [2018/09/15 00:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (ConsentUxUserSvc_27375) SRV:64bit: - [2018/09/15 00:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_27375) SRV:64bit: - [2018/09/15 00:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (cbdhsvc_27375) SRV:64bit: - [2018/09/15 00:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (CaptureService_27375) SRV:64bit: - [2018/09/15 00:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BluetoothUserService_27375) SRV:64bit: - [2018/09/15 00:28:45 | 000,051,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (BcastDVRUserService_27375) SRV:64bit: - [2018/09/15 00:28:44 | 000,658,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:64bit: - [2018/09/15 00:28:42 | 000,122,880 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\CaptureService.dll -- (CaptureService) SRV:64bit: - [2018/09/15 00:28:41 | 000,745,472 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\DevicesFlowBroker.dll -- (DevicesFlowUserSvc) SRV:64bit: - [2018/09/15 00:28:41 | 000,223,744 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc) SRV:64bit: - [2018/09/15 00:28:39 | 000,883,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc) SRV:64bit: - [2018/09/15 00:28:38 | 000,381,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\BthAvctpSvc.dll -- (BthAvctpSvc) SRV:64bit: - [2018/09/15 00:28:36 | 001,671,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\InstallService.dll -- (InstallService) SRV:64bit: - [2018/09/15 00:28:36 | 001,540,608 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc) SRV:64bit: - [2018/09/15 00:28:36 | 000,782,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc) SRV:64bit: - [2018/09/15 00:28:36 | 000,623,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc) SRV:64bit: - [2018/09/15 00:28:36 | 000,506,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc) SRV:64bit: - [2018/09/15 00:28:36 | 000,475,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:64bit: - [2018/09/15 00:28:36 | 000,437,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WaaSMedicSvc.dll -- (WaaSMedicSvc) SRV:64bit: - [2018/09/15 00:28:36 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:64bit: - [2018/09/15 00:28:36 | 000,255,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService) SRV:64bit: - [2018/09/15 00:28:36 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService) SRV:64bit: - [2018/09/15 00:28:36 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc) SRV:64bit: - [2018/09/15 00:28:34 | 001,247,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SEMgrSvc.dll -- (SEMgrSvc) SRV:64bit: - [2018/09/15 00:28:34 | 001,160,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc) SRV:64bit: - [2018/09/15 00:28:34 | 000,374,784 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService) SRV:64bit: - [2018/09/15 00:28:34 | 000,270,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PushToInstall.dll -- (PushToInstall) SRV:64bit: - [2018/09/15 00:28:34 | 000,188,416 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc) SRV:64bit: - [2018/09/15 00:28:34 | 000,091,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker) SRV:64bit: - [2018/09/15 00:28:34 | 000,049,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager) SRV:64bit: - [2018/09/15 00:28:32 | 001,566,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc) SRV:64bit: - [2018/09/15 00:28:32 | 000,093,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GraphicsPerfSvc.dll -- (GraphicsPerfSvc) SRV:64bit: - [2018/09/15 00:28:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.WARP.JITService.dll -- (WarpJITSvc) SRV:64bit: - [2018/09/15 00:28:30 | 000,871,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC) SRV:64bit: - [2018/09/15 00:28:30 | 000,645,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc) SRV:64bit: - [2018/09/15 00:28:30 | 000,291,840 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\CapabilityAccessManager.dll -- (camsvc) SRV:64bit: - [2018/09/15 00:28:30 | 000,240,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:64bit: - [2018/09/15 00:28:30 | 000,168,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode) SRV:64bit: - [2018/09/15 00:28:30 | 000,098,304 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate) SRV:64bit: - [2018/09/15 00:28:30 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter) SRV:64bit: - [2018/09/15 00:28:29 | 000,174,592 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc) SRV:64bit: - [2018/09/15 00:28:26 | 000,833,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NaturalAuth.dll -- (NaturalAuthentication) SRV:64bit: - [2018/09/15 00:28:26 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker) SRV:64bit: - [2018/09/15 00:28:25 | 001,008,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:64bit: - [2018/09/15 00:28:25 | 000,370,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Management.Service.dll -- (WManSvc) SRV:64bit: - [2018/09/15 00:28:24 | 000,715,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WFDSConMgrSvc.dll -- (WFDSConMgrSvc) SRV:64bit: - [2018/09/15 00:28:23 | 001,422,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WpcDesktopMonSvc.dll -- (WpcMonSvc) SRV:64bit: - [2018/09/15 00:28:22 | 001,049,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager) SRV:64bit: - [2018/09/15 00:28:22 | 000,889,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc) SRV:64bit: - [2018/09/15 00:28:22 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Microsoft.Bluetooth.UserService.dll -- (BluetoothUserService) SRV:64bit: - [2018/09/15 00:28:22 | 000,418,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vac.dll -- (VacSvc) SRV:64bit: - [2018/09/15 00:28:22 | 000,312,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\LanguageOverlayServer.dll -- (LxpSvc) SRV:64bit: - [2018/09/15 00:28:20 | 001,265,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave) SRV:64bit: - [2018/09/15 00:28:20 | 000,072,704 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\xboxgipsvc.dll -- (XboxGipSvc) SRV:64bit: - [2018/09/15 00:28:20 | 000,064,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipxlatcfg.dll -- (IpxlatCfgSvc) SRV:64bit: - [2018/09/15 00:28:20 | 000,055,296 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService) SRV:64bit: - [2018/09/15 00:28:16 | 003,534,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:64bit: - [2018/09/14 10:57:00 | 000,329,728 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc) SRV:64bit: - [2017/12/18 20:24:13 | 000,463,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -- (NVDisplay.ContainerLocalSystem) SRV - [2019/02/13 05:51:35 | 005,205,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository) SRV - [2019/02/13 05:51:34 | 001,254,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\TokenBroker.dll -- (TokenBroker) SRV - [2019/02/12 22:13:58 | 001,271,280 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.109\elevation_service.exe -- (GoogleChromeElevationService) SRV - [2019/01/09 07:24:59 | 000,139,776 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\PrintWorkflowService.dll -- (PrintWorkflowUserSvc) SRV - [2018/12/28 09:30:28 | 000,663,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc) SRV - [2018/12/28 09:30:10 | 000,582,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar) SRV - [2018/12/06 19:37:42 | 000,490,800 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files (x86)\AVAST Software\Business Agent\ContentFilter.exe -- (ContentFilter) SRV - [2018/12/06 19:37:40 | 000,812,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files (x86)\AVAST Software\Business Agent\ClientManager.exe -- (ClientManager) SRV - [2018/12/06 19:37:40 | 000,593,104 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files (x86)\AVAST Software\Business Agent\AvastAvWrapper.exe -- (AvastAvWrapper) SRV - [2018/10/23 08:54:51 | 003,917,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\NisSrv.exe -- (WdNisSvc) SRV - [2018/10/23 08:54:51 | 000,114,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe -- (WinDefend) SRV - [2018/09/15 00:29:46 | 000,330,752 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Windows.Devices.Picker.dll -- (DevicePickerUserSvc) SRV - [2018/09/15 00:29:26 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost) SRV - [2018/09/15 00:29:05 | 000,956,416 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc) SRV - [2018/09/15 00:29:03 | 001,249,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\InstallService.dll -- (InstallService) SRV - [2018/09/15 00:29:03 | 000,073,728 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\tzautoupdate.dll -- (tzautoupdate) SRV - [2018/09/15 00:29:00 | 000,730,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\FlightSettings.dll -- (wisvc) SRV - [2018/09/15 00:28:16 | 003,534,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2011/09/01 01:22:18 | 000,169,624 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor10.0) ========== Driver Services (SafeList) ========== DRV:64bit: - [2019/02/19 14:02:38 | 000,072,864 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtection) DRV:64bit: - [2019/02/19 14:02:35 | 000,127,136 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\farflt.sys -- (MBAMFarflt) DRV:64bit: - [2019/02/19 14:02:35 | 000,114,040 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebProtection) DRV:64bit: - [2019/02/19 14:02:34 | 000,198,512 | ---- | M] (Malwarebytes) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\MbamChameleon.sys -- (MBAMChameleon) DRV:64bit: - [2019/02/19 14:02:27 | 000,274,416 | ---- | M] (Malwarebytes) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV:64bit: - [2019/02/13 05:51:30 | 000,982,032 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1) DRV:64bit: - [2019/02/13 05:51:29 | 001,969,680 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS) DRV:64bit: - [2019/02/13 05:51:26 | 000,074,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT) DRV:64bit: - [2019/02/13 05:51:25 | 000,097,592 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam) DRV:64bit: - [2019/02/13 05:51:22 | 000,157,192 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc) DRV:64bit: - [2019/02/13 05:51:19 | 000,651,792 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport) DRV:64bit: - [2019/02/13 05:51:19 | 000,298,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2019/02/13 05:51:19 | 000,132,104 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme) DRV:64bit: - [2019/02/13 05:51:19 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum) DRV:64bit: - [2019/02/13 05:51:19 | 000,080,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci) DRV:64bit: - [2019/02/01 11:20:22 | 000,020,936 | ---- | M] (Malwarebytes) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MbamElam.sys -- (MbamElam) DRV:64bit: - [2019/01/20 11:24:57 | 000,163,416 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2019/01/08 15:32:04 | 000,153,328 | ---- | M] (Malwarebytes) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mbae64.sys -- (ESProtectionDriver) DRV:64bit: - [2018/12/28 09:30:17 | 000,175,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101) DRV:64bit: - [2018/12/28 09:30:11 | 000,102,392 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bindflt.sys -- (bindflt) DRV:64bit: - [2018/12/28 09:30:11 | 000,087,552 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs) DRV:64bit: - [2018/12/28 09:30:11 | 000,051,712 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS) DRV:64bit: - [2018/12/28 09:30:10 | 000,095,544 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt) DRV:64bit: - [2018/12/28 09:30:10 | 000,055,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate) DRV:64bit: - [2018/12/28 09:30:09 | 000,519,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid) DRV:64bit: - [2018/12/28 09:30:09 | 000,164,344 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci) DRV:64bit: - [2018/12/19 10:20:03 | 000,208,472 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm) DRV:64bit: - [2018/12/19 10:20:02 | 000,469,272 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2018/12/19 10:20:02 | 000,380,464 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:64bit: - [2018/12/19 10:20:02 | 000,201,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswArPot.sys -- (aswArPot) DRV:64bit: - [2018/12/19 10:20:02 | 000,111,800 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2018/12/19 10:20:02 | 000,087,432 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:64bit: - [2018/12/19 10:20:02 | 000,046,384 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid) DRV:64bit: - [2018/12/19 10:19:59 | 000,042,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd) DRV:64bit: - [2018/12/19 10:19:57 | 001,028,680 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2018/12/19 10:19:56 | 000,346,592 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbloga.sys -- (aswblog) DRV:64bit: - [2018/12/19 10:19:56 | 000,230,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys -- (aswbidsdriver) DRV:64bit: - [2018/12/19 10:19:56 | 000,201,768 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbidsha.sys -- (aswbidsh) DRV:64bit: - [2018/12/19 10:19:56 | 000,059,496 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbuniva.sys -- (aswbuniv) DRV:64bit: - [2018/12/06 19:31:56 | 000,252,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgwfpsa.sys -- (Avgwfpsa) DRV:64bit: - [2018/11/20 10:59:15 | 000,015,360 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswElam.sys -- (aswElam) DRV:64bit: - [2018/10/23 08:54:51 | 000,328,696 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdFilter.sys -- (WdFilter) DRV:64bit: - [2018/10/23 08:54:51 | 000,060,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdNisDrv.sys -- (WdNisDrv) DRV:64bit: - [2018/10/23 08:54:51 | 000,046,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wd\WdBoot.sys -- (WdBoot) DRV:64bit: - [2018/09/15 02:11:00 | 000,030,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:64bit: - [2018/09/15 02:10:59 | 000,073,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys -- (SpatialGraphFilter) DRV:64bit: - [2018/09/15 00:29:25 | 000,290,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MbbCx.sys -- (MbbCx) DRV:64bit: - [2018/09/15 00:29:24 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda) DRV:64bit: - [2018/09/15 00:29:24 | 000,085,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PktMon.sys -- (PktMon) DRV:64bit: - [2018/09/15 00:29:21 | 000,031,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2018/09/15 00:29:16 | 000,090,936 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass) DRV:64bit: - [2018/09/15 00:29:13 | 000,132,096 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu) DRV:64bit: - [2018/09/15 00:29:13 | 000,087,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SgrmAgent.sys -- (SgrmAgent) DRV:64bit: - [2018/09/15 00:29:13 | 000,080,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice) DRV:64bit: - [2018/09/15 00:28:56 | 000,134,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:64bit: - [2018/09/15 00:28:56 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp) DRV:64bit: - [2018/09/15 00:28:56 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus) DRV:64bit: - [2018/09/15 00:28:55 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afunix.sys -- (afunix) DRV:64bit: - [2018/09/15 00:28:52 | 000,288,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache) DRV:64bit: - [2018/09/15 00:28:46 | 000,405,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS) DRV:64bit: - [2018/09/15 00:28:46 | 000,237,056 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt) DRV:64bit: - [2018/09/15 00:28:46 | 000,184,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx) DRV:64bit: - [2018/09/15 00:28:46 | 000,156,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\winquic.sys -- (WinQuic) DRV:64bit: - [2018/09/15 00:28:46 | 000,035,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2018/09/15 00:28:44 | 000,452,096 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\cldflt.sys -- (CldFlt) DRV:64bit: - [2018/09/15 00:28:42 | 000,224,056 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof) DRV:64bit: - [2018/09/15 00:28:42 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr) DRV:64bit: - [2018/09/15 00:28:39 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdmCompanionFilter.sys -- (WdmCompanionFilter) DRV:64bit: - [2018/09/15 00:28:38 | 000,292,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000) DRV:64bit: - [2018/09/15 00:28:38 | 000,169,784 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs) DRV:64bit: - [2018/09/15 00:28:38 | 000,162,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101) DRV:64bit: - [2018/09/15 00:28:38 | 000,156,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2) DRV:64bit: - [2018/09/15 00:28:38 | 000,146,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101) DRV:64bit: - [2018/09/15 00:28:38 | 000,099,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiCx.sys -- (UcmUcsiCx0101) DRV:64bit: - [2018/09/15 00:28:38 | 000,076,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx) DRV:64bit: - [2018/09/15 00:28:38 | 000,068,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000) DRV:64bit: - [2018/09/15 00:28:38 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd) DRV:64bit: - [2018/09/15 00:28:38 | 000,040,248 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist) DRV:64bit: - [2018/09/15 00:28:38 | 000,027,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshwnclx.sys -- (HwNClx0101) DRV:64bit: - [2018/09/15 00:28:38 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf) DRV:64bit: - [2018/09/15 00:28:36 | 000,179,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS) DRV:64bit: - [2018/09/15 00:28:36 | 000,082,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx) DRV:64bit: - [2018/09/15 00:28:36 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv) DRV:64bit: - [2018/09/15 00:28:29 | 000,063,288 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bam.sys -- (bam) DRV:64bit: - [2018/09/15 00:28:26 | 000,806,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi) DRV:64bit: - [2018/09/15 00:28:22 | 000,240,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winnat.sys -- (WinNat) DRV:64bit: - [2018/09/15 00:28:22 | 000,236,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000) DRV:64bit: - [2018/09/15 00:28:22 | 000,132,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex) DRV:64bit: - [2018/09/15 00:28:22 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2018/09/15 00:28:22 | 000,060,416 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt) DRV:64bit: - [2018/09/15 00:28:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx) DRV:64bit: - [2018/09/15 00:28:22 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipt.sys -- (IPT) DRV:64bit: - [2018/09/15 00:28:22 | 000,041,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ramdisk.sys -- (Ramdisk) DRV:64bit: - [2018/09/15 00:28:22 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv) DRV:64bit: - [2018/09/15 00:28:19 | 000,586,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3) DRV:64bit: - [2018/09/15 00:28:19 | 000,467,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI) DRV:64bit: - [2018/09/15 00:28:19 | 000,248,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM) DRV:64bit: - [2018/09/15 00:28:19 | 000,234,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc) DRV:64bit: - [2018/09/15 00:28:19 | 000,147,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys) DRV:64bit: - [2018/09/15 00:28:19 | 000,102,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor) DRV:64bit: - [2018/09/15 00:28:19 | 000,099,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea) DRV:64bit: - [2018/09/15 00:28:19 | 000,090,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys -- (BthLEEnum) DRV:64bit: - [2018/09/15 00:28:19 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV:64bit: - [2018/09/15 00:28:19 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi) DRV:64bit: - [2018/09/15 00:28:19 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidspi.sys -- (hidspi) DRV:64bit: - [2018/09/15 00:28:19 | 000,057,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2018/09/15 00:28:19 | 000,053,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.AvrcpTransport.sys -- (Microsoft_Bluetooth_AvrcpTransport) DRV:64bit: - [2018/09/15 00:28:19 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c) DRV:64bit: - [2018/09/15 00:28:19 | 000,051,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt) DRV:64bit: - [2018/09/15 00:28:19 | 000,051,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32) DRV:64bit: - [2018/09/15 00:28:19 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter) DRV:64bit: - [2018/09/15 00:28:19 | 000,038,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2018/09/15 00:28:19 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthMini.SYS -- (BthMini) DRV:64bit: - [2018/09/15 00:28:19 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\hvcrash.sys -- (hvcrash) DRV:64bit: - [2018/09/15 00:28:19 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo) DRV:64bit: - [2018/09/15 00:28:19 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsiAcpiClient.sys -- (UcmUcsiAcpiClient) DRV:64bit: - [2018/09/15 00:28:19 | 000,028,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea) DRV:64bit: - [2018/09/15 00:28:19 | 000,027,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys) DRV:64bit: - [2018/09/15 00:28:19 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig) DRV:64bit: - [2018/09/15 00:28:19 | 000,025,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd) DRV:64bit: - [2018/09/15 00:28:19 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic) DRV:64bit: - [2018/09/15 00:28:19 | 000,021,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter) DRV:64bit: - [2018/09/15 00:28:19 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn) DRV:64bit: - [2018/09/15 00:28:19 | 000,018,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid) DRV:64bit: - [2018/09/15 00:28:19 | 000,017,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy) DRV:64bit: - [2018/09/15 00:28:18 | 001,866,768 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd) DRV:64bit: - [2018/09/15 00:28:18 | 001,150,496 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus) DRV:64bit: - [2018/09/15 00:28:18 | 000,885,048 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAVC.sys -- (iaStorAVC) DRV:64bit: - [2018/09/15 00:28:18 | 000,605,696 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64) DRV:64bit: - [2018/09/15 00:28:18 | 000,566,800 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus) DRV:64bit: - [2018/09/15 00:28:18 | 000,515,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbhost.sys -- (mausbhost) DRV:64bit: - [2018/09/15 00:28:18 | 000,319,488 | ---- | M] (Chelsio Communications) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi) DRV:64bit: - [2018/09/15 00:28:18 | 000,305,464 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:64bit: - [2018/09/15 00:28:18 | 000,219,960 | ---- | M] (Microsemi Corportation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\SmartSAMD.sys -- (SmartSAMD) DRV:64bit: - [2018/09/15 00:28:18 | 000,153,616 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr) DRV:64bit: - [2018/09/15 00:28:18 | 000,148,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvdimm.sys -- (nvdimm) DRV:64bit: - [2018/09/15 00:28:18 | 000,135,168 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus) DRV:64bit: - [2018/09/15 00:28:18 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pmem.sys -- (pmem) DRV:64bit: - [2018/09/15 00:28:18 | 000,084,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor) DRV:64bit: - [2018/09/15 00:28:18 | 000,077,856 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs) DRV:64bit: - [2018/09/15 00:28:18 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2018/09/15 00:28:18 | 000,068,608 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i) DRV:64bit: - [2018/09/15 00:28:18 | 000,068,096 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys -- (BasicDisplay) DRV:64bit: - [2018/09/15 00:28:18 | 000,063,800 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis) DRV:64bit: - [2018/09/15 00:28:18 | 000,058,880 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i) DRV:64bit: - [2018/09/15 00:28:18 | 000,058,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mausbip.sys -- (mausbip) DRV:64bit: - [2018/09/15 00:28:18 | 000,051,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs) DRV:64bit: - [2018/09/15 00:28:18 | 000,042,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bttflt.sys -- (bttflt) DRV:64bit: - [2018/09/15 00:28:18 | 000,037,688 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad) DRV:64bit: - [2018/09/15 00:28:18 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf) DRV:64bit: - [2018/09/15 00:28:18 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys -- (BasicRender) DRV:64bit: - [2018/09/15 00:28:18 | 000,031,032 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2018/09/15 00:28:18 | 000,030,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI) DRV:64bit: - [2018/09/15 00:28:18 | 000,016,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume) DRV:64bit: - [2018/09/15 00:28:18 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime) DRV:64bit: - [2018/09/15 00:28:18 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr) DRV:64bit: - [2018/09/15 00:28:17 | 003,419,152 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2018/09/15 00:28:17 | 001,135,616 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX) DRV:64bit: - [2018/09/15 00:28:17 | 000,533,816 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2018/09/15 00:28:17 | 000,259,384 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2018/09/15 00:28:17 | 000,254,952 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep) DRV:64bit: - [2018/09/15 00:28:17 | 000,148,480 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\ItSas35i.sys -- (ItSas35i) DRV:64bit: - [2018/09/15 00:28:17 | 000,128,512 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i) DRV:64bit: - [2018/09/15 00:28:17 | 000,125,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg) DRV:64bit: - [2018/09/15 00:28:17 | 000,124,416 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i) DRV:64bit: - [2018/09/15 00:28:17 | 000,108,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rhproxy.sys -- (rhproxy) DRV:64bit: - [2018/09/15 00:28:17 | 000,107,520 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware) DRV:64bit: - [2018/09/15 00:28:17 | 000,083,456 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2018/09/15 00:28:17 | 000,082,944 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS) DRV:64bit: - [2018/09/15 00:28:17 | 000,079,872 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\megasas35i.sys -- (megasas35i) DRV:64bit: - [2018/09/15 00:28:17 | 000,075,264 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i) DRV:64bit: - [2018/09/15 00:28:17 | 000,064,312 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2018/09/15 00:28:17 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO) DRV:64bit: - [2018/09/15 00:28:17 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2018/09/15 00:28:17 | 000,033,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SDFRd.sys -- (SDFRd) DRV:64bit: - [2018/09/15 00:28:17 | 000,027,136 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2018/09/15 00:28:17 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev) DRV:64bit: - [2018/09/15 00:28:17 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_31f554b660026323\swenum.sys -- (swenum) DRV:64bit: - [2018/09/15 00:28:17 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pnpmem.sys -- (PNPMEM) DRV:64bit: - [2018/09/15 00:28:17 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2) DRV:64bit: - [2018/09/15 00:28:15 | 000,317,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip) DRV:64bit: - [2018/09/15 00:28:15 | 000,180,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_CNL.sys -- (iaLPSS2i_I2C_CNL) DRV:64bit: - [2018/09/15 00:28:15 | 000,177,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_GLK.sys -- (iaLPSS2i_I2C_GLK) DRV:64bit: - [2018/09/15 00:28:15 | 000,175,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys -- (iaLPSS2i_I2C_BXT_P) DRV:64bit: - [2018/09/15 00:28:15 | 000,171,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C) DRV:64bit: - [2018/09/15 00:28:15 | 000,119,608 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:64bit: - [2018/09/15 00:28:15 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C) DRV:64bit: - [2018/09/15 00:28:15 | 000,112,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_CNL.sys -- (iaLPSS2i_GPIO2_CNL) DRV:64bit: - [2018/09/15 00:28:15 | 000,096,256 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_GLK.sys -- (iaLPSS2i_GPIO2_GLK) DRV:64bit: - [2018/09/15 00:28:15 | 000,093,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys -- (iaLPSS2i_GPIO2_BXT_P) DRV:64bit: - [2018/09/15 00:28:15 | 000,091,136 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c) DRV:64bit: - [2018/09/15 00:28:15 | 000,079,360 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2) DRV:64bit: - [2018/09/15 00:28:15 | 000,063,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CAD.sys -- (CAD) DRV:64bit: - [2018/09/15 00:28:15 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid) DRV:64bit: - [2018/09/15 00:28:15 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_e4d35af746093dc3\CompositeBus.sys -- (CompositeBus) DRV:64bit: - [2018/09/15 00:28:15 | 000,036,352 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio) DRV:64bit: - [2018/04/26 13:06:58 | 000,035,560 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppleLowerFilter.sys -- (AppleLowerFilter) DRV:64bit: - [2018/04/26 13:06:58 | 000,020,640 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AppleKmdfFilter.sys -- (AppleKmdfFilter) DRV:64bit: - [2018/02/01 13:14:12 | 017,036,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\nvhdc.inf_amd64_2707c70d42c54b4e\nvlddmkm.sys -- (nvlddmkm) DRV:64bit: - [2018/02/01 13:13:06 | 000,235,432 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2016/01/19 22:50:38 | 000,202,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64) DRV:64bit: - [2015/12/09 14:19:58 | 000,095,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) DRV:64bit: - [2010/03/23 02:39:20 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2010/03/19 02:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV - [2018/09/15 00:29:12 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\afunix.sys -- (afunix) DRV - [2018/09/15 00:28:18 | 000,068,096 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys -- (BasicDisplay) DRV - [2018/09/15 00:28:18 | 000,037,376 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys -- (BasicRender) DRV - [2018/09/15 00:28:17 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_31f554b660026323\swenum.sys -- (swenum) DRV - [2018/09/15 00:28:15 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_e4d35af746093dc3\CompositeBus.sys -- (CompositeBus) DRV - [2018/02/01 13:14:12 | 017,036,560 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\nvhdc.inf_amd64_2707c70d42c54b4e\nvlddmkm.sys -- (nvlddmkm) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.bing.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 11 5A FB A5 F6 87 D4 01 [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 19 00 00 00 AB 7F 23 16 AA FF D2 DA 0E B9 B7 CF 3B 3F B6 45 BD 9C 94 8B 08 9A 4E A9 7E 02 00 00 00 0E 00 00 00 65 34 6E 4F 41 32 39 76 78 46 59 25 33 64 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll (Google Inc.) ========== Chrome ========== CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\ CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\ CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\ CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\ CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\ CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\ CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\ CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\ CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\ CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\ O1 HOSTS File: ([2019/02/04 10:03:07 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software) O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Windows\SysNative\SecurityHealthSystray.exe (Microsoft Corporation) O4 - HKLM..\Run: [Avast Business CloudCare] C:\Program Files (x86)\AVAST Software\Business Agent\AvastTrayApp.exe (AVAST Software) O4 - HKCU..\Run: [OneDrive] C:\Users\Cammy\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0489d0a9-603d-4d8b-8f0d-f9de7357e1b3}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2019/02/19 15:42:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Cammy\Desktop\OTL.com [2019/02/19 14:02:38 | 000,072,864 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys [2019/02/19 14:02:35 | 000,127,136 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys [2019/02/19 14:02:35 | 000,114,040 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys [2019/02/19 14:02:34 | 000,198,512 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys [2019/02/19 14:02:27 | 000,274,416 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamswissarmy.sys [2019/02/19 14:02:25 | 000,020,936 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamElam.sys [2019/02/19 14:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes [2019/02/19 14:02:22 | 000,153,328 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbae64.sys [2019/02/19 13:49:45 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2019/02/19 13:12:04 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp [2019/02/19 12:51:22 | 000,000,000 | ---D | C] -- C:\Users\Cammy\Documents\Remote Assistance Logs [2019/02/18 15:17:59 | 000,000,000 | ---D | C] -- C:\Users\Cammy\Documents\New folder [2019/02/17 15:34:58 | 000,378,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\SysNative\aswBoot.exe [2019/02/13 18:41:39 | 000,000,000 | ---D | C] -- C:\Users\Cammy\Desktop\4.20.2019 Whitney Rae Lewis Baby Shower [2019/02/13 05:51:55 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSFlacDecoder.dll [2019/02/13 05:51:54 | 005,440,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll [2019/02/13 05:51:54 | 005,112,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll [2019/02/13 05:51:54 | 003,550,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll [2019/02/13 05:51:54 | 002,469,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll [2019/02/13 05:51:54 | 002,323,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll [2019/02/13 05:51:54 | 001,289,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll [2019/02/13 05:51:54 | 001,282,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll [2019/02/13 05:51:54 | 001,200,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll [2019/02/13 05:51:54 | 000,762,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll [2019/02/13 05:51:54 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSFlacDecoder.dll [2019/02/13 05:51:54 | 000,421,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSAudDecMFT.dll [2019/02/13 05:51:54 | 000,263,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll [2019/02/13 05:51:53 | 007,724,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll [2019/02/13 05:51:53 | 002,278,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll [2019/02/13 05:51:53 | 001,259,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi [2019/02/13 05:51:48 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MixedReality.Broker.dll [2019/02/13 05:51:47 | 019,284,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramWorld.dll [2019/02/13 05:51:47 | 001,309,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll [2019/02/13 05:51:47 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramCompositor.dll [2019/02/13 05:51:46 | 007,897,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll [2019/02/13 05:51:46 | 002,392,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcGenral.dll [2019/02/13 05:51:46 | 001,311,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjet40.dll [2019/02/13 05:51:45 | 000,663,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EdgeManager.dll [2019/02/13 05:51:44 | 020,812,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll [2019/02/13 05:51:44 | 008,875,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll [2019/02/13 05:51:44 | 006,070,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll [2019/02/13 05:51:44 | 002,942,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll [2019/02/13 05:51:44 | 000,833,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll [2019/02/13 05:51:44 | 000,794,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll [2019/02/13 05:51:44 | 000,742,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpaceControl.dll [2019/02/13 05:51:44 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\resutils.dll [2019/02/13 05:51:44 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrd3x40.dll [2019/02/13 05:51:44 | 000,349,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcGenral.dll [2019/02/13 05:51:44 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrd2x40.dll [2019/02/13 05:51:44 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpaceAgent.exe [2019/02/13 05:51:44 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlahc.dll [2019/02/13 05:51:43 | 002,298,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResetEngine.dll [2019/02/13 05:51:43 | 001,783,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll [2019/02/13 05:51:43 | 001,224,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll [2019/02/13 05:51:43 | 000,522,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe [2019/02/13 05:51:43 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcLayers.dll [2019/02/13 05:51:43 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResetEngOnline.dll [2019/02/13 05:51:43 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PktMon.exe [2019/02/13 05:51:42 | 007,883,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll [2019/02/13 05:51:42 | 004,885,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2019/02/13 05:51:42 | 004,688,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll [2019/02/13 05:51:41 | 000,912,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeManager.dll [2019/02/13 05:51:40 | 026,807,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll [2019/02/13 05:51:40 | 001,309,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll [2019/02/13 05:51:39 | 003,656,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll [2019/02/13 05:51:39 | 000,622,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resutils.dll [2019/02/13 05:51:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spacebridge.dll [2019/02/13 05:51:38 | 001,387,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvruserservice.dll [2019/02/13 05:51:38 | 001,047,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll [2019/02/13 05:51:38 | 000,913,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Graphics.Display.DisplayEnhancementService.dll [2019/02/13 05:51:38 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mprddm.dll [2019/02/13 05:51:38 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\discan.dll [2019/02/13 05:51:38 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasppp.dll [2019/02/13 05:51:38 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setupcln.dll [2019/02/13 05:51:36 | 006,540,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll [2019/02/13 05:51:36 | 001,484,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll [2019/02/13 05:51:36 | 001,467,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll [2019/02/13 05:51:36 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uReFS.dll [2019/02/13 05:51:36 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincredui.dll [2019/02/13 05:51:36 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\container.dll [2019/02/13 05:51:36 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nslookup.exe [2019/02/13 05:51:36 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf3216.dll [2019/02/13 05:51:35 | 005,205,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll [2019/02/13 05:51:35 | 001,720,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll [2019/02/13 05:51:35 | 001,168,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll [2019/02/13 05:51:35 | 000,652,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll [2019/02/13 05:51:35 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll [2019/02/13 05:51:35 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TileDataRepository.dll [2019/02/13 05:51:35 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryUpgrade.dll [2019/02/13 05:51:35 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spopk.dll [2019/02/13 05:51:35 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DisplayManager.dll [2019/02/13 05:51:34 | 015,224,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll [2019/02/13 05:51:34 | 002,689,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebRuntimeManager.dll [2019/02/13 05:51:34 | 001,700,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll [2019/02/13 05:51:34 | 001,671,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll [2019/02/13 05:51:34 | 001,271,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ContentDeliveryManager.Utilities.dll [2019/02/13 05:51:34 | 001,254,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll [2019/02/13 05:51:34 | 000,787,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Web.Core.dll [2019/02/13 05:51:34 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll [2019/02/13 05:51:34 | 000,091,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CompPkgSup.dll [2019/02/13 05:51:33 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincredui.dll [2019/02/13 05:51:33 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nslookup.exe [2019/02/13 05:51:32 | 001,994,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll [2019/02/13 05:51:32 | 000,475,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS [2019/02/13 05:51:32 | 000,430,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys [2019/02/13 05:51:32 | 000,121,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdnet.dll [2019/02/13 05:51:32 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf3216.dll [2019/02/13 05:51:31 | 002,702,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll [2019/02/13 05:51:31 | 000,588,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys [2019/02/13 05:51:31 | 000,146,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smss.exe [2019/02/13 05:51:30 | 001,467,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe [2019/02/13 05:51:30 | 001,446,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfc42u.dll [2019/02/13 05:51:30 | 001,415,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfc42.dll [2019/02/13 05:51:30 | 001,341,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi [2019/02/13 05:51:30 | 001,178,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe [2019/02/13 05:51:30 | 001,010,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\refsutil.exe [2019/02/13 05:51:30 | 000,982,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refsv1.sys [2019/02/13 05:51:30 | 000,800,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uReFS.dll [2019/02/13 05:51:30 | 000,726,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll [2019/02/13 05:51:30 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spopk.dll [2019/02/13 05:51:29 | 001,969,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys [2019/02/13 05:51:29 | 001,696,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi [2019/02/13 05:51:29 | 000,700,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Language.dll [2019/02/13 05:51:29 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apphelp.dll [2019/02/13 05:51:29 | 000,494,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Activities.dll [2019/02/13 05:51:28 | 005,565,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll [2019/02/13 05:51:28 | 004,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll [2019/02/13 05:51:28 | 001,314,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationController.dll [2019/02/13 05:51:28 | 000,496,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe [2019/02/13 05:51:28 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll [2019/02/13 05:51:28 | 000,365,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationControllerPS.dll [2019/02/13 05:51:27 | 004,702,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupapi.dll [2019/02/13 05:51:27 | 004,298,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll [2019/02/13 05:51:27 | 001,641,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll [2019/02/13 05:51:27 | 000,954,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll [2019/02/13 05:51:27 | 000,887,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mprddm.dll [2019/02/13 05:51:27 | 000,684,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll [2019/02/13 05:51:27 | 000,577,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll [2019/02/13 05:51:27 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncsi.dll [2019/02/13 05:51:27 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll [2019/02/13 05:51:27 | 000,326,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Cortana.OneCore.dll [2019/02/13 05:51:27 | 000,305,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasppp.dll [2019/02/13 05:51:27 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasman.dll [2019/02/13 05:51:27 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupcln.dll [2019/02/13 05:51:27 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpkinstall.exe [2019/02/13 05:51:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\npmproxy.dll [2019/02/13 05:51:26 | 009,683,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe [2019/02/13 05:51:26 | 003,982,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll [2019/02/13 05:51:26 | 003,662,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys [2019/02/13 05:51:26 | 001,715,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll [2019/02/13 05:51:26 | 000,556,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BTAGService.dll [2019/02/13 05:51:26 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TileDataRepository.dll [2019/02/13 05:51:26 | 000,494,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.dll [2019/02/13 05:51:26 | 000,433,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorService.dll [2019/02/13 05:51:26 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HttpsDataSource.dll [2019/02/13 05:51:26 | 000,074,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WindowsTrustedRT.sys [2019/02/13 05:51:25 | 007,645,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll [2019/02/13 05:51:25 | 005,527,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll [2019/02/13 05:51:25 | 002,488,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys [2019/02/13 05:51:25 | 001,533,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll [2019/02/13 05:51:25 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll [2019/02/13 05:51:25 | 001,032,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.Web.Core.dll [2019/02/13 05:51:25 | 000,864,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthService.exe [2019/02/13 05:51:25 | 000,820,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll [2019/02/13 05:51:25 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DisplayManager.dll [2019/02/13 05:51:25 | 000,097,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys [2019/02/13 05:51:24 | 003,386,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll [2019/02/13 05:51:24 | 002,187,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll [2019/02/13 05:51:24 | 001,604,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll [2019/02/13 05:51:24 | 001,054,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe [2019/02/13 05:51:23 | 005,561,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll [2019/02/13 05:51:23 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll [2019/02/13 05:51:22 | 017,520,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll [2019/02/13 05:51:22 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll [2019/02/13 05:51:22 | 001,700,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll [2019/02/13 05:51:22 | 001,331,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll [2019/02/13 05:51:22 | 000,744,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll [2019/02/13 05:51:22 | 000,604,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe [2019/02/13 05:51:22 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompPkgSrv.exe [2019/02/13 05:51:22 | 000,157,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys [2019/02/13 05:51:22 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.NetworkOperators.HotspotAuthentication.dll [2019/02/13 05:51:22 | 000,114,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompPkgSup.dll [2019/02/13 05:51:22 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\umpo-overrides.dll [2019/02/13 05:51:22 | 000,047,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browser_broker.exe [2019/02/13 05:51:21 | 003,556,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll [2019/02/13 05:51:21 | 002,766,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll [2019/02/13 05:51:21 | 001,209,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll [2019/02/13 05:51:21 | 000,970,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll [2019/02/13 05:51:21 | 000,956,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll [2019/02/13 05:51:21 | 000,850,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll [2019/02/13 05:51:21 | 000,741,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll [2019/02/13 05:51:21 | 000,651,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe [2019/02/13 05:51:21 | 000,612,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys [2019/02/13 05:51:21 | 000,527,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe [2019/02/13 05:51:21 | 000,506,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll [2019/02/13 05:51:21 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe [2019/02/13 05:51:21 | 000,375,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotifyIcon.exe [2019/02/13 05:51:21 | 000,276,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MTF.dll [2019/02/13 05:51:21 | 000,203,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll [2019/02/13 05:51:21 | 000,202,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MTF.dll [2019/02/13 05:51:21 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll [2019/02/13 05:51:21 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll [2019/02/13 05:51:20 | 004,991,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll [2019/02/13 05:51:20 | 002,721,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys [2019/02/13 05:51:20 | 002,149,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll [2019/02/13 05:51:20 | 000,865,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll [2019/02/13 05:51:20 | 000,822,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll [2019/02/13 05:51:20 | 000,799,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll [2019/02/13 05:51:20 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.dll [2019/02/13 05:51:20 | 000,394,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcLayers.dll [2019/02/13 05:51:20 | 000,353,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll [2019/02/13 05:51:20 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll [2019/02/13 05:51:20 | 000,217,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\container.dll [2019/02/13 05:51:20 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netiohlp.dll [2019/02/13 05:51:20 | 000,195,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryUpgrade.dll [2019/02/13 05:51:20 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spacebridge.dll [2019/02/13 05:51:20 | 000,039,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NtlmShared.dll [2019/02/13 05:51:20 | 000,033,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NtlmShared.dll [2019/02/13 05:51:19 | 001,255,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe [2019/02/13 05:51:19 | 001,050,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe [2019/02/13 05:51:19 | 000,651,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys [2019/02/13 05:51:19 | 000,461,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpAXHolder.dll [2019/02/13 05:51:19 | 000,298,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys [2019/02/13 05:51:19 | 000,195,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spacedump.sys [2019/02/13 05:51:19 | 000,193,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys [2019/02/13 05:51:19 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netiohlp.dll [2019/02/13 05:51:19 | 000,132,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys [2019/02/13 05:51:19 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bthhfenum.sys [2019/02/13 05:51:19 | 000,090,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll [2019/02/13 05:51:19 | 000,080,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vpci.sys [2019/02/13 05:51:19 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidparse.sys [2019/02/10 17:53:53 | 000,000,000 | ---D | C] -- C:\Users\Cammy\Desktop\2.19.2019 Candy Shanks 2 cakes [2019/01/31 11:59:50 | 000,000,000 | ---D | C] -- C:\Users\Cammy\Desktop\2.25.2019 Wendy Hubbell BD [2019/01/31 06:12:12 | 000,000,000 | ---D | C] -- C:\Users\Cammy\Desktop\3.3.2019 Maxine Bendixen BD ========== Files - Modified Within 30 Days ========== [2019/02/19 15:33:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Cammy\Desktop\OTL.com [2019/02/19 14:02:51 | 000,795,988 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2019/02/19 14:02:51 | 000,675,384 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2019/02/19 14:02:51 | 000,125,494 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2019/02/19 14:02:38 | 000,072,864 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys [2019/02/19 14:02:35 | 000,127,136 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys [2019/02/19 14:02:35 | 000,114,040 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys [2019/02/19 14:02:34 | 000,198,512 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys [2019/02/19 14:02:27 | 000,274,416 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamswissarmy.sys [2019/02/19 14:02:24 | 000,001,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk [2019/02/19 13:59:11 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2019/02/19 13:57:10 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys [2019/02/19 13:57:09 | 3428,642,816 | -HS- | M] () -- C:\hiberfil.sys [2019/02/19 13:17:23 | 000,006,194 | ---- | M] () -- C:\Users\Cammy\Documents\Invitation.msrcIncident [2019/02/19 05:57:34 | 000,124,407 | ---- | M] () -- C:\Users\Cammy\Desktop\51794254_10157035363055645_4002565072084795392_n.jpg [2019/02/19 05:25:26 | 000,327,846 | ---- | M] () -- C:\Users\Cammy\Desktop\Bronco's Cake.jpg [2019/02/18 18:48:24 | 000,470,863 | ---- | M] () -- C:\Users\Cammy\Desktop\Scooby cake.jpg [2019/02/16 06:31:08 | 000,025,884 | ---- | M] () -- C:\Users\Cammy\Desktop\Tweety.jpg [2019/02/13 08:47:40 | 000,475,408 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2019/02/13 05:51:55 | 002,323,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll [2019/02/13 05:51:55 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSFlacDecoder.dll [2019/02/13 05:51:54 | 005,440,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll [2019/02/13 05:51:54 | 005,112,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll [2019/02/13 05:51:54 | 003,550,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll [2019/02/13 05:51:54 | 002,469,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll [2019/02/13 05:51:54 | 001,289,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll [2019/02/13 05:51:54 | 001,282,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll [2019/02/13 05:51:54 | 001,200,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll [2019/02/13 05:51:54 | 000,762,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll [2019/02/13 05:51:54 | 000,427,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSFlacDecoder.dll [2019/02/13 05:51:54 | 000,421,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSAudDecMFT.dll [2019/02/13 05:51:54 | 000,263,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll [2019/02/13 05:51:53 | 007,724,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll [2019/02/13 05:51:53 | 002,278,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll [2019/02/13 05:51:53 | 001,259,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecConfig.efi [2019/02/13 05:51:48 | 019,284,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramWorld.dll [2019/02/13 05:51:48 | 000,429,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MixedReality.Broker.dll [2019/02/13 05:51:47 | 007,897,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll [2019/02/13 05:51:47 | 001,309,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll [2019/02/13 05:51:47 | 000,829,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramCompositor.dll [2019/02/13 05:51:46 | 002,392,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcGenral.dll [2019/02/13 05:51:46 | 001,311,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msjet40.dll [2019/02/13 05:51:45 | 020,812,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll [2019/02/13 05:51:45 | 000,663,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EdgeManager.dll [2019/02/13 05:51:44 | 008,875,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll [2019/02/13 05:51:44 | 006,070,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll [2019/02/13 05:51:44 | 002,942,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll [2019/02/13 05:51:44 | 000,833,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll [2019/02/13 05:51:44 | 000,794,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll [2019/02/13 05:51:44 | 000,742,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpaceControl.dll [2019/02/13 05:51:44 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\resutils.dll [2019/02/13 05:51:44 | 000,352,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrd3x40.dll [2019/02/13 05:51:44 | 000,349,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcGenral.dll [2019/02/13 05:51:44 | 000,313,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrd2x40.dll [2019/02/13 05:51:44 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpaceAgent.exe [2019/02/13 05:51:44 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nlahc.dll [2019/02/13 05:51:43 | 004,688,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll [2019/02/13 05:51:43 | 002,298,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResetEngine.dll [2019/02/13 05:51:43 | 001,783,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll [2019/02/13 05:51:43 | 001,224,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll [2019/02/13 05:51:43 | 000,522,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\systemreset.exe [2019/02/13 05:51:43 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcLayers.dll [2019/02/13 05:51:43 | 000,241,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResetEngOnline.dll [2019/02/13 05:51:43 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PktMon.exe [2019/02/13 05:51:42 | 007,883,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll [2019/02/13 05:51:42 | 004,885,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2019/02/13 05:51:41 | 026,807,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll [2019/02/13 05:51:41 | 000,912,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeManager.dll [2019/02/13 05:51:40 | 001,309,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll [2019/02/13 05:51:39 | 003,656,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll [2019/02/13 05:51:39 | 001,047,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll [2019/02/13 05:51:39 | 000,622,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resutils.dll [2019/02/13 05:51:39 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spacebridge.dll [2019/02/13 05:51:38 | 001,387,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvruserservice.dll [2019/02/13 05:51:38 | 000,913,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Graphics.Display.DisplayEnhancementService.dll [2019/02/13 05:51:38 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mprddm.dll [2019/02/13 05:51:38 | 000,289,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\discan.dll [2019/02/13 05:51:38 | 000,284,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasppp.dll [2019/02/13 05:51:38 | 000,104,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setupcln.dll [2019/02/13 05:51:36 | 006,540,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll [2019/02/13 05:51:36 | 001,484,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll [2019/02/13 05:51:36 | 001,467,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll [2019/02/13 05:51:36 | 000,681,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uReFS.dll [2019/02/13 05:51:36 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincredui.dll [2019/02/13 05:51:36 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\container.dll [2019/02/13 05:51:36 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nslookup.exe [2019/02/13 05:51:36 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mf3216.dll [2019/02/13 05:51:35 | 015,224,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll [2019/02/13 05:51:35 | 005,205,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll [2019/02/13 05:51:35 | 001,720,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll [2019/02/13 05:51:35 | 001,168,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll [2019/02/13 05:51:35 | 000,652,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll [2019/02/13 05:51:35 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll [2019/02/13 05:51:35 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TileDataRepository.dll [2019/02/13 05:51:35 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryUpgrade.dll [2019/02/13 05:51:35 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spopk.dll [2019/02/13 05:51:35 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DisplayManager.dll [2019/02/13 05:51:34 | 002,689,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebRuntimeManager.dll [2019/02/13 05:51:34 | 001,700,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll [2019/02/13 05:51:34 | 001,671,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll [2019/02/13 05:51:34 | 001,271,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ContentDeliveryManager.Utilities.dll [2019/02/13 05:51:34 | 001,254,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll [2019/02/13 05:51:34 | 000,787,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Web.Core.dll [2019/02/13 05:51:34 | 000,104,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll [2019/02/13 05:51:34 | 000,091,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CompPkgSup.dll [2019/02/13 05:51:33 | 000,201,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincredui.dll [2019/02/13 05:51:33 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nslookup.exe [2019/02/13 05:51:32 | 001,994,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll [2019/02/13 05:51:32 | 000,475,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS [2019/02/13 05:51:32 | 000,430,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys [2019/02/13 05:51:32 | 000,121,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdnet.dll [2019/02/13 05:51:32 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf3216.dll [2019/02/13 05:51:31 | 002,702,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll [2019/02/13 05:51:31 | 000,588,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys [2019/02/13 05:51:31 | 000,146,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smss.exe [2019/02/13 05:51:30 | 001,696,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi [2019/02/13 05:51:30 | 001,467,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe [2019/02/13 05:51:30 | 001,446,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfc42u.dll [2019/02/13 05:51:30 | 001,415,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfc42.dll [2019/02/13 05:51:30 | 001,341,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi [2019/02/13 05:51:30 | 001,178,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe [2019/02/13 05:51:30 | 001,010,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\refsutil.exe [2019/02/13 05:51:30 | 000,982,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refsv1.sys [2019/02/13 05:51:30 | 000,800,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uReFS.dll [2019/02/13 05:51:30 | 000,726,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll [2019/02/13 05:51:30 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spopk.dll [2019/02/13 05:51:29 | 001,969,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\refs.sys [2019/02/13 05:51:29 | 000,700,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_Language.dll [2019/02/13 05:51:29 | 000,553,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apphelp.dll [2019/02/13 05:51:29 | 000,494,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Activities.dll [2019/02/13 05:51:28 | 005,565,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll [2019/02/13 05:51:28 | 004,019,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll [2019/02/13 05:51:28 | 001,314,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationController.dll [2019/02/13 05:51:28 | 000,496,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe [2019/02/13 05:51:28 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll [2019/02/13 05:51:28 | 000,365,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationControllerPS.dll [2019/02/13 05:51:27 | 009,683,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe [2019/02/13 05:51:27 | 004,702,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupapi.dll [2019/02/13 05:51:27 | 004,298,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll [2019/02/13 05:51:27 | 001,641,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll [2019/02/13 05:51:27 | 000,954,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll [2019/02/13 05:51:27 | 000,887,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mprddm.dll [2019/02/13 05:51:27 | 000,684,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll [2019/02/13 05:51:27 | 000,577,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll [2019/02/13 05:51:27 | 000,516,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncsi.dll [2019/02/13 05:51:27 | 000,407,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll [2019/02/13 05:51:27 | 000,326,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Cortana.OneCore.dll [2019/02/13 05:51:27 | 000,305,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasppp.dll [2019/02/13 05:51:27 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasman.dll [2019/02/13 05:51:27 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupcln.dll [2019/02/13 05:51:27 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpkinstall.exe [2019/02/13 05:51:27 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\npmproxy.dll [2019/02/13 05:51:26 | 003,982,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll [2019/02/13 05:51:26 | 003,662,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys [2019/02/13 05:51:26 | 001,715,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll [2019/02/13 05:51:26 | 000,556,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BTAGService.dll [2019/02/13 05:51:26 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TileDataRepository.dll [2019/02/13 05:51:26 | 000,494,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.dll [2019/02/13 05:51:26 | 000,433,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorService.dll [2019/02/13 05:51:26 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HttpsDataSource.dll [2019/02/13 05:51:26 | 000,211,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\SensorsCx.dll [2019/02/13 05:51:26 | 000,074,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WindowsTrustedRT.sys [2019/02/13 05:51:25 | 007,645,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll [2019/02/13 05:51:25 | 005,527,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll [2019/02/13 05:51:25 | 002,488,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys [2019/02/13 05:51:25 | 001,533,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll [2019/02/13 05:51:25 | 001,462,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll [2019/02/13 05:51:25 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.Web.Core.dll [2019/02/13 05:51:25 | 000,864,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthService.exe [2019/02/13 05:51:25 | 000,820,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll [2019/02/13 05:51:25 | 000,775,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\NfcCx.dll [2019/02/13 05:51:25 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DisplayManager.dll [2019/02/13 05:51:25 | 000,097,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys [2019/02/13 05:51:24 | 003,386,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll [2019/02/13 05:51:24 | 002,187,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll [2019/02/13 05:51:24 | 001,604,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll [2019/02/13 05:51:24 | 001,054,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe [2019/02/13 05:51:23 | 017,520,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll [2019/02/13 05:51:23 | 005,561,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll [2019/02/13 05:51:23 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll [2019/02/13 05:51:23 | 000,148,480 | ---- | M] () -- C:\WINDOWS\SysNative\DataStoreCacheDumpTool.exe [2019/02/13 05:51:22 | 002,085,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll [2019/02/13 05:51:22 | 001,700,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll [2019/02/13 05:51:22 | 001,331,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll [2019/02/13 05:51:22 | 000,744,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll [2019/02/13 05:51:22 | 000,604,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe [2019/02/13 05:51:22 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompPkgSrv.exe [2019/02/13 05:51:22 | 000,157,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys [2019/02/13 05:51:22 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.NetworkOperators.HotspotAuthentication.dll [2019/02/13 05:51:22 | 000,114,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CompPkgSup.dll [2019/02/13 05:51:22 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\umpo-overrides.dll [2019/02/13 05:51:22 | 000,047,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browser_broker.exe [2019/02/13 05:51:21 | 003,556,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll [2019/02/13 05:51:21 | 002,766,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll [2019/02/13 05:51:21 | 001,209,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll [2019/02/13 05:51:21 | 000,970,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll [2019/02/13 05:51:21 | 000,956,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusUpdateHandlers.dll [2019/02/13 05:51:21 | 000,850,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll [2019/02/13 05:51:21 | 000,741,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll [2019/02/13 05:51:21 | 000,651,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe [2019/02/13 05:51:21 | 000,612,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys [2019/02/13 05:51:21 | 000,527,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe [2019/02/13 05:51:21 | 000,506,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll [2019/02/13 05:51:21 | 000,388,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotificationUx.exe [2019/02/13 05:51:21 | 000,375,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotifyIcon.exe [2019/02/13 05:51:21 | 000,276,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MTF.dll [2019/02/13 05:51:21 | 000,203,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll [2019/02/13 05:51:21 | 000,202,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MTF.dll [2019/02/13 05:51:21 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhosdeployment.dll [2019/02/13 05:51:21 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\musdialoghandlers.dll [2019/02/13 05:51:21 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth8.bin [2019/02/13 05:51:21 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth7.bin [2019/02/13 05:51:21 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth6.bin [2019/02/13 05:51:21 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth5.bin [2019/02/13 05:51:21 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth4.bin [2019/02/13 05:51:21 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth3.bin [2019/02/13 05:51:21 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth2.bin [2019/02/13 05:51:21 | 000,000,315 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuth1.bin [2019/02/13 05:51:20 | 004,991,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll [2019/02/13 05:51:20 | 002,721,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys [2019/02/13 05:51:20 | 002,149,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll [2019/02/13 05:51:20 | 000,865,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll [2019/02/13 05:51:20 | 000,822,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll [2019/02/13 05:51:20 | 000,799,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll [2019/02/13 05:51:20 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.dll [2019/02/13 05:51:20 | 000,394,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcLayers.dll [2019/02/13 05:51:20 | 000,353,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll [2019/02/13 05:51:20 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll [2019/02/13 05:51:20 | 000,217,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\container.dll [2019/02/13 05:51:20 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netiohlp.dll [2019/02/13 05:51:20 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryUpgrade.dll [2019/02/13 05:51:20 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spacebridge.dll [2019/02/13 05:51:20 | 000,039,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NtlmShared.dll [2019/02/13 05:51:20 | 000,033,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NtlmShared.dll [2019/02/13 05:51:19 | 001,255,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe [2019/02/13 05:51:19 | 001,050,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe [2019/02/13 05:51:19 | 000,651,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys [2019/02/13 05:51:19 | 000,461,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpAXHolder.dll [2019/02/13 05:51:19 | 000,298,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys [2019/02/13 05:51:19 | 000,195,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spacedump.sys [2019/02/13 05:51:19 | 000,193,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys [2019/02/13 05:51:19 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netiohlp.dll [2019/02/13 05:51:19 | 000,132,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys [2019/02/13 05:51:19 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bthhfenum.sys [2019/02/13 05:51:19 | 000,090,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll [2019/02/13 05:51:19 | 000,080,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\vpci.sys [2019/02/13 05:51:19 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidparse.sys [2019/02/13 05:51:19 | 000,000,072 | ---- | M] () -- C:\WINDOWS\SysNative\edgehtmlpluginpolicy.bin [2019/02/07 16:28:03 | 000,143,830 | ---- | M] () -- C:\Users\Cammy\Desktop\cake box pricing.jpg [2019/02/04 18:22:48 | 000,049,060 | ---- | M] () -- C:\Users\Cammy\Desktop\51308413_2096442227102686_3382061483155259392_n.jpg [2019/02/02 11:40:12 | 000,033,522 | ---- | M] () -- C:\Users\Cammy\Desktop\49476287_2557946074234878_3411869402298056704_n.jpg [2019/02/01 15:31:13 | 000,835,480 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe [2019/02/01 15:31:12 | 000,179,600 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl [2019/02/01 11:20:22 | 000,020,936 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamElam.sys ========== Files Created - No Company Name ========== [2019/02/19 14:02:24 | 000,001,912 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk [2019/02/19 12:51:22 | 000,006,194 | ---- | C] () -- C:\Users\Cammy\Documents\Invitation.msrcIncident [2019/02/19 05:57:34 | 000,124,407 | ---- | C] () -- C:\Users\Cammy\Desktop\51794254_10157035363055645_4002565072084795392_n.jpg [2019/02/19 05:25:26 | 000,327,846 | ---- | C] () -- C:\Users\Cammy\Desktop\Bronco's Cake.jpg [2019/02/18 18:48:23 | 000,470,863 | ---- | C] () -- C:\Users\Cammy\Desktop\Scooby cake.jpg [2019/02/16 06:31:08 | 000,025,884 | ---- | C] () -- C:\Users\Cammy\Desktop\Tweety.jpg [2019/02/13 05:51:23 | 000,148,480 | ---- | C] () -- C:\WINDOWS\SysNative\DataStoreCacheDumpTool.exe [2019/02/13 05:51:21 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth8.bin [2019/02/13 05:51:21 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth7.bin [2019/02/13 05:51:21 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth6.bin [2019/02/13 05:51:21 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth5.bin [2019/02/13 05:51:21 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth4.bin [2019/02/13 05:51:21 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth3.bin [2019/02/13 05:51:21 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth2.bin [2019/02/13 05:51:21 | 000,000,315 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuth1.bin [2019/02/13 05:51:19 | 000,000,072 | ---- | C] () -- C:\WINDOWS\SysNative\edgehtmlpluginpolicy.bin [2019/02/07 16:28:03 | 000,143,830 | ---- | C] () -- C:\Users\Cammy\Desktop\cake box pricing.jpg [2019/02/04 18:22:47 | 000,049,060 | ---- | C] () -- C:\Users\Cammy\Desktop\51308413_2096442227102686_3382061483155259392_n.jpg [2019/02/02 11:40:11 | 000,033,522 | ---- | C] () -- C:\Users\Cammy\Desktop\49476287_2557946074234878_3411869402298056704_n.jpg [2018/12/28 09:32:46 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2018/09/15 00:31:37 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2018/09/15 00:31:37 | 000,003,103 | ---- | C] () -- C:\WINDOWS\SysWow64\mmc.exe.config [2018/09/15 00:31:37 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2018/09/15 00:29:33 | 000,018,716 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat [2018/09/15 00:29:28 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2018/09/15 00:29:27 | 000,053,248 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2018/09/15 00:29:07 | 000,002,404 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini [2018/09/15 00:29:05 | 003,576,320 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll [2018/09/15 00:29:05 | 000,591,840 | ---- | C] () -- C:\WINDOWS\SysWow64\InputHost.dll [2018/09/15 00:29:05 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat [2018/09/15 00:29:03 | 000,205,312 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll [2018/09/15 00:29:03 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll [2018/09/15 00:29:03 | 000,063,488 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll [2018/09/15 00:29:03 | 000,025,600 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.WARP.JITService.exe [2018/09/15 00:29:00 | 000,327,168 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll [2018/09/15 00:28:57 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2018/09/15 00:28:54 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2018/05/21 06:22:34 | 000,624,619 | ---- | C] () -- C:\Users\Cammy\DSCN5555.jpg ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\windows.storage.dll -- [2018/12/28 09:30:11 | 007,685,016 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\windows.storage.dll -- [2018/12/28 09:30:27 | 006,306,152 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2018/09/15 00:28:26 | 000,969,216 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2018/09/15 00:29:00 | 000,787,456 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2018/09/15 00:28:29 | 000,518,144 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 260 bytes -> C:\Users\Cammy\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity < End of report > Link to post Share on other sites
CammyKretschmar Posted February 20, 2019 Author Report Share Posted February 20, 2019 Good Morning Chuck...I just attached a couple of docs that came up on my desk top after we stopped yesterday...Hopefully they are what you were looking for. Link to post Share on other sites
flashh4 Posted February 20, 2019 Report Share Posted February 20, 2019 Morning Cammy, i posted your logs, this makes them easier for me to read, i will be back in 10 minutes with a final fix !! Chuck Link to post Share on other sites
CammyKretschmar Posted February 20, 2019 Author Report Share Posted February 20, 2019 Okay...thank you Link to post Share on other sites
flashh4 Posted February 20, 2019 Report Share Posted February 20, 2019 Cammy, We need to Run an OTL fix !! Warning This fix is only relevant for this system and no other, using on another computer may cause problems. Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot * Double-click OTL.exe to start the program. * Copy and Paste the following code below ......... Start with and include the colon plus :OTL Copy everything in RED and Paste into the box in the OTL program !! :OTL IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRCIE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\ CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\ CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\ CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\ CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\ CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\ CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\ CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\ CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\ CHR - Extension: No name found = C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\ O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O18 - Protocol\Handler\ms-help - No CLSID value found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. @ Alternate Data Stream - 260 bytes -> C:\Users\Cam my\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRoo tIdentity :Commands [emptyjava] [emptyflash] [EMPTYTEMP] [RESETHOSTS] [CREATERESTOREPOINT] [Reboot] # Then click the Run Fix button at the top. # Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format. Remember to enable your real time protection. Post that log next ! Thanks Chuck Link to post Share on other sites
CammyKretschmar Posted February 20, 2019 Author Report Share Posted February 20, 2019 Can you show me where to post that link? I posted the link in the box at the bottom where it says Custom Scans/Fixes. Link to post Share on other sites
CammyKretschmar Posted February 20, 2019 Author Report Share Posted February 20, 2019 (edited) How do I enable real time protection? Edited February 20, 2019 by CammyKretschmar Link to post Share on other sites
flashh4 Posted February 20, 2019 Report Share Posted February 20, 2019 That is your antivirus ..... but just make sure it's turned on !! Link to post Share on other sites
CammyKretschmar Posted February 20, 2019 Author Report Share Posted February 20, 2019 Yes, my antivirus is turned on... Link to post Share on other sites
CammyKretschmar Posted February 20, 2019 Author Report Share Posted February 20, 2019 It is done, asking if it is okay to reboot Link to post Share on other sites
flashh4 Posted February 20, 2019 Report Share Posted February 20, 2019 Good, i just need to see the OTL fix log to make sure all got removed !! Link to post Share on other sites
CammyKretschmar Posted February 20, 2019 Author Report Share Posted February 20, 2019 No log came up.... Link to post Share on other sites
flashh4 Posted February 20, 2019 Report Share Posted February 20, 2019 Ok type OTL in your search function & see if it pops up !!Open them till you find it ! Link to post Share on other sites
CammyKretschmar Posted February 20, 2019 Author Report Share Posted February 20, 2019 All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully! C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_metadata folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\zh_TW folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\zh_CN folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\vi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\uk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\tr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\th folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\sv folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\sr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\sl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\sk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\ru folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\ro folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\pt_PT folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\pt_BR folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\pl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\no folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\nl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\ms folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\lv folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\lt folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\ko folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\ja folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\it folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\id folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\hu folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\hi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\he folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\fr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\fil folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\fi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\et folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\es_419 folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\es folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\en_US folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\en_GB folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\el folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\de folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\da folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\cs folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\ca folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\bg folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales\ar folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\_locales folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0 folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_metadata folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\zh_TW folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\zh_CN folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\vi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\uk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\tr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\th folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\sv folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\sr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\sl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\sk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\ru folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\ro folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\pt_PT folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\pt_BR folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\pl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\no folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\nl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\ms folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\lv folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\lt folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\ko folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\ja folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\it folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\id folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\hu folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\hi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\he folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\fr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\fil folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\fi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\et folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\es_419 folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\es folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\en_US folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\en_GB folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\el folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\de folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\da folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\cs folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\ca folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\bg folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales\ar folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\_locales folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0 folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_metadata folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\zh_TW folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\zh_CN folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\vi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\uk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\tr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\th folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sv folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ru folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ro folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pt_PT folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pt_BR folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\no folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\nl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ms folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\lv folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\lt folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ko folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ja folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\it folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\id folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hu folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\he folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fil folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\eu folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\et folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\es_419 folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\es folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\en_US folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\en_GB folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\el folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\de folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\da folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\cs folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ca folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\bg folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ar folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0 folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_metadata folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_TW folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_CN folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\vi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\uk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\tr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\th folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sv folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ru folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ro folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_PT folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_BR folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\no folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\nl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lv folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lt folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ko folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ja folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\it folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\id folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hu folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\he folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fil folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\es folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\en folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\el folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\de folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\da folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\cs folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ca folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\bg folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ar folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0 folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_metadata folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\zh_TW folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\zh_CN folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\vi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\uk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\tr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\th folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\sv folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\sr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\sl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\sk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\ru folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\ro folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\pt_PT folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\pt_BR folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\pl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\no folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\nl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\ms folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\lv folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\lt folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\ko folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\ja folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\it folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\id folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\hu folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\hi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\he folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\fr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\fil folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\fi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\et folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\es_419 folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\es folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\en_US folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\en_GB folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\el folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\de folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\da folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\cs folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\ca folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\bg folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales\ar folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\_locales folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0 folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_metadata folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\zu folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\zh_TW folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\zh_HK folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\zh_CN folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\vi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\ur folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\uk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\tr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\th folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\te folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\ta folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\sw folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\sv folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\sr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\sl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\sk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\si folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\ru folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\ro folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\pt_PT folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\pt_BR folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\pl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\pa folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\no folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\nl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\ne folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\ms folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\mr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\mn folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\ml folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\lv folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\lt folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\lo folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\ko folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\kn folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\km folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\kk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\ka folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\ja folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\iw folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\it folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\is folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\id folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\hy folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\hu folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\hr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\hi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\gu folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\gl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\fr_CA folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\fr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\fil folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\fi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\fa folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\eu folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\et folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\es_419 folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\es folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\en_US folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\en_GB folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\en folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\el folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\de folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\da folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\cs folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\ca folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\bn folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\bg folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\be folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\az folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\ar folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\am folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales\af folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\_locales folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0\resources folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.7_0 folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_metadata folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\zh_TW folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\zh_CN folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\vi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\uk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\tr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\th folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\sv folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\sr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\sl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\sk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\ru folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\ro folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\pt_PT folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\pt_BR folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\pl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\nl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\nb folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\lv folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\lt folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\ko folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\ja folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\it folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\id folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\hu folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\hr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\hi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\fr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\fil folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\fi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\et folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\es_419 folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\es folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\en_GB folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\en folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\el folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\de folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\da folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\cs folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\ca folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales\bg folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\_locales folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\images folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\html folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0\css folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.4_0 folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_metadata folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_TW folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_CN folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\vi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\uk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\tr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\th folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\se folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ru folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ro folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_PT folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_BR folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\no folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\nl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lv folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lt folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ko folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ja folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\it folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\id folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hu folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fil folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\es folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\en folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\el folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\de folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\da folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\cs folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ca folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\bg folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ar folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0 folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_metadata folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\zh_TW folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\zh folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\vi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\uk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\tr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\th folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\te folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\ta folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\sw folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\sv folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\sr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\sl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\sk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\ru folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\ro folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\pt folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\pl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\nl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\nb folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\ms folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\mr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\ml folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\lv folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\lt folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\ko folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\kn folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\ja folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\iw folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\it folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\id folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\hu folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\hr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\hi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\gu folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\fr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\fil folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\fi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\fa folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\et folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\es folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\en folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\el folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\de folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\da folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\cs folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\ca folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\bn folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\bg folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\ar folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales\am folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\_locales folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0\cast_setup folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7118.1015.0.0_0 folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_metadata folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\zh_TW folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\zh folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\vi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\uk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\tr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\th folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\te folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\ta folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\sw folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\sv folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\sr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\sl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\sk folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\ru folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\ro folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\pt folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\pl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\nl folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\nb folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\ms folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\mr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\ml folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\lv folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\lt folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\ko folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\kn folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\ja folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\iw folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\it folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\id folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\hu folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\hr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\hi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\gu folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\fr folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\fil folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\fi folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\fa folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\et folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\es folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\en folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\el folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\de folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\da folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\cs folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\ca folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\bn folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\bg folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\ar folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales\am folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\_locales folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0\cast_setup folder moved successfully. C:\Users\Cammy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\7218.1203.0.0_0 folder moved successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully. File Protocol\Handler\ms-help - No CLSID value found not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Unable to delete ADS C:\Users\Cam my\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRoo tIdentity . ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Cammy User: Default User: Default User User: Public Total Java Files Cleaned = 0.00 mb [EMPTYFLASH] User: All Users User: Cammy ->Flash cache emptied: 10415 bytes User: Default User: Default User User: Public Total Flash Files Cleaned = 0.00 mb [EMPTYTEMP] User: All Users User: Cammy ->Temp folder emptied: 45175787 bytes ->Temporary Internet Files folder emptied: 12406445 bytes ->FireFox cache emptied: 101476127 bytes ->Google Chrome cache emptied: 392874475 bytes ->Flash cache emptied: 0 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytesWindows Temp folder emptied: 2815370 bytes RecycleBin emptied: 3599675 bytes Total Files Cleaned = 532.00 mb C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully Restore point Set: OTL Restore Point OTL by OldTimer - Version 3.2.69.0 log created on 02202019_103441 Files\Folders moved on Reboot... File move failed. C:\WINDOWS\temp\_avast_\AvLock.txt scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot... Link to post Share on other sites
CammyKretschmar Posted February 20, 2019 Author Report Share Posted February 20, 2019 Finally! Link to post Share on other sites
CammyKretschmar Posted February 20, 2019 Author Report Share Posted February 20, 2019 Is it okay for me to reboot my computer? Link to post Share on other sites
flashh4 Posted February 20, 2019 Report Share Posted February 20, 2019 Yes reboot ! one more program Ok lets do some cleaning of tools/programs we used cleaning ! Clean up of Malware Removal Tools Now that we are through using these tools, let's clean them off your system so that should you ever need to have malware removed again (we hope not) fresh, updated copies will be downloaded. Download Delfix to your desktop and double click it to start the program here https://www.bleepingcomputer.com/download/delfix/ Ensure Remove disinfection tools is ticked Also tick: o Create registry backup o Purge system restore o Reset system settings o Click Run The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply. You can delete any log files left on your desktop as these are no longer needed. Link to post Share on other sites
flashh4 Posted February 20, 2019 Report Share Posted February 20, 2019 Congrats you are all clean ! Let me know how it's running, it may be a tad slow until it gets rebooted a few times ! Happy Surfing Chuck Link to post Share on other sites
Recommended Posts