Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-09-2017 01 (
ATTENTION: ====> FRSTversion is 65 days old and could be outdated)
Ran by Julie (administrator) on JULIE-PC (21-11-2017 13:32:51)
Running from C:\Users\Julie\Desktop\Techspot\FRST-OlderVersion
Loaded Profiles: UpdatusUser & Julie & DefaultAppPool (Available Profiles: UpdatusUser & Julie & DefaultAppPool)
Platform: Windows 10 Home Version 1703 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Users\Julie\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Amazon Services LLC) C:\Users\Julie\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.XboxIdentityProvider_11.29.23003.0_x64__8wekyb3d8bbwe\XboxIdp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\AppVShNotify.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\imstrayicon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\bfgclient\bfggameservices.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-03] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-02-06] (Intel Corporation)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\athbttray.exe [801920 2012-12-27] (Atheros Commnucations)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-16] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1285704 2014-08-08] (CANON INC.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-860533698-1946648191-3752025309-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-21-860533698-1946648191-3752025309-1002\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Julie\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-860533698-1946648191-3752025309-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-860533698-1946648191-3752025309-1002\...\Run: [Amazon Music Helper] => C:\Users\Julie\AppData\Local\Amazon Music\Amazon Music Helper.exe [3981288 2017-11-13] (Amazon Services LLC)
HKU\S-1-5-21-860533698-1946648191-3752025309-1002\...\MountPoints2: {2f3a58a5-b38a-11e7-9daf-9cd21e5b043c} - "J:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-860533698-1946648191-3752025309-1002\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
Startup: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk [2015-08-24]
ShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\Julie\AppData\Roaming\VERIZON\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.203.226
Tcpip\..\Interfaces\{7c3e1ef1-f2d1-471c-a893-6d95b24f8432}: [DhcpNameServer] 192.168.0.1 205.171.203.226
Tcpip\..\Interfaces\{8d9c2332-e1b8-4bad-ac4b-91474b9c610b}: [DhcpNameServer] 192.168.0.1 205.171.203.226
Internet Explorer:
==================
HKU\S-1-5-21-860533698-1946648191-3752025309-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-860533698-1946648191-3752025309-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-860533698-1946648191-3752025309-1002 -> DefaultScope {22A73F88-9445-4103-BAC9-3A3DACC0DF07} URL = hxxps://
www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-860533698-1946648191-3752025309-1002 -> {22A73F88-9445-4103-BAC9-3A3DACC0DF07} URL = hxxps://
www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-860533698-1946648191-3752025309-1002 -> {B34E0CBB-5D9E-4AA1-8222-E1AA0A9C9439} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-09-05] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2017-09-05] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-09-05] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2012-12-27] (Atheros Commnucations)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Julie\AppData\Roaming\Mozilla\Firefox\Profiles\3tzwc4pk.default [2017-11-21]
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\3tzwc4pk.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\3tzwc4pk.default -> hxxps://
www.google.com/
FF Extension: (Activity Stream) - C:\Program Files (x86)\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi [2017-11-20] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-15] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-15] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-07-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-07-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-03-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-860533698-1946648191-3752025309-1002: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Julie\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-16] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-16] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [330832 2017-10-16] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058416 2017-09-05] (Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208760 2017-07-27] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294584 2017-07-27] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-07-27] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [230248 2017-05-01] (Dell Inc.)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-02-06] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2016-01-25] ()
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-07-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-07-16] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-10-27] (NVIDIA Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-03] (Realtek Semiconductor)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [53208 2017-09-22] (Dell Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-21] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [327296 2012-12-27] (Atheros) [File not signed]
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [183584 2017-11-21] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321032 2017-11-21] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [198968 2017-11-21] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343288 2017-11-21] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57728 2017-11-21] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47008 2017-11-21] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-01] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [148288 2017-11-21] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [570152 2017-11-21] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110376 2017-11-21] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84416 2017-11-21] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026232 2017-11-21] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [455376 2017-11-21] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203976 2017-11-21] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [364464 2017-11-21] (AVAST Software)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-06-20] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-06-20] (Dell Computer Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-01] ()
U1 lpsport; C:\Windows\System32\Drivers\lpsport.sys [61304 2017-11-15] ()
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193464 2017-11-20] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-11-20] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2017-11-20] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-11-20] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-11-21] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_desktop_ref4wu.inf_amd64_0109a19b5125cb43\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
U3 idsvc; no ImagePath
S3 vpnva; \SystemRoot\System32\drivers\vpnva64-6.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-21 12:19 - 2017-11-21 12:19 - 000002472 _____ C:\Users\Public\Desktop\Play Mystery Case Files - The Revenants Hunt Collectors Edition.lnk
2017-11-21 12:19 - 2017-11-21 12:19 - 000000000 ____D C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mystery Case Files - The Revenants Hunt Collectors Edition
2017-11-21 12:19 - 2017-11-21 12:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mystery Case Files - The Revenants Hunt Collectors Edition
2017-11-21 12:19 - 2017-11-21 12:19 - 000000000 ____D C:\Program Files (x86)\Mystery Case Files - The Revenants Hunt Collectors Edition
2017-11-21 09:21 - 2017-11-21 09:21 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys.151127409164002
2017-11-21 09:21 - 2017-11-21 09:20 - 000183584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2017-11-21 09:20 - 2017-11-21 09:20 - 000365168 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-11-20 12:18 - 2017-11-20 12:18 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-11-20 12:12 - 2017-11-20 12:25 - 000000000 ____D C:\AdwCleaner
2017-11-20 12:11 - 2017-11-20 12:12 - 008261584 _____ (Malwarebytes) C:\Users\Julie\Downloads\AdwCleaner.exe
2017-11-20 11:41 - 2017-11-21 12:22 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-11-20 11:41 - 2017-11-20 12:17 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-11-20 11:41 - 2017-11-20 12:17 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-11-20 11:41 - 2017-11-20 12:17 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-11-20 11:41 - 2017-11-20 11:41 - 000193464 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2017-11-20 11:41 - 2017-11-20 11:41 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-11-20 11:41 - 2017-11-20 11:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-20 11:41 - 2017-11-01 08:54 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-11-20 11:36 - 2017-11-20 11:39 - 078346672 _____ (Malwarebytes ) C:\Users\Julie\Downloads\mb3-setup-consumer-3.3.1.2183.exe
2017-11-20 10:48 - 2017-11-20 11:42 - 000000000 ____D C:\ProgramData\RogueKiller
2017-11-20 10:48 - 2017-11-20 10:48 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-11-20 10:48 - 2017-11-20 10:48 - 000000901 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-11-20 10:48 - 2017-11-20 10:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-11-20 10:48 - 2017-11-20 10:48 - 000000000 ____D C:\Program Files\RogueKiller
2017-11-20 10:44 - 2017-11-20 10:46 - 036141704 _____ (Adlice Software ) C:\Users\Julie\Downloads\RogueKiller_setup_ref3.exe
2017-11-19 13:24 - 2017-11-19 13:24 - 000002201 _____ C:\Users\Public\Desktop\Play The Timebuilders - Pyramid Rising.lnk
2017-11-19 13:24 - 2017-11-19 13:24 - 000000000 ____D C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Timebuilders - Pyramid Rising
2017-11-19 13:24 - 2017-11-19 13:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Timebuilders - Pyramid Rising
2017-11-19 13:24 - 2017-11-19 13:24 - 000000000 ____D C:\Program Files (x86)\The Timebuilders - Pyramid Rising
2017-11-19 13:23 - 2017-11-19 13:23 - 000000000 ____D C:\Users\Julie\AppData\Roaming\WendigoStudios
2017-11-19 13:21 - 2017-11-21 12:19 - 000001306 _____ C:\Users\Public\Desktop\More Great Games.lnk
2017-11-19 13:21 - 2017-11-19 13:21 - 000002243 _____ C:\Users\Public\Desktop\Play The Timebuilders - Caveman's Prophecy.lnk
2017-11-19 13:21 - 2017-11-19 13:21 - 000000000 ____D C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Timebuilders - Caveman's Prophecy
2017-11-19 13:21 - 2017-11-19 13:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Timebuilders - Caveman's Prophecy
2017-11-19 13:21 - 2017-11-19 13:21 - 000000000 ____D C:\Program Files (x86)\The Timebuilders - Caveman's Prophecy
2017-11-19 13:04 - 2017-11-19 13:04 - 000237568 _____ (Big Fish Games) C:\Users\Julie\Downloads\bigfishgames_p114428393_s1_l1.exe
2017-11-19 13:04 - 2017-11-19 13:04 - 000237568 _____ (Big Fish Games) C:\Users\Julie\Downloads\bigfishgames_p114160218_s1_l1.exe
2017-11-18 00:25 - 2017-11-18 02:23 - 000000000 ____D C:\ProgramData\FarmFrenzy3_Arctica
2017-11-17 22:20 - 2017-11-17 22:20 - 000000000 ____D C:\Users\Julie\AppData\Local\NVIDIA
2017-11-17 17:45 - 2017-11-17 17:45 - 000002491 _____ C:\Users\Public\Desktop\Play Redemption Cemetery - One Foot in the Grave Collector's Edition.lnk
2017-11-17 17:43 - 2017-11-17 17:45 - 000000000 ____D C:\Program Files (x86)\Redemption Cemetery - One Foot in the Grave Collector's Edition
2017-11-17 17:43 - 2017-11-17 17:43 - 000000000 ____D C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Redemption Cemetery - One Foot in the Grave Collector's Edition
2017-11-17 17:43 - 2017-11-17 17:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Redemption Cemetery - One Foot in the Grave Collector's Edition
2017-11-17 16:15 - 2017-11-17 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-11-17 16:14 - 2017-11-17 16:14 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-11-17 16:14 - 2017-11-09 05:39 - 000540784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-11-17 16:14 - 2017-11-09 05:39 - 000446392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-11-17 16:14 - 2017-10-27 11:06 - 000136312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-11-17 16:14 - 2017-09-13 18:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-11-17 16:14 - 2017-09-13 18:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-11-17 16:14 - 2017-09-13 18:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-11-17 16:14 - 2017-09-13 18:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-11-17 00:55 - 2017-11-17 00:55 - 000000000 ____D C:\Users\Julie\AppData\Roaming\AMAX Interactive
2017-11-16 11:46 - 2017-11-16 11:46 - 000662083 _____ C:\Users\Julie\Desktop\7 apps that are quietly killing your data plan - CNET.html
2017-11-16 11:46 - 2017-11-16 11:46 - 000000000 ____D C:\Users\Julie\Desktop\7 apps that are quietly killing your data plan - CNET_files
2017-11-16 09:57 - 2017-11-21 13:32 - 000000000 ____D C:\FRST
2017-11-16 09:56 - 2017-11-20 12:07 - 000000000 ____D C:\Users\Julie\Desktop\Techspot
2017-11-16 00:02 - 2017-11-16 00:02 - 000001212 _____ C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music.lnk
2017-11-15 20:20 - 2017-11-15 20:20 - 000000000 ____D C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adelantado Trilogy - Book Two
2017-11-15 20:20 - 2017-11-15 20:20 - 000000000 ____D C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adelantado Trilogy - Book One
2017-11-15 20:20 - 2017-11-15 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adelantado Trilogy - Book Two
2017-11-15 20:20 - 2017-11-15 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adelantado Trilogy - Book One
2017-11-15 20:20 - 2017-11-15 20:20 - 000000000 ____D C:\Program Files (x86)\Adelantado Trilogy - Book Two
2017-11-15 20:20 - 2017-11-15 20:20 - 000000000 ____D C:\Program Files (x86)\Adelantado Trilogy - Book One
2017-11-15 20:19 - 2017-11-15 20:19 - 000000000 ____D C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adelantado Trilogy - Book Three
2017-11-15 20:19 - 2017-11-15 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adelantado Trilogy - Book Three
2017-11-15 20:19 - 2017-11-15 20:19 - 000000000 ____D C:\Program Files (x86)\Adelantado Trilogy - Book Three
2017-11-15 16:18 - 2017-11-15 16:18 - 000000000 ____D C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vampire Legends - The Untold Story of Elizabeth Bathory
2017-11-15 16:18 - 2017-11-15 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vampire Legends - The Untold Story of Elizabeth Bathory
2017-11-15 16:07 - 2017-11-02 00:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-11-15 16:07 - 2017-11-02 00:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-15 16:07 - 2017-11-02 00:03 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-11-15 16:07 - 2017-11-01 23:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-11-15 16:07 - 2017-11-01 23:45 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-11-15 16:07 - 2017-11-01 23:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-11-15 16:07 - 2017-11-01 23:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-11-15 16:07 - 2017-11-01 23:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-11-15 16:07 - 2017-11-01 23:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-11-15 16:07 - 2017-11-01 23:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-11-15 16:07 - 2017-11-01 23:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-11-15 16:07 - 2017-11-01 23:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-15 16:07 - 2017-11-01 23:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-11-15 16:07 - 2017-11-01 23:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-11-15 16:07 - 2017-11-01 23:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-15 16:07 - 2017-11-01 23:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-11-15 16:07 - 2017-11-01 23:30 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-15 16:07 - 2017-11-01 23:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-11-15 16:07 - 2017-11-01 23:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-11-15 16:07 - 2017-11-01 23:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-15 16:07 - 2017-11-01 23:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-11-15 16:07 - 2017-11-01 23:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
2017-11-15 16:07 - 2017-11-01 23:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-11-15 16:07 - 2017-11-01 23:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-11-15 16:07 - 2017-11-01 23:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-11-15 16:07 - 2017-11-01 23:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2017-11-15 16:07 - 2017-11-01 23:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-11-15 16:07 - 2017-11-01 23:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-15 16:07 - 2017-11-01 23:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-11-15 16:07 - 2017-11-01 23:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-11-15 16:07 - 2017-11-01 23:24 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-15 16:07 - 2017-11-01 23:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-11-15 16:07 - 2017-11-01 23:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-11-15 16:07 - 2017-11-01 23:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-11-15 16:07 - 2017-11-01 23:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-15 16:07 - 2017-11-01 23:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-11-15 16:07 - 2017-11-01 23:22 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-15 16:07 - 2017-11-01 23:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-11-15 16:07 - 2017-11-01 23:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-11-15 16:07 - 2017-11-01 23:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-11-15 16:07 - 2017-10-25 02:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-15 16:07 - 2017-10-15 10:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-11-15 16:07 - 2017-10-15 10:03 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-15 16:07 - 2017-10-15 10:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-11-15 16:07 - 2017-10-15 09:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-11-15 16:07 - 2017-10-15 09:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-11-15 16:07 - 2017-10-15 09:45 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-11-15 16:07 - 2017-10-15 09:44 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-11-15 16:07 - 2017-10-15 09:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-11-15 16:07 - 2017-10-15 09:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-11-15 16:07 - 2017-10-15 09:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-11-15 16:07 - 2017-10-15 09:41 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-11-15 16:07 - 2017-10-15 09:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-11-15 16:07 - 2017-10-15 09:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-11-15 16:06 - 2017-11-02 00:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-15 16:06 - 2017-11-01 23:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-11-15 16:06 - 2017-11-01 23:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-11-15 16:06 - 2017-11-01 23:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-15 16:06 - 2017-11-01 23:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-15 16:06 - 2017-11-01 23:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-11-15 16:06 - 2017-11-01 23:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-11-15 16:06 - 2017-11-01 23:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2017-11-15 16:06 - 2017-11-01 23:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-15 16:06 - 2017-11-01 23:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2017-11-15 16:05 - 2017-11-02 00:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-11-15 16:05 - 2017-11-02 00:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-11-15 16:05 - 2017-11-02 00:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-15 16:05 - 2017-11-01 23:44 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-15 16:05 - 2017-11-01 23:34 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-15 16:05 - 2017-11-01 23:31 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-15 16:05 - 2017-11-01 23:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-15 16:05 - 2017-11-01 23:29 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-15 16:05 - 2017-11-01 23:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-11-15 16:05 - 2017-11-01 23:29 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-15 16:05 - 2017-11-01 23:28 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-15 16:05 - 2017-11-01 23:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-15 16:05 - 2017-11-01 23:26 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-15 16:05 - 2017-11-01 23:26 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-15 16:05 - 2017-11-01 23:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-15 16:05 - 2017-11-01 23:25 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-15 16:05 - 2017-11-01 23:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-11-15 16:05 - 2017-11-01 23:22 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-15 16:05 - 2017-11-01 23:21 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-15 16:05 - 2017-11-01 23:21 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-15 16:05 - 2017-10-15 09:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-11-15 16:05 - 2017-10-15 09:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-11-15 16:05 - 2017-10-15 09:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-11-15 16:05 - 2017-10-15 09:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-11-15 16:04 - 2017-11-02 00:16 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-15 16:04 - 2017-11-02 00:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-15 16:04 - 2017-11-02 00:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-15 16:04 - 2017-11-02 00:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-11-15 16:04 - 2017-11-02 00:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-15 16:04 - 2017-11-02 00:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-15 16:04 - 2017-11-02 00:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-11-15 16:04 - 2017-11-02 00:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-11-15 16:04 - 2017-11-02 00:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-15 16:04 - 2017-11-02 00:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-11-15 16:04 - 2017-11-01 23:34 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-11-15 16:04 - 2017-11-01 23:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-11-15 16:04 - 2017-11-01 23:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-11-15 16:04 - 2017-11-01 23:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-11-15 16:04 - 2017-11-01 23:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-11-15 16:04 - 2017-11-01 23:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-11-15 16:04 - 2017-11-01 23:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-15 16:04 - 2017-11-01 23:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-11-15 16:04 - 2017-11-01 23:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-11-15 16:04 - 2017-11-01 23:25 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-11-15 16:04 - 2017-11-01 23:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-11-15 16:04 - 2017-11-01 23:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-11-15 16:04 - 2017-11-01 23:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-11-15 16:04 - 2017-10-15 09:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-15 16:04 - 2017-10-15 09:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-11-15 16:04 - 2017-10-15 09:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-15 16:04 - 2017-10-15 09:04 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-11-15 16:04 - 2017-10-15 09:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-15 16:03 - 2017-11-02 00:21 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-11-15 16:03 - 2017-11-02 00:21 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-11-15 16:03 - 2017-11-02 00:21 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-15 16:03 - 2017-11-02 00:21 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-11-15 16:03 - 2017-11-02 00:21 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-11-15 16:03 - 2017-11-02 00:21 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-15 16:03 - 2017-11-02 00:20 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-11-15 16:03 - 2017-11-02 00:20 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-15 16:03 - 2017-11-02 00:20 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-15 16:03 - 2017-11-02 00:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-11-15 16:03 - 2017-11-02 00:20 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-11-15 16:03 - 2017-11-02 00:20 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-15 16:03 - 2017-11-02 00:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe