LandzDown Forum

This is a friend's computer. I made some ordinary user's cleaning last year, but it seems now that it needs an expert's hand to find itself again.

These are the FRST logs:

FRST log (PART I)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by Rodoula (administrator) on NICROD (23-06-2018 12:28:05)
Running from C:\Users\Rodoula\Desktop
Loaded Profiles: Rodoula (Available Profiles: Rodoula)
Platform: Windows 10 Home Version 1803 17134.81 (X64) Language: Greek (Greece)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Integral\IntegralCrawler.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\NisSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Rodoula\AppData\Local\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Users\Rodoula\AppData\Local\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\OpenWith.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
(Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6839952 2014-10-20] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-28] (Synaptics Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491632 2012-09-10] (CyberLink Corp.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-3414196017-733389354-2935765532-1001\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-3414196017-733389354-2935765532-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1223560 2017-05-08] (Ruiware)
HKU\S-1-5-21-3414196017-733389354-2935765532-1001\...\Run: [Google Update] => C:\Users\Rodoula\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-18] (Google Inc.)
HKU\S-1-5-21-3414196017-733389354-2935765532-1001\...\RunOnce: [Uninstall 18.065.0329.0002\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rodoula\AppData\Local\Microsoft\OneDrive\18.065.0329.0002\amd64"
HKU\S-1-5-21-3414196017-733389354-2935765532-1001\...\RunOnce: [Uninstall 18.065.0329.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rodoula\AppData\Local\Microsoft\OneDrive\18.065.0329.0002"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6942086f-0ff7-4045-914f-fcdd1e88d71f}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{9c788798-6e50-42b9-9664-c6a77b4b0b36}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQALL13/23
HKU\S-1-5-21-3414196017-733389354-2935765532-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQALL13/23
SearchScopes: HKLM -> {21C9CF5C-D0AD-40E0-AD55-C33DF40F6E8D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://gr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://gr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKU\S-1-5-21-3414196017-733389354-2935765532-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://gr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll => No File
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll => No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll => No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)

FireFox:
========
FF DefaultProfile: glun30nm.default
FF ProfilePath: C:\Users\Rodoula\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\glun30nm.default [2018-06-20]
FF Homepage: Moonchild Productions\Pale Moon\Profiles\glun30nm.default -> hxxp://www.google.com
FF Extension: (Adblock Latitude) - C:\Users\Rodoula\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\glun30nm.default\Extensions\adblocklatitude@addons.palemoon.org.xpi [2018-04-10] [Legacy] [not signed]
FF Extension: (Youtube MP3 Podcaster) - C:\Users\Rodoula\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\glun30nm.default\Extensions\youtubemp3podcaster@jeremy.d.gregorio.com [2017-06-23] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-22] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-22] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin HKU\S-1-5-21-3414196017-733389354-2935765532-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Rodoula\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-3414196017-733389354-2935765532-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Rodoula\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> mysearch.avg.com
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> hxxps://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\Rodoula\AppData\Local\Google\Chrome\User Data\Default [2018-06-23]
CHR Extension: (Docs) - C:\Users\Rodoula\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-14]
CHR Extension: (AVG Secure Search) - C:\Users\Rodoula\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-10-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Rodoula\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-14]
CHR Extension: (Chrome Media Router) - C:\Users\Rodoula\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-07]
CHR Profile: C:\Users\Rodoula\AppData\Local\Google\Chrome\User Data\System Profile [2016-09-12]
CHR HKU\S-1-5-21-3414196017-733389354-2935765532-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656 2018-05-02] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
R2 Integral Crawler; C:\Program Files\Integral\IntegralCrawler.exe [3919224 2013-03-07] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136 2018-03-27] (Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-28] (Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-05-31] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-05-31] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-06-11] (Malwarebytes)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2018-04-12] (MediaTek Inc.)
S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-29] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-28] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-05-31] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313384 2018-05-31] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-05-31] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34960 2018-02-02] (HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-23 12:28 - 2018-06-23 12:29 - 000018553 _____ C:\Users\Rodoula\Desktop\FRST.txt
2018-06-23 12:27 - 2018-06-23 12:28 - 000000000 ____D C:\FRST
2018-06-23 12:25 - 2018-06-23 12:25 - 002412544 _____ (Farbar) C:\Users\Rodoula\Desktop\FRST64.exe
2018-06-23 12:19 - 2018-06-23 12:20 - 001773056 _____ (Farbar) C:\Users\Rodoula\Desktop\FRST.exe
2018-06-20 14:29 - 2018-06-20 14:29 - 004040172 _____ C:\Users\Rodoula\Downloads\christmas-after-party-escape (1).swf
2018-06-20 14:28 - 2018-06-20 14:28 - 004040172 _____ C:\Users\Rodoula\Downloads\Unconfirmed 276316.crdownload
2018-06-20 14:23 - 2018-06-20 14:24 - 040552456 _____ C:\Users\Rodoula\Downloads\(HQ) Seasons Of Love (Ζήσε με αγάπη) - RENT - New Video Clip (Σφεντόνα 2010-11).mp4
2018-06-11 20:40 - 2018-06-11 21:17 - 000136986 _____ C:\Users\Rodoula\Downloads\tf16410086.xlsx
2018-06-11 14:57 - 2018-06-11 14:57 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-06-11 14:56 - 2018-06-11 14:56 - 000001417 _____ C:\Users\Rodoula\Desktop\Microsoft Edge.lnk
2018-06-11 04:16 - 2018-06-13 18:48 - 000000000 ____D C:\Users\Rodoula\AppData\Local\PlaceholderTileLogoFolder
2018-06-11 02:22 - 2018-06-22 06:03 - 000000000 ____D C:\Windows.old
2018-06-11 02:15 - 2018-06-11 02:15 - 000000020 ___SH C:\Users\Rodoula\ntuser.ini
2018-06-11 02:14 - 2018-06-11 02:22 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-06-11 02:13 - 2018-06-23 12:24 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3414196017-733389354-2935765532-1001
2018-06-11 02:13 - 2018-06-18 21:10 - 000003254 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForRodoula
2018-06-11 02:13 - 2018-06-11 02:14 - 000003632 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-06-11 02:13 - 2018-06-11 02:14 - 000003524 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3414196017-733389354-2935765532-1001UA
2018-06-11 02:13 - 2018-06-11 02:14 - 000003256 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3414196017-733389354-2935765532-1001Core
2018-06-11 02:13 - 2018-06-11 02:14 - 000003106 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6DCF9C0B-E7D1-41C6-8526-B8BD81882856}
2018-06-11 02:13 - 2018-06-11 02:14 - 000002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3414196017-733389354-2935765532-1001
2018-06-11 02:13 - 2018-06-11 02:14 - 000002318 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3414196017-733389354-2935765532-500
2018-06-11 02:13 - 2018-06-11 02:14 - 000002316 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2018-06-11 02:13 - 2018-06-11 02:13 - 000003408 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-06-11 02:13 - 2018-06-11 02:13 - 000003016 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2018-06-11 02:13 - 2018-06-11 02:13 - 000002866 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2018-06-11 02:13 - 2018-06-11 02:13 - 000002352 _____ C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8
2018-06-11 02:13 - 2018-06-11 02:13 - 000002340 _____ C:\WINDOWS\System32\Tasks\MirageAgent
2018-06-11 02:13 - 2018-06-11 02:13 - 000002048 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2018-06-11 02:13 - 2018-06-11 02:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-06-11 02:13 - 2018-06-11 02:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD
2018-06-11 02:13 - 2018-06-11 02:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2018-06-11 02:13 - 2018-06-11 02:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2018-06-11 02:13 - 2012-12-26 03:47 - 000002320 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-666577921-3711047924-659843981-500
2018-06-11 02:13 - 2012-08-20 11:58 - 000003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-162013581-403268946-3148210563-500
2018-06-11 02:12 - 2018-06-11 02:14 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-06-11 02:11 - 2018-06-11 02:11 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-06-11 02:10 - 2018-06-11 02:13 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2018-06-11 02:10 - 2018-06-11 02:13 - 000007623 _____ C:\WINDOWS\diagerr.xml
2018-06-11 02:06 - 2018-06-11 02:06 - 025844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 022709248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 022001664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 020383712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 019399168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 013570560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 012712960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 011903488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 007582720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 006816848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 006567904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 006527568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 005782528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 004787960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 004563968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 004402768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 004336128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 002564984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 002536056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 002371392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-06-11 02:06 - 2018-06-11 02:06 - 002016256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-06-11 02:06 - 2018-06-11 02:06 - 001947808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 001271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 001097648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 001034096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 001017088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 001017056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 001012408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000988128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000861608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000861096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000788480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000786168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000713368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000653208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000457144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000416120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Analog.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSHEIF.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSHEIF.dll
2018-06-11 02:06 - 2018-06-11 02:06 - 000018716 _____ C:\WINDOWS\SysWOW64\srms-apr.dat
2018-06-11 02:05 - 2018-06-11 02:05 - 021389360 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 013873152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 009159064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-06-11 02:05 - 2018-06-11 02:05 - 008623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 007436632 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 006044104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 004372480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 004070400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 003733312 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 003655168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-06-11 02:05 - 2018-06-11 02:05 - 003440640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 003389952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 003283400 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 002961408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 002900480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 002896896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-06-11 02:05 - 2018-06-11 02:05 - 002836376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-06-11 02:05 - 2018-06-11 02:05 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 002699776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 002486984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 002422168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-06-11 02:05 - 2018-06-11 02:05 - 002366976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-06-11 02:05 - 2018-06-11 02:05 - 002178136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 002170368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001953280 _____ C:\WINDOWS\system32\rdpnano.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001800080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001767936 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001665920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001649760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001636352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001634808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001565592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001534976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001490144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001462288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001456616 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-06-11 02:05 - 2018-06-11 02:05 - 001454024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001426328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-06-11 02:05 - 2018-06-11 02:05 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-06-11 02:05 - 2018-06-11 02:05 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001209792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001191168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001174424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-06-11 02:05 - 2018-06-11 02:05 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001140576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-06-11 02:05 - 2018-06-11 02:05 - 001108992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001063320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-06-11 02:05 - 2018-06-11 02:05 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001034624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-06-11 02:05 - 2018-06-11 02:05 - 001033728 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-06-11 02:05 - 2018-06-11 02:05 - 001011968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000983008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-06-11 02:05 - 2018-06-11 02:05 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-06-11 02:05 - 2018-06-11 02:05 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2018-06-11 02:05 - 2018-06-11 02:05 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000941056 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000885848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2018-06-11 02:05 - 2018-06-11 02:05 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000792984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-06-11 02:05 - 2018-06-11 02:05 - 000788216 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000776880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000759192 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000748504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000735560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000722288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-06-11 02:05 - 2018-06-11 02:05 - 000707480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-06-11 02:05 - 2018-06-11 02:05 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-06-11 02:05 - 2018-06-11 02:05 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000665320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000613144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000606448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000604568 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-06-11 02:05 - 2018-06-11 02:05 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-06-11 02:05 - 2018-06-11 02:05 - 000567176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-06-11 02:05 - 2018-06-11 02:05 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000560488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2018-06-11 02:05 - 2018-06-11 02:05 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000473496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000434584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2018-06-11 02:05 - 2018-06-11 02:05 - 000413080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-06-11 02:05 - 2018-06-11 02:05 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000382872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-06-11 02:05 - 2018-06-11 02:05 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000347704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000308408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000286200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000269224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-06-11 02:05 - 2018-06-11 02:05 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2018-06-11 02:05 - 2018-06-11 02:05 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000193936 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-06-11 02:05 - 2018-06-11 02:05 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2018-06-11 02:05 - 2018-06-11 02:05 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000134552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000131232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000130456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-06-11 02:05 - 2018-06-11 02:05 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
2018-06-11 02:05 - 2018-06-11 02:05 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000105368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-06-11 02:05 - 2018-06-11 02:05 - 000101288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000094104 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000089984 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000088472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2018-06-11 02:05 - 2018-06-11 02:05 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000077040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2018-06-11 02:05 - 2018-06-11 02:05 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000018716 _____ C:\WINDOWS\system32\srms-apr.dat
2018-06-11 02:05 - 2018-06-11 02:05 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-06-11 02:05 - 2018-06-11 02:05 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-06-11 01:36 - 2018-06-11 01:36 - 000001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-06-11 01:36 - 2018-06-11 01:36 - 000000000 ____D C:\inetpub
2018-06-11 01:35 - 2018-06-11 02:22 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-06-11 01:35 - 2018-06-11 01:35 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-06-11 01:35 - 2018-06-11 01:35 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-06-11 01:35 - 2018-06-11 01:35 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-06-11 01:35 - 2018-06-11 01:35 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-06-11 01:35 - 2018-06-11 01:35 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-06-11 01:35 - 2018-06-11 01:35 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-06-11 01:35 - 2018-06-11 01:35 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-06-11 01:35 - 2018-06-11 01:35 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-06-11 01:35 - 2018-06-11 01:35 - 000000000 ____D C:\Program Files\MSBuild
2018-06-11 01:35 - 2018-06-11 01:35 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-06-11 01:33 - 2018-06-11 01:33 - 004492288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-06-11 01:33 - 2018-06-11 01:33 - 003398144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-06-11 01:33 - 2018-06-11 01:33 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-06-11 01:33 - 2018-06-11 01:33 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-06-11 01:33 - 2018-06-11 01:33 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2018-06-11 01:33 - 2018-06-11 01:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2018-06-11 01:33 - 2018-06-11 01:33 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2018-06-11 01:33 - 2018-06-11 01:33 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2018-06-11 01:32 - 2018-06-23 12:23 - 000002405 _____ C:\Users\Rodoula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-06-11 01:32 - 2018-06-11 02:15 - 000000000 ____D C:\Users\Rodoula
2018-06-11 01:32 - 2018-06-11 01:48 - 000000000 ____D C:\Users\Rodoula\Documents\hp.system.package.metadata
2018-06-11 01:32 - 2018-06-11 01:39 - 000000000 ____D C:\Users\Rodoula\AppData\Local\Microsoft Help
2018-06-11 01:32 - 2018-06-11 01:32 - 006238208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons000c.dll
2018-06-11 01:32 - 2018-06-11 01:32 - 006238208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons000c.dll
2018-06-11 01:32 - 2018-06-11 01:32 - 002356736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData000c.dll
2018-06-11 01:32 - 2018-06-11 01:32 - 002268672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData000c.dll
2018-06-11 01:32 - 2018-06-11 01:32 - 000000000 _SHDL C:\Users\Rodoula\Τα έγγραφά μου
2018-06-11 01:32 - 2018-06-11 01:32 - 000000000 _SHDL C:\Users\Rodoula\Documents\Τα βίντεό μου
2018-06-11 01:32 - 2018-06-11 01:32 - 000000000 _SHDL C:\Users\Rodoula\Documents\Οι εικόνες μου
2018-06-11 01:32 - 2018-06-11 01:32 - 000000000 _SHDL C:\Users\Rodoula\Documents\Η μουσική μου
2018-06-11 01:32 - 2018-06-11 01:32 - 000000000 _SHDL C:\Users\Rodoula\AppData\Roaming\Microsoft\Windows\Start Menu\Προγράμματα
2018-06-11 01:32 - 2015-10-09 08:19 - 000000000 ____D C:\Users\Rodoula\AppData\Roaming\TuneUp Software
2018-06-11 01:32 - 2014-11-04 21:31 - 000000000 ____D C:\Users\Rodoula\Documents\hp.applications.package.appdata
2018-06-11 01:32 - 2014-09-24 19:17 - 000000369 _____ C:\Users\Rodoula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2018-06-11 01:32 - 2014-09-24 19:17 - 000000369 _____ C:\Users\Rodoula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2018-06-11 01:31 - 2018-06-11 01:49 - 001678942 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-11 01:28 - 2018-06-11 01:28 - 000000000 ____D C:\ProgramData\USOShared
2018-06-11 01:28 - 2018-04-12 02:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-06-11 01:23 - 2018-06-22 17:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-06-11 01:23 - 2018-06-11 01:41 - 000413120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-06-05 13:10 - 2018-06-11 02:16 - 000000000 ___DC C:\WINDOWS\Panther
2018-05-28 09:28 - 2018-05-28 09:28 - 000035328 _____ C:\Users\Rodoula\Downloads\11_arithmitiki_grammi (1).pub
2018-05-28 08:45 - 2018-05-28 08:45 - 000620817 _____ C:\Users\Rodoula\Downloads\ACLASSJUNE2016.zip
2018-05-27 11:29 - 2018-05-27 11:37 - 159010449 _____ C:\Users\Rodoula\Downloads\math_a1.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-23 12:23 - 2014-11-05 15:05 - 000000000 __RDO C:\Users\Rodoula\OneDrive
2018-06-23 12:17 - 2018-04-12 02:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-06-23 12:15 - 2018-04-12 02:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-06-21 12:28 - 2015-10-10 11:14 - 000000000 ____D C:\Users\Rodoula\AppData\Roaming\vlc
2018-06-21 11:42 - 2018-04-12 02:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-20 21:59 - 2016-09-26 20:59 - 000000000 ____D C:\Users\Rodoula\Desktop\RODOULA5
2018-06-20 14:29 - 2018-04-12 02:36 - 000000000 ____D C:\WINDOWS\INF
2018-06-19 22:17 - 2016-10-19 22:11 - 000000000 ____D C:\ProgramData\MCShield
2018-06-18 21:10 - 2017-01-17 15:14 - 000000354 _____ C:\WINDOWS\Tasks\HPCeeScheduleForRodoula.job
2018-06-18 20:05 - 2017-12-22 18:41 - 000000000 ____D C:\Users\Rodoula\AppData\Roaming\dvdcss
2018-06-18 04:15 - 2018-04-12 02:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-06-18 04:15 - 2018-04-12 02:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-15 22:31 - 2018-04-12 02:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-06-13 05:45 - 2013-09-02 21:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-06-13 05:39 - 2017-10-12 18:47 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-13 05:39 - 2013-09-02 21:11 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-06-12 20:44 - 2018-05-14 14:32 - 000002544 _____ C:\Users\Rodoula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-12 20:44 - 2018-05-14 14:32 - 000002507 _____ C:\Users\Rodoula\Desktop\Google Chrome.lnk
2018-06-11 14:59 - 2018-02-06 21:14 - 000000000 ____D C:\Users\Rodoula\AppData\Local\Packages
2018-06-11 14:56 - 2018-04-12 02:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-06-11 03:57 - 2018-04-12 02:38 - 000000000 ____D C:\WINDOWS\appcompat
2018-06-11 02:22 - 2018-05-11 23:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-06-11 02:22 - 2018-04-12 02:41 - 000000000 ____D C:\WINDOWS\Setup
2018-06-11 02:22 - 2018-04-12 02:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-06-11 02:22 - 2018-04-12 02:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-06-11 02:22 - 2018-04-12 02:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-06-11 02:22 - 2018-04-12 02:38 - 000000000 ____D C:\WINDOWS\system32\spool
2018-06-11 02:22 - 2018-04-12 02:38 - 000000000 ____D C:\WINDOWS\system3

... Another problem here from me... And it's very very annoying!

Every time I'm trying to make something with a folder, I get the message that the action cannot be completed, as the folder is opened in another program. The problem is fixed, only with a restart, but: only one action can be done after a restart!

E.g.

I have two files and I want to move them in a folder. I get the message above. I restart the computer, and then, one of the two files gets into the folder. I'm trying to move the other one, I get the message. I restart the computer, and the second folder moves into the folder. I'm trying to rename the folder, I get the message! I restart the computer, and I can rename the folder!

I tried several things before decide to write about it here (http://www.thewindowsclub.com/action-cant-be-completed-because-file-is-open), but nothing seems to fix the problem! I noticed this issue a couple of months ago, but I didn't pay attention. Now I see that it's really a problem... Any suggestions?

In the Orthodox faith and tradition, today is one of the two Saturdays of the year dedicated to the souls of the fallen. We remember and pray for those who left us. Surely there are many people from different countries and cultures in this forum, but I think that most of us share similar thoughts about our beloved persons they have gone. For the LzD's fallen heroes, and for all those fallen ones we have in our mind,

https://www.youtube.com/watch?v=Ze0ad3XCkRA


Wings of a Butterfly

As I was walking deep in sorrow thinking about the times we shared
A butterfly danced round me, a white cloud in the evening air
And I knew that your soul was finally home and free
But it felt like a blessing, a message from you to me

Now you can fly, now you can soar
So high above this world where troubles are no more
The time has come to say goodbye
And let your soul go to heaven on the wings of a butterfly

Just a few days after they called us to a church to pray
Loved ones gathered round you to bless and send you on your way
And as I got up to speak, it suddenly caught my eye
White wings against the window, a beautiful butterfly...

Now you can fly, now you can soar
So high above this world where troubles are no more
This love of ours will never die
So let your soul go to heaven on the wings of a butterfly
One day we'll meet again in heaven and we'll fly like that butterfly

© Jimmy Scott/English Channel Music/Ascap

Every time I shut down my computer, I get the message that an app is preventing it from shut down:

Task Host Window

Task Host is stopping background tasks. Microsoft\Windows\Device Client\RegisterUserDevice

I read that this is possible to happen after an update. In fact, my update status is Checking for updates all the time. The last installed update is on April 6th (about Office 2013).

Is there anything I can do to stop this?

Hello. 

I have to fill some pdf forms, and I would like to ask if there is a way to do this, without using Adobe Acrobat software.

If you want to kill your time, try these pages:

1. Create sand made pictures:  https://thisissand.com/ 

2. Make the boss thinks that you are waiting the updates as long as you want:  http://fakeupdate.net/

3. Play 2048: https://gabrielecirulli.github.io/2048/

More coming soon. Do you have similar examples to share? 

Hello. 

This time, I would like to ask for your opinion about email clients.

I now use Thunderbird, but I like the appearance of the new Windows 10 Mail app. Although, I have read that this app does not provide the same levels of security, compared with Thunderbird.

What email client (if you use such one) do you use, and what is your recommendation? What about security? Cons and pros?

P.S. I think that I asked for opinions for this subject a couple of years ago. Then, I decided to stay with Thunderbird, but now I see that the new app has some improvements I like.

Perhaps I'm getting paranoic, but please, can you tell me what to do about this:

I'm working on my computer, and the last half an hour Eset warns me that two new devices are connected with my network (please see attachment). I called my sister to ask if they connected with my wifi, and the answer is no. There are also two unknown devices in the picture, connected one day ago. What does this mean?