Sponsored By

Recommended Posts

Howdy NathanWeil  and welcome to BestTechie !!!  

Howdy and welcome to BestTechie !!!  

My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer.

Run these 1 at a time & post each log as you get it ! Work them as your time permits you to !!

If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!

Perform all actions in the order given.

Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up !  

Do Not Remove anything or run any tools/programs until advised to do so !


Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections.  

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.  

===================================


AdwCleaner
       
Please download  http/toolslib.net/downloads/viewdownload/cleaner/  by Xplode onto your desktop.
Double click on AdwCleaner.exe to run the tool again.
       Windows XP : Double click on the icon to run it.

       Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

    *Click on the Scan button.
    *AdwCleaner will begin to scan your computer like it did before.
    *After the scan has finished .......
    
    This time, click on the "Clean" button.
    
    *Press OK when asked to close all programs and follow the onscreen prompts.
    *Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    *After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
    *Copy and paste the contents of that logfile in your next reply.
    *A copy of that logfile will also be saved in the C:\AdwCleaner folder.


NEXT


    Please download http://thisdax.org/downloads/ Removal Tool and save to your desk top.

    Shut down your protection software now to avoid potential conflicts.

    * Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    * The tool will open and start scanning your system.
    * Please be patient as this can take a while to complete depending on your system's specifications.
    * On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    * Post the contents of JRT.txt into your next reply !

Re-Boot your computer now !!


NEXT


    Download the free version Malwarebytes' Anti-Malware (save it to your desktop).  >>> htt/www.malwarebytes.org/antimalware/
     
      * Windows XP : Double click on the icon to run it.
      *  Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
      
* On the Dashboard click on Update Now
* Go to the Setting Tab
* Under Setting go to Detection and Protection
* Under PUP and PUM make sure both are set to show Treat Detections as Malware
* Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
* Then on the Dashboard click on Scan
* Make sure to select THREAT SCAN
* Then click on Scan

When the scan is finished on the bottom right click on SAVE RESULTS then select Copy to Clipboard
Please paste the log back into this thread for review
Exit Malwarebytes
 

 

 


   
  
NEXT


Download DDS and save it to your Desktop.  >>> http://download.bleepingcomputer.com/sUBs/dds.com


    Double click dds.scr to run the tool.
    If using Vista or Windows 7 you will be prompted by UAC, please allow the prompt.
    DDS will now scan your computer.
    When the scan is complete, DDS will open two (2) logs:
        DDS.txt
        Attach.txt
    If not saved these logs will be automatically deleted when closed, so save both to your Desktop.
    Please note it is important that you post BOTH logs in your topic.


Please note: DDS will ask you to attach the second log (Attach.txt), please ignore this notice and post the log instead.


Post next:
1. AdwCleaner Log
2. Junkware Removal Log
3. Malwarebytes Log
4. DDS logs (2 logs)
Thanks
Chuck
 

Share this post


Link to post
Share on other sites

# AdwCleaner v6.047 - Logfile created 04/06/2017 at 21:10:52
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-06-02.2 [Server]
# Operating System : Windows 10 Home  (X64)
# Username : Canaday - CANADAY
# Running from : C:\Users\Canaday\Downloads\adwcleaner_6.047.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

No malicious folders found.


***** [ Files ] *****

No malicious files found.


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

No malicious registry entries found.


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [995 Bytes] - [04/06/2017 21:10:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1067 Bytes] ##########

Share this post


Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Home x64 
Ran by Canaday (Administrator) on Sun 06/04/2017 at 21:12:08.51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 1 

Successfully deleted: C:\Users\Canaday\Documents\add-in express (Folder) 

Registry: 0 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 06/04/2017 at 21:14:21.85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Share this post


Link to post
Share on other sites

Nathan, Not find anything hardly to clean !!

Chuck

 

Share this post


Link to post
Share on other sites

Sometimes they run a little slow !!

 

Share this post


Link to post
Share on other sites

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 6/4/17
Scan Time: 9:21 PM
Logfile: 
Administrator: Yes

-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.103
Update Package Version: 1.0.2086
License: Free

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: CANADAY\Canaday

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 299947
Time Elapsed: 7 min, 50 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)

Share this post


Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.14393.953
Run by Canaday at 21:30:09 on 2017-06-04
Microsoft Windows 10 Home  10.0.14393.0.1252.1.1033.18.4044.2146 [GMT -6:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\WINDOWS\system32\backgroundTaskHost.exe
svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1051_none_7f2bf7ea21d201b2\TiWorker.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
mPolicies-System: DSCAutomationHostEnabled = dword:2
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{ffd20f85-3c28-477f-b084-b00bdbf25c13} : DHCPNameServer = 192.168.1.1
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages =  ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-Run: [WindowsDefender] "C:\Program Files (x86)\Windows Defender\MSASCuiL.exe"
x64-Run: [IgfxTray] "C:\WINDOWS\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\WINDOWS\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\WINDOWS\System32\igfxpers.exe"
x64-Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe
x64-Run: [Logitech Download Assistant] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\LogiLDA.dll,LogiFetch
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2016-7-16 48152]
R0 iorate;iorate;C:\WINDOWS\System32\drivers\iorate.sys [2016-11-20 48992]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2016-7-16 16224]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2016-7-16 107032]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2016-7-16 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2016-11-20 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2016-11-20 227328]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-7-16 88576]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-7-16 8192]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2017-1-30 173472]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
R2 CDPUserSvc_293c5;CDPUserSvc_293c5;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R2 clreg;Virtual Registry for Containers;C:\WINDOWS\System32\drivers\registry.sys [2016-7-16 70144]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2016-7-16 44496]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2016-7-16 44496]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R2 OneSyncSvc_293c5;Sync Host_293c5;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2016-7-16 78336]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2016-11-20 119648]
R2 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2016-7-16 66560]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2016-7-16 44496]
R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2016-7-16 44496]
R3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2011-3-29 317440]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
R3 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2017-4-25 4355024]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2017-4-25 251832]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2016-7-16 20480]
R3 PimIndexMaintenanceSvc_293c5;Contact Data_293c5;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\WINDOWS\System32\drivers\RtsPStor.sys [2015-10-16 384760]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2016-7-16 589824]
R3 SFEP;Sony Firmware Extension Parser;C:\WINDOWS\System32\drivers\SFEP.sys [2010-6-1 12032]
R3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
R3 UnistoreSvc_293c5;User Data Storage_293c5;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 UserDataSvc_293c5;User Data Access_293c5;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 UsoSvc;Update Orchestrator Service for Windows Update;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2016-7-16 123232]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2017-5-10 347320]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2016-7-16 44496]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-7-16 18432]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2016-7-16 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2016-7-16 15360]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2016-7-16 44496]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2016-7-16 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2016-7-16 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2016-7-16 44496]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-7-16 38912]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2016-11-20 118272]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-7-16 346976]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-7-16 2104160]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2017-5-18 131984]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-7-16 93184]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2016-7-16 44496]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-7-16 20480]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-7-16 50016]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2016-7-16 33280]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2016-7-16 81408]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-7-16 64512]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-7-16 176384]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2016-7-16 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2016-7-16 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2016-7-16 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2016-7-16 526176]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-7-16 35840]
S3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-7-16 105824]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-7-16 101216]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-11-20 64352]
S3 MessagingService_293c5;MessagingService_293c5;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-7-16 842584]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2016-7-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2016-7-16 90624]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2017-5-10 114176]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2016-7-16 58720]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2016-7-16 61792]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2016-7-16 928608]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2017-5-10 88416]
S3 scmdisk0101;Microsoft NVDIMM-N disk driver;C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-7-16 123904]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2017-4-25 1312768]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2016-7-16 151904]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2016-7-16 44496]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2016-11-20 81760]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2016-7-16 32096]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2016-7-16 287744]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-7-16 95744]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2016-7-16 108544]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2016-7-16 50688]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2016-7-16 45568]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2016-7-16 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-7-16 263008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2016-7-16 96608]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-7-16 137056]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2016-7-16 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2016-7-16 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2016-7-16 27488]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2016-7-16 32256]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2016-7-16 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2017-4-25 719872]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2016-7-16 44496]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2016-7-16 32096]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2016-7-16 64864]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
S3 WpnUserService_293c5;Windows Push Notifications User Service_293c5;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2016-7-16 216064]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2017-4-25 258560]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-11-20 43520]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
.
=============== Created Last 30 ================
.
2017-06-05 03:29:37    13020000    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3E5ADA77-20C4-48FF-B73B-8DF17192A6AD}\mpengine.dll
2017-06-05 03:08:52    --------    d-----w-    C:\AdwCleaner
2017-06-04 22:47:26    13020000    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2017-06-02 21:36:53    1167568    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A7B2C831-9E3F-4724-94BA-92E291DDECBA}\gapaengine.dll
2017-05-19 04:17:28    131984    ----a-w-    C:\WINDOWS\System32\drivers\ssudbus.sys
2017-05-10 22:25:00    835576    ----a-w-    C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2017-05-10 22:25:00    177656    ----a-w-    C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2017-05-10 21:22:59    661504    ----a-w-    C:\WINDOWS\SysWow64\WpcWebFilter.dll
2017-05-10 21:15:03    73216    ----a-w-    C:\WINDOWS\System32\Windows.StateRepositoryBroker.dll
2017-05-10 21:14:59    88416    ----a-w-    C:\WINDOWS\System32\drivers\scmbus.sys
2017-05-10 21:12:59    998400    ----a-w-    C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2017-05-10 21:11:59    716800    ----a-w-    C:\WINDOWS\System32\ShareHost.dll
.
==================== Find3M  ====================
.
2017-06-05 03:19:44    251832    ----a-w-    C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2017-05-31 21:00:08    565416    ------w-    C:\WINDOWS\System32\MpSigStub.exe
2017-05-10 03:16:28    73728    ----a-w-    C:\WINDOWS\System32\WSManMigrationPlugin.dll
2017-04-28 01:28:15    965472    ----a-w-    C:\WINDOWS\SysWow64\ReAgent.dll
2017-04-28 01:01:16    2717184    ----a-w-    C:\WINDOWS\SysWow64\PrintConfig.dll
2017-04-28 00:59:55    601712    ----a-w-    C:\WINDOWS\SysWow64\oleaut32.dll
2017-04-28 00:58:48    1706488    ----a-w-    C:\WINDOWS\SysWow64\KernelBase.dll
2017-04-28 00:57:25    603488    ----a-w-    C:\WINDOWS\System32\ContentDeliveryManager.Utilities.dll
2017-04-28 00:57:07    794928    ----a-w-    C:\WINDOWS\System32\Windows.Internal.Shell.Broker.dll
2017-04-28 00:56:56    2048488    ----a-w-    C:\WINDOWS\SysWow64\CoreUIComponents.dll
2017-04-28 00:56:07    1117024    ----a-w-    C:\WINDOWS\System32\ReAgent.dll
2017-04-28 00:53:45    2213760    ----a-w-    C:\WINDOWS\System32\KernelBase.dll
2017-04-28 00:53:16    7784288    ----a-w-    C:\WINDOWS\System32\ntoskrnl.exe
2017-04-28 00:53:03    774224    ----a-w-    C:\WINDOWS\System32\oleaut32.dll
2017-04-28 00:52:51    2255712    ----a-w-    C:\WINDOWS\System32\drivers\ntfs.sys
2017-04-28 00:49:56    2681200    ----a-w-    C:\WINDOWS\System32\CoreUIComponents.dll
2017-04-28 00:49:33    764392    ----a-w-    C:\WINDOWS\System32\CoreMessaging.dll
2017-04-28 00:48:25    263472    ----a-w-    C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
2017-04-28 00:47:56    699744    ----a-w-    C:\WINDOWS\System32\wimgapi.dll
2017-04-28 00:47:53    501088    ----a-w-    C:\WINDOWS\System32\spwizeng.dll
2017-04-28 00:46:14    410464    ----a-w-    C:\WINDOWS\System32\WinSetupUI.dll
2017-04-28 00:46:09    1504056    ----a-w-    C:\WINDOWS\SysWow64\WindowsCodecs.dll
2017-04-28 00:46:06    1431232    ----a-w-    C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
2017-04-28 00:46:03    5722320    ----a-w-    C:\WINDOWS\SysWow64\windows.storage.dll
2017-04-28 00:45:54    781144    ----a-w-    C:\WINDOWS\SysWow64\WWAHost.exe
2017-04-28 00:45:44    493920    ----a-w-    C:\WINDOWS\SysWow64\SettingSyncHost.exe
2017-04-28 00:45:44    116576    ----a-w-    C:\WINDOWS\SysWow64\CloudExperienceHostCommon.dll
2017-04-28 00:45:33    861024    ----a-w-    C:\WINDOWS\SysWow64\LicenseManager.dll
2017-04-28 00:45:29    975744    ----a-w-    C:\WINDOWS\SysWow64\twinapi.appcore.dll
2017-04-28 00:44:26    62816    ----a-w-    C:\WINDOWS\System32\drivers\fsdepends.sys
2017-04-28 00:43:59    1980768    ----a-w-    C:\WINDOWS\SysWow64\msxml6.dll
2017-04-28 00:43:48    1557224    ----a-w-    C:\WINDOWS\SysWow64\crypt32.dll
2017-04-28 00:43:10    846560    ----a-w-    C:\WINDOWS\SysWow64\WinTypes.dll
2017-04-28 00:43:09    2168288    ----a-w-    C:\WINDOWS\SysWow64\combase.dll
2017-04-28 00:42:58    601952    ----a-w-    C:\WINDOWS\SysWow64\NetSetupEngine.dll
2017-04-28 00:42:53    328008    ----a-w-    C:\WINDOWS\System32\Windows.Storage.ApplicationData.dll
2017-04-28 00:42:44    526176    ----a-w-    C:\WINDOWS\System32\wimserv.exe
2017-04-28 00:41:08    361104    ----a-w-    C:\WINDOWS\SysWow64\tsmf.dll
2017-04-28 00:39:48    962760    ----a-w-    C:\WINDOWS\SysWow64\ole32.dll
2017-04-28 00:39:37    715104    ----a-w-    C:\WINDOWS\System32\drivers\vhdmp.sys
2017-04-28 00:39:22    4312248    ----a-w-    C:\WINDOWS\SysWow64\explorer.exe
2017-04-28 00:39:15    624048    ----a-w-    C:\WINDOWS\System32\drivers\cng.sys
2017-04-28 00:38:51    557408    ----a-w-    C:\WINDOWS\System32\drivers\spaceport.sys
2017-04-28 00:38:51    2446704    ----a-w-    C:\WINDOWS\System32\msxml6.dll
2017-04-28 00:38:44    1852200    ----a-w-    C:\WINDOWS\System32\crypt32.dll
2017-04-28 00:38:28    431968    ----a-w-    C:\WINDOWS\System32\drivers\rdbss.sys
2017-04-28 00:38:20    1267512    ----a-w-    C:\WINDOWS\System32\WinTypes.dll
2017-04-28 00:38:12    2915704    ----a-w-    C:\WINDOWS\System32\combase.dll
2017-04-28 00:38:08    847200    ----a-w-    C:\WINDOWS\System32\NetSetupEngine.dll
2017-04-28 00:36:34    92512    ----a-w-    C:\WINDOWS\System32\rdpudd.dll
2017-04-28 00:36:29    408600    ----a-w-    C:\WINDOWS\System32\tsmf.dll
2017-04-28 00:35:22    1414208    ----a-w-    C:\WINDOWS\SysWow64\gdi32full.dll
2017-04-28 00:35:20    276832    ----a-w-    C:\WINDOWS\SysWow64\input.dll
2017-04-28 00:35:14    8170600    ----a-w-    C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2017-04-28 00:35:06    1988048    ----a-w-    C:\WINDOWS\System32\mfmp4srcsnk.dll
2017-04-28 00:35:06    1702392    ----a-w-    C:\WINDOWS\System32\mfasfsrcsnk.dll
2017-04-28 00:35:05    1302136    ----a-w-    C:\WINDOWS\System32\mfmpeg2srcsnk.dll
2017-04-28 00:35:03    4260576    ----a-w-    C:\WINDOWS\System32\mfcore.dll
2017-04-28 00:35:01    596040    ----a-w-    C:\WINDOWS\System32\mf.dll
2017-04-28 00:34:58    1072248    ----a-w-    C:\WINDOWS\System32\mfnetcore.dll
2017-04-28 00:34:57    443232    ----a-w-    C:\WINDOWS\System32\MMDevAPI.dll
2017-04-28 00:34:56    244824    ----a-w-    C:\WINDOWS\System32\mfps.dll
2017-04-28 00:34:45    1277824    ----a-w-    C:\WINDOWS\System32\ole32.dll
2017-04-28 00:34:25    241504    ----a-w-    C:\WINDOWS\System32\CloudExperienceHost.dll
2017-04-28 00:34:21    4674360    ----a-w-    C:\WINDOWS\explorer.exe
2017-04-28 00:34:09    1600624    ----a-w-    C:\WINDOWS\System32\sppobjs.dll
2017-04-28 00:30:17    1569184    ----a-w-    C:\WINDOWS\System32\gdi32full.dll
2017-04-28 00:30:11    322912    ----a-w-    C:\WINDOWS\System32\input.dll
2017-04-28 00:29:28    5685760    ----a-w-    C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2017-04-28 00:28:48    387864    ----a-w-    C:\WINDOWS\System32\wmpps.dll
2017-04-28 00:28:41    453536    ----a-w-    C:\WINDOWS\System32\services.exe
2017-04-28 00:28:39    455520    ----a-w-    C:\WINDOWS\System32\securekernel.exe
2017-04-28 00:23:19    95232    ----a-w-    C:\WINDOWS\SysWow64\UserDataTimeUtil.dll
2017-04-28 00:23:10    1631232    ----a-w-    C:\WINDOWS\SysWow64\Windows.UI.Xaml.Resources.dll
2017-04-28 00:22:46    26112    ----a-w-    C:\WINDOWS\SysWow64\odbcconf.dll
2017-04-28 00:22:16    165376    ----a-w-    C:\WINDOWS\SysWow64\ReInfo.dll
2017-04-28 00:21:41    27648    ----a-w-    C:\WINDOWS\SysWow64\BthTelemetry.dll
2017-04-28 00:21:26    73728    ----a-w-    C:\WINDOWS\SysWow64\tdc.ocx
2017-04-28 00:21:14    224256    ----a-w-    C:\WINDOWS\SysWow64\ExSMime.dll
2017-04-28 00:20:50    44032    ----a-w-    C:\WINDOWS\SysWow64\virtdisk.dll
2017-04-28 00:20:47    141824    ----a-w-    C:\WINDOWS\SysWow64\Windows.Devices.Radios.dll
2017-04-28 00:19:26    584192    ----a-w-    C:\WINDOWS\SysWow64\UIRibbonRes.dll
2017-04-28 00:19:15    156672    ----a-w-    C:\WINDOWS\SysWow64\UserDeviceRegistration.dll
2017-04-28 00:19:05    138240    ----a-w-    C:\WINDOWS\SysWow64\DisplayManager.dll
2017-04-28 00:18:43    450560    ----a-w-    C:\WINDOWS\SysWow64\rastls.dll
2017-04-28 00:18:37    255488    ----a-w-    C:\WINDOWS\SysWow64\unimdm.tsp
2017-04-28 00:18:35    285184    ----a-w-    C:\WINDOWS\SysWow64\Windows.UI.BlockedShutdown.dll
2017-04-28 00:17:57    136192    ----a-w-    C:\WINDOWS\SysWow64\WinRtTracing.dll
2017-04-28 00:17:50    94208    ----a-w-    C:\WINDOWS\SysWow64\Windows.StateRepositoryClient.dll
2017-04-28 00:17:36    95232    ----a-w-    C:\WINDOWS\SysWow64\BluetoothApis.dll
2017-04-28 00:17:30    328192    ----a-w-    C:\WINDOWS\SysWow64\daxexec.dll
2017-04-28 00:17:01    142336    ----a-w-    C:\WINDOWS\SysWow64\Windows.Devices.WiFi.dll
2017-04-28 00:16:36    184320    ----a-w-    C:\WINDOWS\SysWow64\UserMgrProxy.dll
2017-04-28 00:16:31    392192    ----a-w-    C:\WINDOWS\SysWow64\Windows.Gaming.Input.dll
2017-04-28 00:16:31    203776    ----a-w-    C:\WINDOWS\SysWow64\credprovhost.dll
2017-04-28 00:16:24    118272    ----a-w-    C:\WINDOWS\SysWow64\AppointmentActivation.dll
2017-04-28 00:16:23    231936    ----a-w-    C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll
2017-04-28 00:16:23    113152    ----a-w-    C:\WINDOWS\SysWow64\Windows.Devices.Lights.dll
2017-04-28 00:16:16    315904    ----a-w-    C:\WINDOWS\SysWow64\Windows.Gaming.XboxLive.Storage.dll
2017-04-28 00:16:09    180224    ----a-w-    C:\WINDOWS\SysWow64\InstallAgent.exe
.
============= FINISH: 21:30:54.68 ===============

Share this post


Link to post
Share on other sites


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 10 Home
Boot Device: \Device\HarddiskVolume2
Install Date: 4/25/2017 12:50:05 PM
System Uptime: 6/4/2017 9:17:22 PM (0 hours ago)
.
Motherboard: Sony Corporation |  | VAIO
Processor: Intel(R) Pentium(R) CPU B940 @ 2.00GHz | N/A | 2000/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 455 GiB total, 431.379 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1: 6/4/2017 9:12:09 PM - JRT Pre-Junkware Removal
.
==== Installed Programs ======================
.
Adobe Acrobat Reader DC
Adobe Refresh Manager
Alps Pointing-device for VAIO
CCleaner
Google Chrome
Google Update Helper
Malwarebytes version 3.0.6.1469
Microsoft Audio Enhancement Troubleshooter installer
SUPERAntiSpyware
.
==== Event Viewer Messages From Past Week ========
.
6/4/2017 9:17:58 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8D8F4F83-3594-4F07-8369-FC3C3CAE4919}  and APPID  {F72671A9-012C-4725-9D2F-2A4D32D65169}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
6/4/2017 9:16:56 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================
 

Share this post


Link to post
Share on other sites

I am not seeing anything in your logs, after the DDS log run one more for me !! 

Please download & run this next !

Download OldTimer to your desk top ! 
Links: http://oldtimer.geekstogo.com/OTL.com http://oldtimer.geekstogo.com/OTL.scr  
 
If you already have a copy of OTL delete it and use this version.  (Note: If you are running on Vista, right-click on the file and choose Run As Administrator). 

* Double click OTL.exe to launch the program.
* Check the following. 

o Scan all users.
o Standard Output. o Lop check.
o Purity check. oExtra Registry > Use SafeList  

* Under Extra Registry section, select Use SafeList
* Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
* When finished it will produce two logs. 

o OTL.txt (open on your desktop).
o Extras.txt (minimised in your taskbar) The Extras.txt file will only appear the very first time you run OTL. 

* Please post me both logs. This may have to be broken into more than one post !   

 

Thanks

Chuck

Share this post


Link to post
Share on other sites

OTL logfile created on: 6/4/2017 9:39:40 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Canaday\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.95 Gb Total Physical Memory | 2.25 Gb Available Physical Memory | 57.01% Memory free
4.64 Gb Paging File | 2.90 Gb Available in Paging File | 62.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454.90 Gb Total Space | 431.39 Gb Free Space | 94.83% Space Free | Partition Type: NTFS
 
Computer Name: CANADAY | User Name: Canaday | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found -- 
PRC - [2017/06/04 21:38:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Canaday\Downloads\OTL.com
PRC - [2017/04/25 09:12:12 | 000,083,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2017/01/30 17:47:14 | 000,173,472 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2017/04/27 18:52:48 | 000,347,320 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2017/04/27 18:51:49 | 003,318,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2017/04/27 18:49:33 | 000,764,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:64bit: - [2017/04/27 18:38:52 | 000,103,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2017/04/27 17:59:15 | 000,635,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FlightSettings.dll -- (wisvc)
SRV:64bit: - [2017/04/27 17:55:27 | 000,407,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:64bit: - [2017/04/27 17:51:08 | 002,104,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2017/04/27 17:48:03 | 000,337,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2017/04/27 17:44:42 | 000,548,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:64bit: - [2017/04/27 17:43:45 | 000,560,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2017/04/27 17:43:34 | 000,331,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:64bit: - [2017/04/27 17:43:31 | 001,184,256 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:64bit: - [2017/04/27 17:42:01 | 001,021,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:64bit: - [2017/04/27 17:41:36 | 000,650,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:64bit: - [2017/04/27 17:41:24 | 000,983,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:64bit: - [2017/04/27 17:40:14 | 000,770,560 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2017/04/27 17:37:57 | 001,984,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2017/03/27 23:10:05 | 001,231,872 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:64bit: - [2017/03/18 10:35:45 | 002,278,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2017/03/04 00:33:28 | 000,095,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tzautoupdate.dll -- (tzautoupdate)
SRV:64bit: - [2017/03/04 00:29:39 | 000,082,944 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:64bit: - [2017/03/04 00:29:21 | 000,203,264 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:64bit: - [2017/03/04 00:28:56 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicvss)
SRV:64bit: - [2017/03/04 00:28:56 | 000,349,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvcext.dll -- (vmicrdv)
SRV:64bit: - [2017/03/04 00:25:51 | 001,016,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:64bit: - [2017/03/04 00:24:38 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:64bit: - [2017/03/04 00:23:18 | 000,715,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2017/03/04 00:15:29 | 001,837,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2017/03/04 00:12:58 | 000,805,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FrameServer.dll -- (FrameServer)
SRV:64bit: - [2017/03/04 00:11:22 | 001,312,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:64bit: - [2017/03/04 00:07:14 | 001,512,448 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:64bit: - [2017/01/30 17:47:14 | 000,173,472 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2017/01/20 08:54:02 | 004,355,024 | ---- | M] (Malwarebytes) [On_Demand | Stopped] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:64bit: - [2016/12/13 22:43:24 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2016/11/20 12:11:19 | 000,447,488 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2016/11/20 12:11:19 | 000,265,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:64bit: - [2016/11/20 12:11:08 | 000,781,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PhoneService.dll -- (PhoneSvc)
SRV:64bit: - [2016/11/20 12:11:08 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RMapi.dll -- (RmSvc)
SRV:64bit: - [2016/11/20 12:11:04 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:64bit: - [2016/11/20 12:11:04 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:64bit: - [2016/11/20 12:10:59 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:64bit: - [2016/11/20 12:10:59 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2016/11/20 12:10:59 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2016/11/20 12:10:59 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2016/11/20 12:10:59 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2016/11/20 12:10:59 | 000,305,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2016/11/20 12:10:57 | 000,023,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2016/11/11 03:20:50 | 000,339,456 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\cdpusersvc.dll -- (CDPUserSvc)
SRV:64bit: - [2016/11/11 03:19:59 | 000,411,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:64bit: - [2016/11/11 03:19:35 | 000,285,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:64bit: - [2016/11/11 03:05:32 | 004,136,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:64bit: - [2016/11/11 03:04:16 | 000,691,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2016/07/16 05:43:50 | 000,082,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2016/07/16 05:43:47 | 000,436,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:64bit: - [2016/07/16 05:43:18 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2016/07/16 05:42:42 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2016/07/16 05:42:39 | 000,161,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll -- (shpamsvc)
SRV:64bit: - [2016/07/16 05:42:38 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:64bit: - [2016/07/16 05:42:38 | 000,055,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2016/07/16 05:42:36 | 000,183,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
SRV:64bit: - [2016/07/16 05:42:27 | 000,827,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2016/07/16 05:42:27 | 000,096,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2016/07/16 05:42:27 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:64bit: - [2016/07/16 05:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (WpnUserService_293c5)
SRV:64bit: - [2016/07/16 05:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_293c5)
SRV:64bit: - [2016/07/16 05:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_293c5)
SRV:64bit: - [2016/07/16 05:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_293c5)
SRV:64bit: - [2016/07/16 05:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_293c5)
SRV:64bit: - [2016/07/16 05:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (MessagingService_293c5)
SRV:64bit: - [2016/07/16 05:42:27 | 000,044,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (CDPUserSvc_293c5)
SRV:64bit: - [2016/07/16 05:42:23 | 000,366,592 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:64bit: - [2016/07/16 05:42:20 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2016/07/16 05:42:16 | 000,287,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TieringEngineService.exe -- (TieringEngineService)
SRV:64bit: - [2016/07/16 05:42:16 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2016/07/16 05:42:16 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2016/07/16 05:42:13 | 000,590,848 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:64bit: - [2016/07/16 05:42:12 | 000,519,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2016/07/16 05:42:12 | 000,052,224 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\MessagingService.dll -- (MessagingService)
SRV:64bit: - [2016/07/16 05:42:09 | 000,574,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:64bit: - [2016/07/16 05:42:09 | 000,387,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2016/07/16 05:42:09 | 000,358,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2016/07/16 05:42:09 | 000,339,968 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2016/07/16 05:42:09 | 000,234,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:64bit: - [2016/07/16 05:42:09 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:64bit: - [2016/07/16 05:42:09 | 000,177,664 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBrokerSvc)
SRV:64bit: - [2016/07/16 05:42:09 | 000,074,240 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\WpnUserService.dll -- (WpnUserService)
SRV:64bit: - [2016/07/16 05:42:09 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:64bit: - [2016/07/16 05:42:09 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:64bit: - [2016/07/16 05:42:07 | 001,159,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:64bit: - [2016/07/16 05:42:06 | 000,729,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:64bit: - [2016/07/16 05:42:06 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:64bit: - [2016/07/16 05:42:05 | 000,197,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2016/07/16 05:42:05 | 000,152,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:64bit: - [2016/07/16 05:42:05 | 000,140,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:64bit: - [2016/07/16 05:42:04 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\hvhostsvc.dll -- (HvHost)
SRV:64bit: - [2016/07/16 05:41:50 | 000,321,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV - [2017/04/27 18:51:49 | 003,318,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2017/04/27 18:13:28 | 000,298,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2017/04/27 17:30:59 | 000,483,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2017/04/25 09:12:12 | 000,083,056 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2017/03/09 01:16:16 | 000,300,128 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2017/03/04 00:16:20 | 000,968,704 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2016/11/20 12:10:57 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2016/11/11 01:05:12 | 003,370,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2017/05/18 22:17:28 | 000,131,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2017/04/27 18:55:36 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\scmbus.sys -- (scmbus)
DRV:64bit: - [2017/04/27 18:38:51 | 000,557,408 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2017/04/27 18:01:40 | 000,114,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:64bit: - [2017/03/27 23:37:09 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2017/03/27 23:36:52 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2017/03/09 01:16:12 | 005,382,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2017/03/04 01:24:27 | 000,108,384 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2017/03/04 01:15:25 | 000,063,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2017/03/04 01:08:59 | 000,130,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2017/03/04 00:34:51 | 000,258,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:64bit: - [2017/03/04 00:27:56 | 000,719,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:64bit: - [2016/12/09 04:30:39 | 000,377,184 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2016/11/20 12:27:09 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2016/11/20 12:11:06 | 000,227,328 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2016/11/20 12:11:01 | 000,119,648 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcifs.sys -- (wcifs)
DRV:64bit: - [2016/11/20 12:11:01 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hvservice.sys -- (hvservice)
DRV:64bit: - [2016/11/20 12:10:57 | 000,279,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2016/11/20 12:10:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:64bit: - [2016/11/20 12:10:57 | 000,118,112 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2016/11/20 12:10:57 | 000,081,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2016/11/20 12:10:57 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2016/11/20 12:10:57 | 000,064,352 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:64bit: - [2016/11/20 12:10:57 | 000,048,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iorate.sys -- (iorate)
DRV:64bit: - [2016/11/20 12:10:57 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:64bit: - [2016/11/20 12:10:22 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2016/11/20 12:05:05 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2016/11/11 04:00:25 | 000,219,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2016/07/16 05:44:01 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2016/07/16 05:43:06 | 000,123,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2016/07/16 05:43:04 | 000,290,144 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2016/07/16 05:43:04 | 000,044,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2016/07/16 05:42:38 | 000,125,440 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2016/07/16 05:42:36 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2016/07/16 05:42:36 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2016/07/16 05:42:36 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\applockerfltr.sys -- (applockerfltr)
DRV:64bit: - [2016/07/16 05:42:35 | 000,928,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:64bit: - [2016/07/16 05:42:28 | 000,107,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:64bit: - [2016/07/16 05:42:28 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:64bit: - [2016/07/16 05:42:27 | 000,263,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:64bit: - [2016/07/16 05:42:27 | 000,201,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2016/07/16 05:42:27 | 000,151,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2016/07/16 05:42:27 | 000,108,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys -- (UcmTcpciCx0101)
DRV:64bit: - [2016/07/16 05:42:27 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:64bit: - [2016/07/16 05:42:27 | 000,079,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2016/07/16 05:42:27 | 000,078,336 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:64bit: - [2016/07/16 05:42:27 | 000,074,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2016/07/16 05:42:27 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:64bit: - [2016/07/16 05:42:27 | 000,053,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2016/07/16 05:42:27 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IndirectKmd.sys -- (IndirectKmd)
DRV:64bit: - [2016/07/16 05:42:27 | 000,031,584 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2016/07/16 05:42:27 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2016/07/16 05:42:23 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:64bit: - [2016/07/16 05:42:22 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:64bit: - [2016/07/16 05:42:18 | 000,088,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2016/07/16 05:42:12 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2016/07/16 05:42:11 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2016/07/16 05:42:09 | 000,168,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2016/07/16 05:42:09 | 000,156,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2016/07/16 05:42:09 | 000,070,144 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\registry.sys -- (clreg)
DRV:64bit: - [2016/07/16 05:42:09 | 000,066,560 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\wcnfs.sys -- (wcnfs)
DRV:64bit: - [2016/07/16 05:42:03 | 000,210,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:64bit: - [2016/07/16 05:42:03 | 000,126,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2016/07/16 05:42:03 | 000,090,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NetAdapterCx.sys -- (NetAdapterCx)
DRV:64bit: - [2016/07/16 05:42:03 | 000,088,576 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:64bit: - [2016/07/16 05:42:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (tsusbflt)
DRV:64bit: - [2016/07/16 05:42:03 | 000,045,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:64bit: - [2016/07/16 05:42:03 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:64bit: - [2016/07/16 05:41:55 | 000,535,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2016/07/16 05:41:55 | 000,381,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2016/07/16 05:41:55 | 000,137,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:64bit: - [2016/07/16 05:41:55 | 000,096,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:64bit: - [2016/07/16 05:41:55 | 000,095,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2016/07/16 05:41:55 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:64bit: - [2016/07/16 05:41:55 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:64bit: - [2016/07/16 05:41:55 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:64bit: - [2016/07/16 05:41:55 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:64bit: - [2016/07/16 05:41:55 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:64bit: - [2016/07/16 05:41:54 | 000,176,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys -- (iaLPSS2i_I2C)
DRV:64bit: - [2016/07/16 05:41:54 | 000,081,408 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iai2c.sys -- (iai2c)
DRV:64bit: - [2016/07/16 05:41:54 | 000,064,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys -- (iaLPSS2i_GPIO2)
DRV:64bit: - [2016/07/16 05:41:54 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2016/07/16 05:41:54 | 000,050,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2016/07/16 05:41:54 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:64bit: - [2016/07/16 05:41:54 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:64bit: - [2016/07/16 05:41:54 | 000,034,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2016/07/16 05:41:54 | 000,033,280 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iagpio.sys -- (iagpio)
DRV:64bit: - [2016/07/16 05:41:54 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2016/07/16 05:41:54 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2016/07/16 05:41:53 | 002,104,160 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4vx64.sys -- (cht4vbd)
DRV:64bit: - [2016/07/16 05:41:53 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2016/07/16 05:41:53 | 000,842,584 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:64bit: - [2016/07/16 05:41:53 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2016/07/16 05:41:53 | 000,589,824 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rt640x64.sys -- (rt640x64)
DRV:64bit: - [2016/07/16 05:41:53 | 000,526,176 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:64bit: - [2016/07/16 05:41:53 | 000,346,976 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:64bit: - [2016/07/16 05:41:53 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2016/07/16 05:41:53 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2016/07/16 05:41:53 | 000,123,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scmdisk0101.sys -- (scmdisk0101)
DRV:64bit: - [2016/07/16 05:41:53 | 000,108,896 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:64bit: - [2016/07/16 05:41:53 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2016/07/16 05:41:53 | 000,105,824 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:64bit: - [2016/07/16 05:41:53 | 000,101,216 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:64bit: - [2016/07/16 05:41:53 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2016/07/16 05:41:53 | 000,082,776 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2016/07/16 05:41:53 | 000,077,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2016/07/16 05:41:53 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2016/07/16 05:41:53 | 000,064,864 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:64bit: - [2016/07/16 05:41:53 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2016/07/16 05:41:53 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2016/07/16 05:41:53 | 000,061,792 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:64bit: - [2016/07/16 05:41:53 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:64bit: - [2016/07/16 05:41:53 | 000,032,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:64bit: - [2016/07/16 05:41:53 | 000,032,096 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:64bit: - [2016/07/16 05:41:53 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2016/07/16 05:41:53 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2016/07/16 05:41:53 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2016/07/16 05:41:53 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:64bit: - [2016/07/16 05:41:53 | 000,016,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volume.sys -- (volume)
DRV:64bit: - [2016/07/16 05:41:53 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2016/07/16 05:41:53 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2016/07/16 05:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2016/07/16 05:41:53 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn.sys -- (bcmfn)
DRV:64bit: - [2016/07/16 05:41:52 | 003,418,976 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2016/07/16 05:41:52 | 000,533,856 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2016/07/16 05:41:52 | 000,048,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2016/07/16 05:41:52 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2016/07/16 05:41:50 | 004,233,728 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athwnx.sys -- (athr)
DRV:64bit: - [2016/07/16 05:41:50 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2016/07/16 05:41:50 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2016/07/16 05:41:50 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2016/07/16 05:41:50 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2016/07/16 05:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2016/07/16 05:41:50 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2016/07/16 05:41:50 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2016/07/16 05:41:50 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2016/07/16 05:41:50 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2016/07/16 05:41:50 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2016/07/16 05:41:50 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgid.sys -- (vmgid)
DRV:64bit: - [2015/10/16 06:20:52 | 000,384,760 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/09/20 09:23:40 | 000,317,776 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/07/22 10:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 15:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/03/29 03:00:53 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/02/22 09:27:05 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/04/26 14:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV - [2016/07/16 05:41:50 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys -- (CompositeBus)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\
 
O1 HOSTS File: ([2017/04/25 09:55:38 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [WindowsDefender] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ffd20f85-3c28-477f-b084-b00bdbf25c13}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2017/06/04 21:08:52 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017/05/18 22:17:28 | 000,131,984 | ---- | C] (Samsung Electronics Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\ssudbus.sys
[2017/05/10 16:25:00 | 000,835,576 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2017/05/10 16:25:00 | 000,177,656 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2017/05/10 15:23:51 | 001,228,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2017/05/10 15:23:51 | 000,965,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2017/05/10 15:23:51 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WebcamUi.dll
[2017/05/10 15:23:51 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\unimdm.tsp
[2017/05/10 15:23:51 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReInfo.dll
[2017/05/10 15:23:50 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\input.dll
[2017/05/10 15:23:49 | 007,468,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2017/05/10 15:23:49 | 001,255,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AzureSettingSyncProvider.dll
[2017/05/10 15:23:49 | 000,361,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsmf.dll
[2017/05/10 15:23:49 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SyncSettings.dll
[2017/05/10 15:23:45 | 000,764,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mprddm.dll
[2017/05/10 15:23:45 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastlsext.dll
[2017/05/10 15:23:38 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2017/05/10 15:23:38 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2017/05/10 15:23:37 | 002,027,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2017/05/10 15:23:34 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll
[2017/05/10 15:23:34 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setupugc.exe
[2017/05/10 15:23:33 | 005,685,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
[2017/05/10 15:23:31 | 001,413,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\OpcServices.dll
[2017/05/10 15:23:31 | 000,709,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2017/05/10 15:23:27 | 001,987,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2017/05/10 15:23:27 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2017/05/10 15:23:27 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adsnt.dll
[2017/05/10 15:23:26 | 001,656,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Perception.dll
[2017/05/10 15:23:26 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.FaceAnalysis.dll
[2017/05/10 15:23:26 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Speech.dll
[2017/05/10 15:23:26 | 000,747,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Ocr.dll
[2017/05/10 15:23:26 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Gaming.Input.dll
[2017/05/10 15:23:26 | 000,315,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Gaming.XboxLive.Storage.dll
[2017/05/10 15:23:26 | 000,263,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
[2017/05/10 15:23:26 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinRtTracing.dll
[2017/05/10 15:23:26 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryClient.dll
[2017/05/10 15:23:25 | 006,665,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2017/05/10 15:23:25 | 000,819,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppContracts.dll
[2017/05/10 15:23:25 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.dll
[2017/05/10 15:23:25 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Core.dll
[2017/05/10 15:23:23 | 003,520,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsrchvw.exe
[2017/05/10 15:23:22 | 002,749,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2017/05/10 15:23:22 | 002,646,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CertEnroll.dll
[2017/05/10 15:23:22 | 001,323,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_fs.dll
[2017/05/10 15:23:22 | 001,137,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2017/05/10 15:23:22 | 000,719,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_sr.dll
[2017/05/10 15:23:21 | 002,994,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2017/05/10 15:23:21 | 001,013,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.Http.dll
[2017/05/10 15:23:21 | 000,781,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2017/05/10 15:23:21 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.dll
[2017/05/10 15:23:21 | 000,598,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Web.dll
[2017/05/10 15:23:19 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Wallet.dll
[2017/05/10 15:23:19 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WwaApi.dll
[2017/05/10 15:23:16 | 001,004,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2017/05/10 15:23:16 | 000,557,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StoreAgent.dll
[2017/05/10 15:23:16 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgentUserBroker.exe
[2017/05/10 15:23:16 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe
[2017/05/10 15:23:16 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Scanners.dll
[2017/05/10 15:23:16 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\virtdisk.dll
[2017/05/10 15:23:15 | 001,232,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Maps.dll
[2017/05/10 15:23:15 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Phone.dll
[2017/05/10 15:23:15 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIRibbonRes.dll
[2017/05/10 15:23:15 | 000,404,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsreg.dll
[2017/05/10 15:23:15 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDeviceRegistration.dll
[2017/05/10 15:23:15 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\updatepolicy.dll
[2017/05/10 15:23:14 | 000,857,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EmailApis.dll
[2017/05/10 15:23:14 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataAccountApis.dll
[2017/05/10 15:23:14 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.BlockedShutdown.dll
[2017/05/10 15:23:14 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExSMime.dll
[2017/05/10 15:23:14 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppointmentActivation.dll
[2017/05/10 15:23:14 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDataTimeUtil.dll
[2017/05/10 15:23:13 | 007,626,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2017/05/10 15:23:13 | 000,827,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.appcore.dll
[2017/05/10 15:23:12 | 000,975,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.appcore.dll
[2017/05/10 15:23:11 | 003,106,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstsc.exe
[2017/05/10 15:23:10 | 002,747,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpcore.dll
[2017/05/10 15:23:10 | 001,431,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2017/05/10 15:23:10 | 000,861,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2017/05/10 15:23:10 | 000,783,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TSWorkspace.dll
[2017/05/10 15:23:09 | 002,154,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll
[2017/05/10 15:23:06 | 000,589,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Sensors.dll
[2017/05/10 15:23:06 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Web.Core.dll
[2017/05/10 15:23:06 | 000,493,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2017/05/10 15:23:06 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\vaultcli.dll
[2017/05/10 15:23:05 | 000,886,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2017/05/10 15:23:05 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TokenBroker.dll
[2017/05/10 15:23:05 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2017/05/10 15:23:04 | 006,042,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2017/05/10 15:23:04 | 000,822,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2017/05/10 15:23:04 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\efswrt.dll
[2017/05/10 15:23:04 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.Identity.Provider.dll
[2017/05/10 15:23:03 | 004,614,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2017/05/10 15:23:03 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RTMediaFrame.dll
[2017/05/10 15:23:02 | 001,077,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Editing.dll
[2017/05/10 15:23:01 | 001,534,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.Printing.3D.dll
[2017/05/10 15:23:00 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wpnapps.dll
[2017/05/10 15:23:00 | 000,525,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintDialogs.dll
[2017/05/10 15:23:00 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.Printing.dll
[2017/05/10 15:23:00 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToManager.dll
[2017/05/10 15:23:00 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToDevice.dll
[2017/05/10 15:23:00 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToReceiver.dll
[2017/05/10 15:22:59 | 000,661,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WpcWebFilter.dll
[2017/05/10 15:22:59 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2017/05/10 15:22:59 | 000,368,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiobj.dll
[2017/05/10 15:22:58 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AuthBroker.dll
[2017/05/10 15:22:56 | 000,675,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll
[2017/05/10 15:22:56 | 000,601,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupEngine.dll
[2017/05/10 15:22:53 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2017/05/10 15:22:52 | 000,795,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MiracastReceiver.dll
[2017/05/10 15:22:52 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SensorsApi.dll
[2017/05/10 15:22:52 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LocationApi.dll
[2017/05/10 15:22:51 | 001,360,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetsrc.dll
[2017/05/10 15:22:51 | 001,202,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2017/05/10 15:22:51 | 000,981,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfnetcore.dll
[2017/05/10 15:22:50 | 004,023,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2017/05/10 15:22:50 | 001,851,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2017/05/10 15:22:49 | 012,349,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2017/05/10 15:22:49 | 001,277,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2017/05/10 15:22:48 | 001,221,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Audio.dll
[2017/05/10 15:22:48 | 000,895,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2017/05/10 15:22:48 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MCRecvSrc.dll
[2017/05/10 15:22:48 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Devices.dll
[2017/05/10 15:22:48 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\odbcconf.dll
[2017/05/10 15:22:46 | 005,722,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2017/05/10 15:22:46 | 000,654,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MbaeApiPublic.dll
[2017/05/10 15:22:46 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mbsmsapi.dll
[2017/05/10 15:22:45 | 003,307,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2017/05/10 15:22:45 | 000,525,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LogonController.dll
[2017/05/10 15:22:45 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AboveLockAppHost.dll
[2017/05/10 15:22:42 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Bluetooth.dll
[2017/05/10 15:22:41 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\imapi2.dll
[2017/05/10 15:22:39 | 018,365,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2017/05/10 15:22:39 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2017/05/10 15:22:39 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2017/05/10 15:22:39 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx
[2017/05/10 15:22:33 | 004,312,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2017/05/10 15:22:33 | 001,414,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2017/05/10 15:22:33 | 001,247,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll
[2017/05/10 15:22:33 | 000,546,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\uReFS.dll
[2017/05/10 15:22:33 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Geolocation.dll
[2017/05/10 15:22:33 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Energy.dll
[2017/05/10 15:22:32 | 003,733,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DCompiler_47.dll
[2017/05/10 15:22:32 | 001,631,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Resources.dll
[2017/05/10 15:22:32 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2017/05/10 15:22:32 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DisplayManager.dll
[2017/05/10 15:22:31 | 013,873,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2017/05/10 15:22:30 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.WiFiDirect.dll
[2017/05/10 15:22:30 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.LowLevel.dll
[2017/05/10 15:22:30 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Midi.dll
[2017/05/10 15:22:30 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Usb.dll
[2017/05/10 15:22:30 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.WiFi.dll
[2017/05/10 15:22:30 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Radios.dll
[2017/05/10 15:22:30 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dialclient.dll
[2017/05/10 15:22:29 | 001,993,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2017/05/10 15:22:29 | 001,755,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DeviceFlows.DataModel.dll
[2017/05/10 15:22:29 | 000,901,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Bluetooth.dll
[2017/05/10 15:22:29 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.PointOfService.dll
[2017/05/10 15:22:29 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.SmartCards.dll
[2017/05/10 15:22:29 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Enumeration.dll
[2017/05/10 15:22:29 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Picker.dll
[2017/05/10 15:22:29 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.HumanInterfaceDevice.dll
[2017/05/10 15:22:29 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Lights.dll
[2017/05/10 15:22:28 | 002,168,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2017/05/10 15:22:28 | 000,846,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2017/05/10 15:22:28 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CryptoWinRT.dll
[2017/05/10 15:22:28 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\credprovhost.dll
[2017/05/10 15:22:27 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepsync.dll
[2017/05/10 15:22:27 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bthprops.cpl
[2017/05/10 15:22:27 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepapi.dll
[2017/05/10 15:22:27 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CameraCaptureUI.dll
[2017/05/10 15:22:27 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BthTelemetry.dll
[2017/05/10 15:22:26 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.AccountsControl.dll
[2017/05/10 15:22:26 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.AllJoyn.dll
[2017/05/10 15:22:25 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShareHost.dll
[2017/05/10 15:22:25 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2017/05/10 15:22:25 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2017/05/10 15:22:25 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\deviceaccess.dll
[2017/05/10 15:22:25 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dlnashext.dll
[2017/05/10 15:22:25 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll
[2017/05/10 15:22:25 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserMgrProxy.dll
[2017/05/10 15:22:24 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ErrorDetails.dll
[2017/05/10 15:22:24 | 000,116,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudExperienceHostCommon.dll
[2017/05/10 15:22:24 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BluetoothApis.dll
[2017/05/10 15:15:03 | 002,538,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2017/05/10 15:15:03 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StructuredQuery.dll
[2017/05/10 15:15:03 | 000,328,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.ApplicationData.dll
[2017/05/10 15:15:03 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2017/05/10 15:15:03 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryClient.dll
[2017/05/10 15:15:03 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netvsc.sys
[2017/05/10 15:15:03 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryBroker.dll
[2017/05/10 15:15:02 | 002,424,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Perception.dll
[2017/05/10 15:15:02 | 002,104,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2017/05/10 15:15:02 | 001,643,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Speech.dll
[2017/05/10 15:15:02 | 001,507,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.FaceAnalysis.dll
[2017/05/10 15:15:02 | 001,080,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Ocr.dll
[2017/05/10 15:15:02 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Gaming.Input.dll
[2017/05/10 15:15:02 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Gaming.XboxLive.Storage.dll
[2017/05/10 15:15:02 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinRtTracing.dll
[2017/05/10 15:15:01 | 000,358,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.dll
[2017/05/10 15:15:01 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Core.dll
[2017/05/10 15:15:00 | 001,060,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppContracts.dll
[2017/05/10 15:14:59 | 000,088,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\scmbus.sys
[2017/05/10 15:14:32 | 008,170,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2017/05/10 15:14:21 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GamePanel.exe
[2017/05/10 15:14:20 | 004,596,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xpsrchvw.exe
[2017/05/10 15:14:20 | 002,914,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CertEnroll.dll
[2017/05/10 15:14:18 | 003,290,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2017/05/10 15:14:18 | 001,584,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2017/05/10 15:14:18 | 000,946,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_sr.dll
[2017/05/10 15:14:17 | 001,913,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2017/05/10 15:14:16 | 001,117,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2017/05/10 15:14:16 | 000,410,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2017/05/10 15:14:16 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2017/05/10 15:14:15 | 003,613,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2017/05/10 15:14:15 | 001,738,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2017/05/10 15:14:15 | 001,513,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2017/05/10 15:14:15 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.Http.dll
[2017/05/10 15:14:15 | 000,963,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WebcamUi.dll
[2017/05/10 15:14:15 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.dll
[2017/05/10 15:14:15 | 000,774,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Web.dll
[2017/05/10 15:14:15 | 000,699,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimgapi.dll
[2017/05/10 15:14:15 | 000,673,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2017/05/10 15:14:15 | 000,526,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wimserv.exe
[2017/05/10 15:14:14 | 000,857,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2017/05/10 15:14:14 | 000,561,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Wallet.dll
[2017/05/10 15:14:14 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WwaApi.dll
[2017/05/10 15:14:12 | 001,266,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2017/05/10 15:14:12 | 000,748,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StoreAgent.dll
[2017/05/10 15:14:12 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2017/05/10 15:14:12 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgentUserBroker.exe
[2017/05/10 15:14:12 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Scanners.dll
[2017/05/10 15:14:12 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgent.exe
[2017/05/10 15:14:11 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2017/05/10 15:14:11 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\unimdm.tsp
[2017/05/10 15:14:11 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDeviceRegistration.dll
[2017/05/10 15:14:11 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDeviceRegistration.Ngc.dll
[2017/05/10 15:14:11 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatepolicy.dll
[2017/05/10 15:14:11 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\virtdisk.dll
[2017/05/10 15:14:10 | 001,424,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Maps.dll
[2017/05/10 15:14:10 | 001,388,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Cred.dll
[2017/05/10 15:14:10 | 001,369,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Phone.dll
[2017/05/10 15:14:10 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIRibbonRes.dll
[2017/05/10 15:14:08 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocore.dll
[2017/05/10 15:14:08 | 000,418,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.BlockedShutdown.dll
[2017/05/10 15:14:08 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\updatehandlers.dll
[2017/05/10 15:14:08 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MusNotification.exe
[2017/05/10 15:14:06 | 001,984,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2017/05/10 15:14:06 | 001,184,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Unistore.dll
[2017/05/10 15:14:06 | 001,145,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EmailApis.dll
[2017/05/10 15:14:06 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDataTimeUtil.dll
[2017/05/10 15:14:05 | 009,131,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2017/05/10 15:14:05 | 001,157,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.appcore.dll
[2017/05/10 15:14:05 | 000,971,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.appcore.dll
[2017/05/10 15:14:05 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\thumbcache.dll
[2017/05/10 15:14:04 | 008,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2017/05/10 15:14:04 | 000,360,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpencom.dll
[2017/05/10 15:14:04 | 000,322,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\input.dll
[2017/05/10 15:14:03 | 003,299,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstsc.exe
[2017/05/10 15:14:03 | 000,999,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TSWorkspace.dll
[2017/05/10 15:14:03 | 000,394,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpclip.exe
[2017/05/10 15:14:02 | 003,134,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcore.dll
[2017/05/10 15:14:02 | 001,817,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ResetEngine.dll
[2017/05/10 15:14:02 | 000,439,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wksprt.exe
[2017/05/10 15:14:02 | 000,408,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsmf.dll
[2017/05/10 15:14:01 | 002,861,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll
[2017/05/10 15:14:01 | 001,860,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2017/05/10 15:14:01 | 001,293,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2017/05/10 15:14:01 | 000,311,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncSettings.dll
[2017/05/10 15:14:00 | 002,390,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\smartscreen.exe
[2017/05/10 15:14:00 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shutdownux.dll
[2017/05/10 15:13:59 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SharedStartModel.dll
[2017/05/10 15:13:59 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Family.Client.dll
[2017/05/10 15:13:58 | 001,908,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AzureSettingSyncProvider.dll
[2017/05/10 15:13:58 | 000,983,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngcsvc.dll
[2017/05/10 15:13:58 | 000,875,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TokenBroker.dll
[2017/05/10 15:13:58 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.Web.Core.dll
[2017/05/10 15:13:58 | 000,765,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Sensors.dll
[2017/05/10 15:13:58 | 000,578,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2017/05/10 15:13:58 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NgcCtnrSvc.dll
[2017/05/10 15:13:58 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vaultcli.dll
[2017/05/10 15:13:57 | 001,121,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2017/05/10 15:13:57 | 000,591,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2017/05/10 15:13:56 | 004,744,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2017/05/10 15:13:54 | 008,125,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2017/05/10 15:13:54 | 001,600,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2017/05/10 15:13:52 | 002,510,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2017/05/10 15:13:52 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2017/05/10 15:13:50 | 004,749,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2017/05/10 15:13:50 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpaceControl.dll
[2017/05/10 15:13:50 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OneBackupHandler.dll
[2017/05/10 15:13:50 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_ClosedCaptioning.dll
[2017/05/10 15:13:50 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spaceman.exe
[2017/05/10 15:13:47 | 000,796,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvewiz.dll
[2017/05/10 15:13:47 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fvecpl.dll
[2017/05/10 15:13:46 | 000,501,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spwizeng.dll
[2017/05/10 15:13:46 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeveloperOptionsSettingsHandlers.dll
[2017/05/10 15:13:44 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efswrt.dll
[2017/05/10 15:13:44 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Family.SyncEngine.dll
[2017/05/10 15:13:43 | 000,947,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettings.Handlers.dll
[2017/05/10 15:13:41 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2017/05/10 15:13:40 | 000,453,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2017/05/10 15:13:40 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.Identity.Provider.dll
[2017/05/10 15:13:40 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpaceAgent.exe
[2017/05/10 15:13:38 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll
[2017/05/10 15:13:37 | 006,288,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2017/05/10 15:13:37 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RTMediaFrame.dll
[2017/05/10 15:13:37 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.Profile.RetailInfo.dll
[2017/05/10 15:13:36 | 001,476,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RecoveryDrive.exe
[2017/05/10 15:13:36 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastlsext.dll
[2017/05/10 15:13:35 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mprddm.dll
[2017/05/10 15:13:35 | 000,092,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2017/05/10 15:13:34 | 004,149,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2017/05/10 15:13:34 | 001,403,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Editing.dll
[2017/05/10 15:13:33 | 002,208,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.3D.dll
[2017/05/10 15:13:33 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2017/05/10 15:13:33 | 000,611,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.Printing.dll
[2017/05/10 15:13:33 | 000,583,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintDialogs.dll
[2017/05/10 15:13:33 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintDialogs3D.dll
[2017/05/10 15:13:33 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintWSDAHost.dll
[2017/05/10 15:13:32 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToManager.dll
[2017/05/10 15:13:32 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2017/05/10 15:13:32 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToDevice.dll
[2017/05/10 15:13:32 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToReceiver.dll
[2017/05/10 15:13:31 | 000,864,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnapps.dll
[2017/05/10 15:13:29 | 001,366,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2017/05/10 15:13:29 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2017/05/10 15:13:28 | 000,945,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcWebFilter.dll
[2017/05/10 15:13:28 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll
[2017/05/10 15:13:27 | 007,784,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2017/05/10 15:13:26 | 000,774,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2017/05/10 15:13:26 | 000,502,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2017/05/10 15:13:26 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleacc.dll
[2017/05/10 15:13:26 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthBroker.dll
[2017/05/10 15:13:25 | 000,913,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll
[2017/05/10 15:13:25 | 000,847,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupEngine.dll
[2017/05/10 15:13:23 | 001,040,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NaturalLanguage6.dll
[2017/05/10 15:13:23 | 000,579,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.UX.EapRequestHandler.dll
[2017/05/10 15:13:19 | 000,924,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.dll
[2017/05/10 15:13:18 | 000,443,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MMDevAPI.dll
[2017/05/10 15:13:18 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SensorsApi.dll
[2017/05/10 15:13:18 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationApi.dll
[2017/05/10 15:13:17 | 001,302,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2017/05/10 15:13:17 | 001,105,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MiracastReceiver.dll
[2017/05/10 15:13:17 | 001,072,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfnetcore.dll
[2017/05/10 15:13:16 | 004,260,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2017/05/10 15:13:16 | 001,988,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2017/05/10 15:13:16 | 001,702,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2017/05/10 15:13:16 | 000,387,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpps.dll
[2017/05/10 15:13:16 | 000,244,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2017/05/10 15:13:15 | 013,441,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2017/05/10 15:13:15 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Audio.dll
[2017/05/10 15:13:15 | 001,078,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2017/05/10 15:13:15 | 000,937,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MCRecvSrc.dll
[2017/05/10 15:13:15 | 000,596,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2017/05/10 15:13:15 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Devices.dll
[2017/05/10 15:13:13 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\odbcconf.dll
[2017/05/10 15:13:12 | 007,220,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2017/05/10 15:13:11 | 003,778,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2017/05/10 15:13:11 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MbaeApiPublic.dll
[2017/05/10 15:13:11 | 000,671,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mbsmsapi.dll
[2017/05/10 15:13:09 | 001,490,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2017/05/10 15:13:09 | 000,402,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2017/05/10 15:13:09 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AboveLockAppHost.dll
[2017/05/10 15:13:07 | 000,735,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2017/05/10 15:13:04 | 002,213,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2017/05/10 15:13:04 | 000,700,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2017/05/10 15:13:03 | 003,059,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2017/05/10 15:13:03 | 000,794,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Shell.Broker.dll
[2017/05/10 15:13:03 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Bluetooth.dll
[2017/05/10 15:13:02 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imapi2.dll
[2017/05/10 15:12:59 | 000,691,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2017/05/10 15:12:59 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\indexeddbserver.dll
[2017/05/10 15:12:59 | 000,223,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2017/05/10 15:12:58 | 022,569,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2017/05/10 15:12:58 | 001,637,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2017/05/10 15:12:58 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2017/05/10 15:12:58 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2017/05/10 15:12:58 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2017/05/10 15:12:58 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2017/05/10 15:12:58 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx
[2017/05/10 15:12:51 | 002,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2017/05/10 15:12:43 | 001,790,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationFramework.dll
[2017/05/10 15:12:43 | 001,586,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2017/05/10 15:12:43 | 001,569,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2017/05/10 15:12:43 | 000,467,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Geolocation.dll
[2017/05/10 15:12:42 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FlightSettings.dll
[2017/05/10 15:12:40 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resutils.dll
[2017/05/10 15:12:37 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uReFS.dll
[2017/05/10 15:12:36 | 004,674,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2017/05/10 15:12:35 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpAXHolder.dll
[2017/05/10 15:12:35 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Energy.dll
[2017/05/10 15:12:34 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2017/05/10 15:12:34 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DisplayManager.dll
[2017/05/10 15:12:33 | 004,474,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DCompiler_47.dll
[2017/05/10 15:12:33 | 002,478,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll
[2017/05/10 15:12:33 | 001,631,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.dll
[2017/05/10 15:12:32 | 017,198,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2017/05/10 15:12:31 | 001,275,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Bluetooth.dll
[2017/05/10 15:12:31 | 000,568,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.LowLevel.dll
[2017/05/10 15:12:31 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.WiFiDirect.dll
[2017/05/10 15:12:31 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Midi.dll
[2017/05/10 15:12:31 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Enumeration.dll
[2017/05/10 15:12:31 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Usb.dll
[2017/05/10 15:12:31 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicesFlowBroker.dll
[2017/05/10 15:12:31 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.WiFi.dll
[2017/05/10 15:12:31 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dialclient.dll
[2017/05/10 15:12:31 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Radios.dll
[2017/05/10 15:12:31 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Lights.dll
[2017/05/10 15:12:31 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Printers.dll
[2017/05/10 15:12:30 | 002,084,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceFlows.DataModel.dll
[2017/05/10 15:12:30 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2017/05/10 15:12:30 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ConsentUX.dll
[2017/05/10 15:12:29 | 007,216,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Data.Pdf.dll
[2017/05/10 15:12:29 | 005,611,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2017/05/10 15:12:29 | 002,286,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2017/05/10 15:12:29 | 000,949,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.PointOfService.dll
[2017/05/10 15:12:29 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.HumanInterfaceDevice.dll
[2017/05/10 15:12:28 | 001,010,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2017/05/10 15:12:27 | 000,912,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.SmartCards.dll
[2017/05/10 15:12:27 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Picker.dll
[2017/05/10 15:12:26 | 001,852,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2017/05/10 15:12:26 | 000,886,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2017/05/10 15:12:26 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptui.dll
[2017/05/10 15:12:26 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CryptoWinRT.dll
[2017/05/10 15:12:26 | 000,339,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ConhostV2.dll
[2017/05/10 15:12:26 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\credprovhost.dll
[2017/05/10 15:12:25 | 002,216,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\OpcServices.dll
[2017/05/10 15:12:25 | 001,589,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtctm.dll
[2017/05/10 15:12:24 | 002,915,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2017/05/10 15:12:24 | 001,267,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2017/05/10 15:12:24 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\catsrvps.dll
[2017/05/10 15:12:23 | 001,277,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2017/05/10 15:12:23 | 000,241,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll
[2017/05/10 15:12:22 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CameraCaptureUI.dll
[2017/05/10 15:12:21 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dafBth.dll
[2017/05/10 15:12:20 | 000,603,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2017/05/10 15:12:17 | 000,692,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CellularAPI.dll
[2017/05/10 15:12:16 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BthTelemetry.dll
[2017/05/10 15:12:12 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bthprops.cpl
[2017/05/10 15:12:12 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2017/05/10 15:12:12 | 000,026,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browser_broker.exe
[2017/05/10 15:12:11 | 000,770,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2017/05/10 15:12:06 | 001,692,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2017/05/10 15:12:06 | 000,828,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appwiz.cpl
[2017/05/10 15:12:06 | 000,379,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepsync.dll
[2017/05/10 15:12:06 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2017/05/10 15:12:06 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepapi.dll
[2017/05/10 15:12:05 | 000,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.AllJoyn.dll
[2017/05/10 15:12:05 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.AppDefaults.dll
[2017/05/10 15:12:05 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appidcertstorecheck.exe
[2017/05/10 15:12:04 | 000,896,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.AccountsControl.dll
[2017/05/10 15:12:03 | 000,881,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2017/05/10 15:12:02 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.LockScreen.dll
[2017/05/10 15:12:00 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adsnt.dll
[2017/05/10 15:11:59 | 001,021,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usermgr.dll
[2017/05/10 15:11:59 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShareHost.dll
[2017/05/10 15:11:59 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2017/05/10 15:11:59 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceaccess.dll
[2017/05/10 15:11:59 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserMgrProxy.dll
[2017/05/10 15:11:58 | 000,764,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2017/05/10 15:11:58 | 000,455,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2017/05/10 15:11:58 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dlnashext.dll
[2017/05/10 15:11:58 | 000,146,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHostCommon.dll
[2017/05/10 15:11:58 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BluetoothApis.dll
[2017/05/10 15:11:52 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ErrorDetails.dll
[2017/05/10 15:11:22 | 000,557,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[8 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[12 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2017/06/04 21:24:53 | 000,000,863 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2017/06/04 21:19:44 | 000,251,832 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2017/06/04 21:19:41 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2017/06/04 21:17:40 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2017/06/04 21:17:36 | 1696,112,640 | -HS- | M] () -- C:\hiberfil.sys
[2017/06/03 16:35:48 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2017/05/18 22:17:28 | 000,131,984 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\WINDOWS\SysNative\drivers\ssudbus.sys
[2017/05/15 16:31:34 | 000,002,260 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2017/05/10 16:28:21 | 000,938,764 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017/05/10 16:28:21 | 000,789,322 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2017/05/10 16:28:21 | 000,152,820 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2017/05/10 16:23:30 | 000,194,192 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017/05/09 21:16:28 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManMigrationPlugin.dll
[8 C:\WINDOWS\SysNative\drivers\*.tmp files -> C:\WINDOWS\SysNative\drivers\*.tmp -> ]
[12 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2017/06/03 16:35:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2017/05/10 15:23:00 | 000,265,728 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2017/05/10 15:22:28 | 002,048,488 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2017/05/10 15:13:32 | 000,418,304 | ---- | C] () -- C:\WINDOWS\SysNative\Windows.Perception.Stub.dll
[2017/05/10 15:12:26 | 002,681,200 | ---- | C] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2017/04/25 16:57:36 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2017/03/09 01:16:12 | 000,099,464 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2016/11/20 12:37:46 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2016/07/16 05:47:57 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2016/07/16 05:47:57 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2016/07/16 05:43:04 | 000,055,296 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2016/07/16 05:42:55 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2016/07/16 05:42:53 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2016/07/16 05:42:49 | 000,304,640 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2016/07/16 05:42:48 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2016/07/16 05:42:43 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2016/07/16 05:42:12 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2016/05/19 10:41:38 | 000,963,452 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
[2016/05/19 10:41:38 | 000,272,928 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2017/04/27 18:40:18 | 007,220,184 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2017/04/27 18:46:03 | 005,722,320 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2016/07/16 05:42:31 | 000,977,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2016/07/16 05:42:56 | 000,779,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016/07/16 05:42:31 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
 

Share this post


Link to post
Share on other sites

OTL Extras logfile created on: 6/4/2017 9:39:40 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Canaday\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.95 Gb Total Physical Memory | 2.25 Gb Available Physical Memory | 57.01% Memory free
4.64 Gb Paging File | 2.90 Gb Available in Paging File | 62.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454.90 Gb Total Space | 431.39 Gb Free Space | 94.83% Space Free | Partition Type: NTFS
 
Computer Name: CANADAY | User Name: Canaday | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = C1 76 74 78 5D 43 D2 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
"DontEnumerateCommonFilesUpgradeExe" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EFF1FADA-74DA-406F-8F09-2CB7AB6B6186}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{016F8A69-528E-4172-93E5-7AEB7AF985A2}" = dir=out | name=onenote | 
"{08E0644C-C4C0-4B3A-977C-E71A23F0A431}" = dir=out | [email protected]{microsoft.people_10.2.831.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} | 
"{131BF584-06BF-4864-A9D0-F9024F3BCDA4}" = dir=out | [email protected]{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{19AECCB5-4B64-47BD-A659-88B7D9BE126A}" = dir=out | [email protected]{microsoft.windows.shellexperiencehost_10.0.14393.447_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} | 
"{1DFD39F7-7A64-4FCD-B973-757CA4C76442}" = dir=out | [email protected]{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} | 
"{1EC304BB-C521-4D8B-A582-4F2EE722E4DC}" = dir=in | [email protected]{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{24D425E2-072A-477E-92CC-7D92CFD167C3}" = dir=out | [email protected]{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} | 
"{26C4B4A6-8A0C-4F15-9959-F8E282977E00}" = dir=out | [email protected]{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | 
"{277134EC-78C1-4F77-B4CB-E563093EF64A}" = dir=in | [email protected]{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} | 
"{29F20560-5B44-4952-A917-69A0320C280E}" = dir=out | name=store purchase app | 
"{2AC6C8B4-74B5-4019-82EA-A57A8E72F743}" = dir=in | [email protected]{microsoft.windows.cloudexperiencehost_10.0.14393.1066_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{352DA550-FEE3-4868-9337-75277D5A0363}" = dir=out | [email protected]{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} | 
"{35A1FF58-91FD-4B5F-AFDE-D067E7EA878C}" = dir=in | name=microsoft solitaire collection | 
"{395DECDA-0C93-475B-A12F-98646CA04F39}" = dir=out | [email protected]{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} | 
"{39857C57-5249-4E4E-967F-43FA239F7A87}" = dir=out | [email protected]{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} | 
"{3BBD5FF5-3D2A-4FD0-B64C-862046790A67}" = dir=out | [email protected]{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | 
"{3F27C5D9-A713-4722-876D-167CE538D957}" = dir=in | [email protected]{microsoft.bingsports_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} | 
"{4717C7B6-F90C-42C7-A796-307ADE627767}" = dir=out | [email protected]{microsoft.windows.cloudexperiencehost_10.0.14393.1066_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} | 
"{475AF18E-6766-4E64-9C6D-79FE5365420A}" = dir=out | [email protected]{microsoft.3dbuilder_14.1.1302.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} | 
"{4BC9E3F3-8DA6-4854-8D88-1672D103DB4B}" = dir=out | [email protected]{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | 
"{4DBA5E03-30BE-498D-A4F8-22502BBC0352}" = dir=out | [email protected]{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | 
"{545B524D-9008-4FB4-BC71-94E474DA0C60}" = dir=in | [email protected]{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} | 
"{55DD5255-589E-4345-849C-579E930CB637}" = dir=in | [email protected]{microsoft.zunevideo_10.17042.14211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{572CEEC0-7554-4FD2-A680-CA09685E9609}" = dir=in | [email protected]{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} | 
"{579A3131-E19C-4A86-8251-38D4E15AE59F}" = dir=in | [email protected]{microsoft.microsoftofficehub_17.8225.5925.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} | 
"{588BA8EF-1342-41AE-9735-BE8DA9E9D78C}" = dir=in | [email protected]{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | 
"{5F1F91D3-33BC-4ED3-994F-BD3DAF1CBF98}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_17.8218.40507.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} | 
"{6148C8D2-D284-4DF2-B479-5F7AD090B47F}" = dir=out | name=sway | 
"{6FE65FD1-5A85-4143-BD06-AC2FC20C8925}" = dir=out | [email protected]{microsoft.accountscontrol_10.0.14393.447_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} | 
"{7658C6D0-DCC0-45FB-A5F3-45B8D8DC7BA0}" = dir=in | [email protected]{microsoft.zunemusic_10.17042.14111.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{78307EC3-99F7-42ED-9505-0F87618F0EB1}" = dir=in | [email protected]{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | 
"{7F05C99F-BD81-43B2-A29B-BB076EE77730}" = dir=in | [email protected]{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | 
"{81913A64-A531-4719-8BD6-7249F4F76867}" = dir=in | name=microsoft sticky notes | 
"{8425443A-EB50-4BB5-BD23-485C45A5175B}" = dir=in | [email protected]{microsoft.microsoftedge_38.14393.1066.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | 
"{862BFE89-09CB-446B-A9AD-09D0F4F1CED2}" = dir=out | [email protected]{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} | 
"{89D444B3-A996-4A4F-B9F8-ED68A51B3EBD}" = dir=out | [email protected]{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} | 
"{8E8A2A12-1AC9-4797-B6DC-86DCE738D875}" = dir=out | [email protected]{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | 
"{9195B62F-6AE6-4868-83E2-DF2AE28E5AFB}" = dir=out | [email protected]{microsoft.windowsphone_10.1609.2561.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} | 
"{921297DB-73AC-4F26-A0F2-7F05D04847B8}" = dir=out | [email protected]{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} | 
"{9C0C3EB1-2737-4BD9-8948-31564819D67A}" = dir=out | name=windows_ie_ac_001 | 
"{9C12812A-6407-4FD2-9C3D-0C16F92962DE}" = dir=out | [email protected]{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} | 
"{9CDD25E8-EA42-42F3-BCF2-541AA6D191CF}" = dir=out | [email protected]{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} | 
"{9DEB7688-72C5-4C3B-AE52-262C236AEC02}" = dir=out | [email protected]{microsoft.accountscontrol_10.0.14393.1198_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} | 
"{9EB96858-5A1D-4DFC-ACA3-5DA15072B7B3}" = dir=out | [email protected]{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} | 
"{9ED71899-8D5C-4A04-BAAF-968164ED7D9D}" = dir=out | name=microsoft sticky notes | 
"{A1322EFA-38FE-4A22-9642-F65D2912B6F2}" = dir=in | [email protected]{microsoft.commsphone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} | 
"{A294064C-9F9A-4663-99A0-6D4A537C5C4C}" = dir=out | [email protected]{microsoft.windowsstore_11703.1001.45.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | 
"{A44ED04B-813C-439C-9E2D-5F25BF7975CB}" = dir=out | [email protected]{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} | 
"{A6A9FCC6-A151-425A-97D7-405CAA676DD7}" = dir=out | name=windows_ie_ac_001 | 
"{B16C203E-A732-422C-A176-EE04EDFA0E4A}" = dir=in | [email protected]{microsoft.windowsfeedbackhub_1.1704.1361.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} | 
"{B46E105E-D282-4175-A5BA-742902E39734}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_17.8218.40507.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} | 
"{B48475FB-262B-4097-87B8-890945300912}" = dir=out | [email protected]{microsoft.bingsports_4.20.1102.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} | 
"{B99E9C32-7F9A-4284-BBE9-D4CF9DBFBAB4}" = dir=in | [email protected]{microsoft.windowsstore_11703.1001.45.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} | 
"{BB3FF156-C2EE-49F8-91C9-FA3F8C8A1899}" = dir=out | [email protected]{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} | 
"{C0B41BEE-9168-49F7-94AE-6F41ADA47B66}" = dir=out | [email protected]{microsoft.windows.shellexperiencehost_10.0.14393.1198_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} | 
"{C6417E46-9E6A-49E4-A988-7FE39BE22D0A}" = dir=out | [email protected]{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | 
"{CBC596DD-44D0-4EF7-BC5B-C0FF5AD9C3F4}" = dir=out | [email protected]{microsoft.zunevideo_10.17042.14211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{CBDBC7BD-B2FE-4B82-8849-FABDC2D7210A}" = dir=out | [email protected]{microsoft.microsoftedge_38.14393.1066.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | 
"{CE3DD39E-A605-44E0-B8F8-7E22B423A65F}" = dir=out | [email protected]{microsoft.windowsfeedbackhub_1.1704.1361.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} | 
"{CF537554-00FA-4847-8889-ABE3C64FC9EA}" = dir=in | [email protected]{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} | 
"{D13A32A3-6A6E-4055-AA25-B814786CA9F7}" = dir=out | [email protected]{microsoft.microsoftofficehub_17.8225.5925.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} | 
"{D3906002-1DF1-43F2-8A16-E3EF96FE8D2C}" = dir=in | [email protected]{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} | 
"{DC25A611-57E0-4F01-BEEE-C387AB79DF4E}" = dir=out | [email protected]{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} | 
"{DEA01167-1B06-44F9-8A98-A74EAD481B97}" = dir=in | name=sway | 
"{DFD1B3B9-7656-4B0D-A95C-91F77390039D}" = dir=out | [email protected]{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} | 
"{E050F406-0803-464D-8725-04E3B81CA727}" = dir=out | [email protected]{microsoft.windows.photos_17.425.10010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | 
"{E11476EA-A82A-41BF-8C67-D0F7234535BA}" = dir=in | [email protected]{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | 
"{E1CB9F2D-848D-41B3-8310-CED5FA7B0420}" = dir=out | [email protected]{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} | 
"{E328C801-223D-4AAB-B51A-04C796F83330}" = dir=out | [email protected]{microsoft.windowsmaps_5.1705.1391.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} | 
"{E40B7B94-B009-4770-87CE-531A028C7335}" = dir=out | [email protected]{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} | 
"{E715119A-201D-4122-BAAB-72510671BDA6}" = dir=out | [email protected]{microsoft.zunemusic_10.17042.14111.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{E80FC717-6870-4810-8516-2ECC07DA4E19}" = dir=in | [email protected]{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | 
"{EAB99310-3BA0-4831-87D0-B2C36DDAF223}" = dir=out | [email protected]{microsoft.commsphone_1.10.15000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} | 
"{F18470D9-B1D5-4425-96F1-CAD39586A6ED}" = dir=in | [email protected]{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} | 
"{F625E322-1859-43A3-ACF5-0FB9E9C33F27}" = dir=out | [email protected]{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} | 
"{F747599F-969E-426E-A140-002FB40929A1}" = dir=out | [email protected]{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} | 
"{F9BCF441-3BCC-436E-9A87-C7A57686F12C}" = dir=in | [email protected]{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} | 
"{FA8B6819-AF14-4562-B016-BA70BD766420}" = dir=in | name=onenote | 
"{FCE11E83-983D-4AC8-9DDB-B7712AD45A3A}" = dir=in | [email protected]{microsoft.windows.photos_17.425.10010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} | 
"{FDFF68D7-0174-47C5-AC0A-2115D824B28A}" = dir=out | name=microsoft solitaire collection | 
"{FE692247-511D-494E-B9A4-31CAE449268C}" = dir=in | [email protected]{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes version 3.0.6.1469
"{6E0351FF-6A71-45C5-A041-D4D9D8067EAF}" = Microsoft Audio Enhancement Troubleshooter installer
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"CCleaner" = CCleaner
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001824225037}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 5/3/2017 8:31:24 PM | Computer Name = Canaday | Source = Application Error | ID = 1000
Description = Faulting application name: microsoftedgecp.exe, version: 11.0.14393.953,
 time stamp: 0x58ba5911  Faulting module name: EdgeContent.dll, version: 11.0.14393.1066,
 time stamp: 0x58d9f28c  Exception code: 0xc0000409  Fault offset: 0x0000000000067c40
Faulting
 process id: 0x184c  Faulting application start time: 0x01d2c467366ce3a2  Faulting application
 path: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Faulting
 module path: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\EdgeContent.dll
Report
 Id: 10e86e0f-0a73-4191-8688-9d76fbb88840  Faulting package full name: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
Faulting
 package-relative application ID: MicrosoftEdge
 
Error - 5/10/2017 5:39:00 PM | Computer Name = Canaday | Source = Perflib | ID = 1008
Description = 
 
Error - 5/18/2017 7:00:59 PM | Computer Name = Canaday | Source = Application Hang | ID = 1002
Description = The program MicrosoftEdgeCP.exe version 11.0.14393.953 stopped interacting
 with Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Security and Maintenance control panel.    Process
 ID: 15fc    Start Time: 01d2d02a6b1b2a84    Termination Time: 9    Application Path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

Report
 Id: d828d88b-3c1d-11e7-b31a-78843cdfbfd6    Faulting package full name: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe

Faulting
 package-relative application ID: MicrosoftEdge  
 
Error - 5/22/2017 7:22:49 PM | Computer Name = Canaday | Source = Perflib | ID = 1008
Description = 
 
Error - 5/23/2017 11:51:00 PM | Computer Name = Canaday | Source = Application Error | ID = 1000
Description = Faulting application name: microsoftedgecp.exe, version: 11.0.14393.953,
 time stamp: 0x58ba5911  Faulting module name: EdgeContent.dll, version: 11.0.14393.1198,
 time stamp: 0x5902824f  Exception code: 0xc0000409  Fault offset: 0x0000000000067c30
Faulting
 process id: 0x254  Faulting application start time: 0x01d2d43969640f2d  Faulting application
 path: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Faulting
 module path: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\EdgeContent.dll
Report
 Id: 77747755-9a30-4f50-8584-b02b5df20c3a  Faulting package full name: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
Faulting
 package-relative application ID: MicrosoftEdge
 
Error - 5/30/2017 12:49:48 PM | Computer Name = Canaday | Source = Application Error | ID = 1000
Description = Faulting application name: microsoftedgecp.exe, version: 11.0.14393.953,
 time stamp: 0x58ba5911  Faulting module name: ntdll.dll, version: 10.0.14393.479,
 time stamp: 0x5825887f  Exception code: 0xc0000005  Fault offset: 0x000000000004acbd
Faulting
 process id: 0x10e8  Faulting application start time: 0x01d2d9603b7db0db  Faulting application
 path: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Faulting
 module path: C:\WINDOWS\SYSTEM32\ntdll.dll  Report Id: 489e06fc-7833-4751-89d5-59322cf74a18
Faulting
 package full name: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
Faulting
 package-relative application ID: MicrosoftEdge
 
Error - 5/31/2017 9:27:48 PM | Computer Name = Canaday | Source = Application Error | ID = 1000
Description = Faulting application name: microsoftedgecp.exe, version: 11.0.14393.953,
 time stamp: 0x58ba5911  Faulting module name: Flash.ocx_unloaded, version: 25.0.0.171,
 time stamp: 0x59016c7a  Exception code: 0xc0000005  Fault offset: 0x00000000002dd5da
Faulting
 process id: 0xb74  Faulting application start time: 0x01d2da763f91bdc1  Faulting application
 path: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Faulting
 module path: Flash.ocx  Report Id: bf5904d5-e56e-4842-80c5-253d36a2e53c  Faulting package
 full name: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe  Faulting
 package-relative application ID: MicrosoftEdge
 
Error - 6/2/2017 12:07:51 AM | Computer Name = Canaday | Source = Application Error | ID = 1000
Description = Faulting application name: microsoftedgecp.exe, version: 11.0.14393.953,
 time stamp: 0x58ba5911  Faulting module name: EdgeContent.dll, version: 11.0.14393.1198,
 time stamp: 0x5902824f  Exception code: 0xc0000409  Fault offset: 0x0000000000067c30
Faulting
 process id: 0x1ac0  Faulting application start time: 0x01d2db4e9691b44e  Faulting application
 path: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Faulting
 module path: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\EdgeContent.dll
Report
 Id: ee6d3b8e-7aec-422a-83da-3ee6ff6467a2  Faulting package full name: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe
Faulting
 package-relative application ID: MicrosoftEdge
 
Error - 6/3/2017 7:06:35 PM | Computer Name = Canaday | Source = Application Hang | ID = 1002
Description = The program MicrosoftEdgeCP.exe version 11.0.14393.953 stopped interacting
 with Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Security and Maintenance control panel.    Process
 ID: 7c8    Start Time: 01d2dcbcdd3da95e    Termination Time: 10    Application Path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

Report
 Id: 474f5b1c-48b1-11e7-b31a-78843cdfbfd6    Faulting package full name: Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe

Faulting
 package-relative application ID: MicrosoftEdge  
 
Error - 6/4/2017 11:12:20 PM | Computer Name = Canaday | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Cryptographic Services failed while processing the OnIdentity() call
 in the System Writer Object.  Details: AddLegacyDriverFiles: Unable to back up image
 of binary Microsoft Link-Layer Discovery Protocol.  System Error: Access is denied.
.
 
[ System Events ]
Error - 6/2/2017 12:08:20 AM | Computer Name = Canaday | Source = DCOM | ID = 10016
Description = 
 
Error - 6/2/2017 5:32:24 PM | Computer Name = Canaday | Source = DCOM | ID = 10016
Description = 
 
Error - 6/2/2017 8:22:44 PM | Computer Name = Canaday | Source = DCOM | ID = 10016
Description = 
 
Error - 6/2/2017 8:27:35 PM | Computer Name = Canaday | Source = DCOM | ID = 10016
Description = 
 
Error - 6/2/2017 8:44:22 PM | Computer Name = Canaday | Source = DCOM | ID = 10016
Description = 
 
Error - 6/3/2017 6:35:38 PM | Computer Name = Canaday | Source = DCOM | ID = 10016
Description = 
 
Error - 6/3/2017 11:06:48 PM | Computer Name = Canaday | Source = DCOM | ID = 10016
Description = 
 
Error - 6/4/2017 6:43:00 PM | Computer Name = Canaday | Source = DCOM | ID = 10016
Description = 
 
Error - 6/4/2017 11:16:56 PM | Computer Name = Canaday | Source = DCOM | ID = 10016
Description = 
 
Error - 6/4/2017 11:17:58 PM | Computer Name = Canaday | Source = DCOM | ID = 10016
Description = 
 
 
< End of report >

Share this post


Link to post
Share on other sites

Hey Nathan, 

We need to Run an OTL fix !!
Warning This fix is only relevant for this system and no other, using on another computer may cause problems.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

    * Double-click OTL.exe to start the program.
    * Copy and Paste the following code into the http://img.photobucket.com/albums/v317/flashh4/Paste%20OTL%20script%20here.png  text box of the OTL tool/program ! Start with and include the colon plus  :OTL
Copy everthing in RED and Paste into the box in the OTL program !!
:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.


:Commands

[emptyjava]
[emptyflash]
[EMPTYTEMP]
[RESETHOSTS]
[CREATERESTOREPOINT]
[Reboot]


# Then click the Run Fix button at the top.
# Click http://img.photobucket.com/albums/v317/flashh4/btnOK.png[/IMG]
# Please post the contents of the fix log file back here if you are prompted to open the file. It can also be found at C:\_OTL\Moved Files as MMDDYYY_HHMMSS.log where MMDDYYY is date format and HHMMSS is time format.
Remember to enable your real time protection.

Post that log next !
Thanks
Chuck
 

Share this post


Link to post
Share on other sites

Nathan, i guess we will wrap this up tomorrow or when you post the OTL log ! I will then make one more post !!

Thanks

Chuck

Share this post


Link to post
Share on other sites

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_metadata folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\zh_TW folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\zh_CN folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\vi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\uk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\tr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\th folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\sv folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\sr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\sl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\sk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ru folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ro folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\pt_PT folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\pt_BR folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\pl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\no folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\nl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ms folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\lv folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\lt folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ko folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ja folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\it folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\id folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\hu folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\hi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\he folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\fr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\fil folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\fi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\et folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\es_419 folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\es folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\en_US folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\en_GB folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\el folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\de folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\da folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\cs folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ca folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\bg folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales\ar folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\_locales folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0 folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_metadata folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\zh_TW folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\zh_CN folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\vi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\uk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\tr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\th folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sv folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\sk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ru folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ro folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pt_PT folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pt_BR folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\pl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\no folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\nl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ms folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\lv folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\lt folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ko folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ja folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\it folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\id folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\hu folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\hi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\he folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fil folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\fi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\et folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\es_419 folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\es folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\en_US folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\en_GB folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\el folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\de folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\da folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\cs folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ca folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\bg folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales\ar folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\_locales folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0 folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_metadata folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\zh_TW folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\zh_CN folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\vi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\uk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\tr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\th folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sv folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\sk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ru folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ro folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pt_PT folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pt_BR folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\pl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\no folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\nl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ms folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\lv folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\lt folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ko folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ja folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\it folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\id folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hu folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\hi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\he folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fil folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\fi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\eu folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\et folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\es_419 folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\es folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\en_US folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\en_GB folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\el folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\de folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\da folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\cs folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ca folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\bg folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales\ar folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\_locales folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0 folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_metadata folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_TW folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\zh_CN folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\vi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\uk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\tr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\th folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sv folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\sk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ru folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ro folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_PT folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pt_BR folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\pl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\no folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\nl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lv folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\lt folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ko folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ja folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\it folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\id folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hu folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\hi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\he folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fil folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\fi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\es folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\en folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\el folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\de folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\da folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\cs folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ca folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\bg folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales\ar folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\_locales folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0 folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_metadata folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\zh_TW folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\zh_CN folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\uk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\tr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\sv folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\sl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\sk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\ru folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\ro folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\pt folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\pl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\nl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\nb folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\ko folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\ja folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\it folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\hu folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\hr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\fr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\fi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\eu folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\es folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\en_GB folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\en folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\de folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\da folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\cs folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales\ca folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\_locales folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\lib\libs folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\lib folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\data\js\libs folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\data\js folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\data\images folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\data\css folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\data folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0 folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_metadata folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\zh_TW folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\zh_CN folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\vi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\uk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\tr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\th folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\sv folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\sr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\sl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\sk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ru folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ro folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\pt_PT folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\pt_BR folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\pl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\no folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\nl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ms folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\lv folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\lt folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ko folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ja folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\it folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\id folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\hu folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\hi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\he folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\fr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\fil folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\fi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\et folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\es_419 folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\es folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\en_US folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\en_GB folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\el folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\de folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\da folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\cs folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ca folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\bg folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales\ar folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\_locales folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0 folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_metadata folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\zu folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\zh_TW folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\zh_HK folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\zh_CN folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\vi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ur folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\uk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\tr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\th folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\te folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ta folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sw folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sv folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\sk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\si folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ru folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ro folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\pt_PT folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\pt_BR folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\pl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\no folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\nl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ne folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ms folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\mr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\mn folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ml folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\lv folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\lt folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\lo folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ko folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\kn folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\km folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ka folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ja folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\iw folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\it folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\is folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\id folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hy folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hu folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\hi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\gu folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\gl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fr_CA folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fil folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\fa folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\eu folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\et folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\es_419 folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\es folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\en_US folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\en_GB folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\el folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\de folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\da folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\cs folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ca folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\bn folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\bg folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\az folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\ar folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\am folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales\af folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\_locales folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1 folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_metadata folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\zh_TW folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\zh_CN folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\vi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\uk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\tr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\th folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\sv folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\sr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\sl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\sk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\ru folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\ro folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\pt_PT folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\pt_BR folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\pl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\nl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\nb folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\lv folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\lt folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\ko folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\ja folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\it folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\id folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\hu folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\hr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\hi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\fr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\fil folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\fi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\et folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\es_419 folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\es folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\en_GB folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\en folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\el folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\de folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\da folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\cs folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\ca folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales\bg folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\_locales folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\images folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\html folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\css folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0 folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_metadata folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_TW folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\zh_CN folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\vi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\uk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\tr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\th folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\sk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\se folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ru folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ro folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_PT folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pt_BR folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\pl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\no folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\nl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lv folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\lt folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ko folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ja folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\it folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\id folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hu folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\hi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fil folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\fi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\es folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\en folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\el folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\de folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\da folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\cs folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ca folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\bg folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales\ar folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\_locales folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0 folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_metadata folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\zh_TW folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\zh folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\vi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\uk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\tr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\th folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\te folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\ta folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\sw folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\sv folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\sr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\sl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\sk folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\ru folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\ro folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\pt_PT folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\pt_BR folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\pt folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\pl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\nl folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\nb folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\ms folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\mr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\ml folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\lv folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\lt folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\ko folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\kn folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\ja folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\iw folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\it folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\id folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\hu folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\hr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\hi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\gu folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\fr folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\fil folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\fi folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\fa folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\et folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\es folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\en folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\el folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\de folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\da folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\cs folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\ca folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\bn folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\bg folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\ar folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales\am folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\_locales folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cloud_route_details folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\cast_setup folder moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0 folder moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== COMMANDS ==========
 
[EMPTYJAVA]
 
User: All Users
 
User: Canaday
->Java cache emptied: 50014 bytes
 
User: Default
 
User: Default User
 
User: Default.migrated
 
User: Public
 
Total Java Files Cleaned = 0.00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Canaday
->Flash cache emptied: 2620 bytes
 
User: Default
 
User: Default User
 
User: Default.migrated
 
User: Public
 
Total Flash Files Cleaned = 0.00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: Canaday
->Temp folder emptied: 190745937 bytes
->Temporary Internet Files folder emptied: 1356481 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 435095415 bytes
->Flash cache emptied: 0 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default.migrated
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 290224 bytes
%systemroot%\System32 (64bit) .tmp files removed: 27505920 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7378623 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 632.00 mb
 
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
 
OTL by OldTimer - Version 3.2.69.0 log created on 06042017_223739

Files\Folders moved on Reboot...
File\Folder C:\Users\Canaday\AppData\Local\Temp\etilqs_5b08LhCecjdniJg not found!
File\Folder C:\Users\Canaday\AppData\Local\Temp\etilqs_ts7akVxaYbkkFH7 not found!
File\Folder C:\Users\Canaday\AppData\Local\Temp\etilqs_wXBBUGzsYxzBPMp not found!
File move failed. C:\Users\Canaday\AppData\Local\Microsoft\Windows\INetCache\counters.dat scheduled to be moved on reboot.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
File\Folder C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Cache\f_01bfb7 not found!
File\Folder C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Cache\f_01bfb8 not found!
File\Folder C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Cache\f_01bfb9 not found!
C:\Users\Canaday\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.
File move failed. C:\WINDOWS\SysNative\SET365B.tmp scheduled to be moved on reboot.
File move failed. C:\WINDOWS\SysNative\SET42F9.tmp scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Share this post


Link to post
Share on other sites

Nathan, your logs show nothing bad on your computer just a bunch of vacated files/folders to clean up !! 

Clean up of Malware Removal Tools

Now that we are through using these tools, let's clean them off your system so that should you ever need to have malware removed again (we hope not) fresh, updated copies will be downloaded.

    Download Delfix to your desktop and double click it to start the program [url=http://api.viglink.com/api/click?format=go&jsonp=vglnk_jsonp_14102815956339&key=bf4adfcbb328b51c165afd7f95bfc060&libId=64704d6e-537a-4ac2-beea-64e5d35e3f5f&loc=http%3A%2F%2Fwww.geekstogo.com%2Fforum%2Ftopic%2F342065-very-slow-computer-aswmbr-rootkit-not-working%2Fpage-2&v=1&out=https%3A%2F%2Ftoolslib.net%2Fdownloads%2Fviewdownload%2F2-delfix%2F&ref=http%3A%2F%2Fwww.geekstogo.com%2Fforum%2Fforum%2F37-virus-spyware-malware-removal%2F&title=Very%20slow%20computer%2C%20aswMBR%20rootkit%20not%20working%20%5BClosed%5D%20-%20Page%202%20-%20Virus%2C%20Spyware%2C%20Malware%20Removal&txt=here]here[/url]             
    Ensure Remove disinfection tools is ticked
    Also tick:
    o Create registry backup
    o Purge system restore

    o Click Run
    The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.

You can delete any log files left on your desktop as these are no longer needed.


===================================

 
Congratulation you are clean !!! 

Any of the logs that you created for use in the forums or remaining tools that have not yet been removed can be deleted so they aren't cluttering up your desktop.

This is my standard "All Clean Speech." You may have some already installed, these are just recommendations !

Here are some tips to reduce the potential for spyware infection in the future:

Here are some tips to reduce the potential for spyware/malware infection in the future:
 
1. Make your Internet Explorer more secure - This can be done by following these simple instructions:

    From within Internet Explorer click on the Tools menu and then click onOptions.
    Click once on theSecurity tab
    Click once on the Internet icon so it becomes highlighted.
    Click once on the Custom Level button.
    Change the Download signed ActiveX controls to Prompt
    Change the Download unsigned ActiveX controls to Disable
    Change the Initialize and script ActiveX controls not marked as safe to Disable
    Change the Installation of desktop items to Prompt
    Change the Launching programs and files in an IFRAME to Prompt
    Change the Navigate sub-frames across different domains to Prompt
    When all these settings have been made, click on the OK button.
    If it prompts you as to whether or not you want to save the settings, press the Yes button.
    Next press the Apply button and then the OK to exit the Internet Properties page.

2. FireFox  If you use Firefox, I recommend installing the following add-ons to help make your Firefox browser more secure.
[url=https://addons.mozilla.org/en-US/firefox/addon/noscript/]NoScript[/url][/color]

[url= https://adblockplus.org/en/firefox] adblock plus[/url]

 
3. Use and update an anti-virus software - I can not overemphasize the need for you to use and update your anti-virus application on a regular basis.  With the ever increasing number of new variants of malware arriving on the scene daily, you become very susceptible to an attack without updated protection.
 
4. Firewall Using a third-party firewall will allow you to give/deny access for applications that want to go online. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can lower your risk greatly.   **There are firewalls that could be downloaded and used but I would personally only recommend using one of the following below:
[url=http://download.cnet.com/Online-Armor-Free/3000-10435_4-10426782.html]Online Armor Free[/url]
[url=http://download.cnet.com/Agnitum-Outpost-Firewall-Free/3000-10435_4-10913746.html]Agnitum Outpost Firewall Free [/url]
[url=http://personalfirewall.comodo.com/]Comodo Firewall Free [/url]
 
5. Make sure you keep your Windows OS current. And regularly to download and install any critical updates and service packs. Windows Vista/7 users can open the Start menu > All Programs > Windows Update > Check for Updates (in left hand task pane) to update these systems.  Without these you are leaving the back door open.
 
6.[url=http://www.mywot.com/]WOT[/url](Web of Trust) As "Googling" is such an integral part of internet life, this free browser add on warns you about risky websites that try to scam visitors, deliver malware or send spam. It is especially helpful when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites.  WOT has an add-on available for Firefox, Internet Explorer as well as Google Chrome.
 
7. Finally, I strongly recommend that you read Miekiemoes' great advice [url= http://users.telenet.be/bluepatchy/miekiemoes/prevention.html] How to prevent malware[/url] .

 It may run a tad slow until a few normal re-boots, but according to all logs you are clean !!

Thanks & Happy Surfing 
Chuck
 

Share this post


Link to post
Share on other sites

You are most welcome ! I will lock this topic in 5 days ! 

Thanks

Chuck

Share this post


Link to post
Share on other sites

This topic is now locked !! If for any reason you need it re-opened please PM me or any Mod !!

Thanks

Chuck

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this