Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.01.2019
Ran by jsmor_000 (administrator) on HOME-PC (23-01-2019 08:30:03)
Running from C:\Users\jsmor_000\Desktop
Loaded Profiles: Home & jsmor_000 (Available Profiles: Home & jsmor_000)
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
() C:\Program Files\pcmax\pcmax.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6160928 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [HP Quick Launch] => C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [451072 2010-01-18] (Hewlett-Packard Company)
HKLM\...\Run: [RtkOSD] => C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [995840 2010-01-12] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [153992 2013-10-01] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-11-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-16] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-02-22] (Hewlett-Packard Company)
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1.4\MySqlNotifier.exe [762368 2013-07-05] (Oracle Corporation)
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [Steam] => "C:\Program Files (x86)\PIE\Steam\steam.exe" -silent
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Run: [Dropbox Update] => C:\Users\Home\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3873563209-1122956-651633644-1001\...\MountPoints2: {d4113098-27de-11e4-beae-c80aa98b123f} - "G:\VZW_Software_upgrade_assistant.exe"
HKLM\...\Drivers32-x32: [msacm.l3codecp] => C:\WINDOWS\SysWOW64\l3codecp.acm [183808 2013-08-21] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [VIDC.FFDS] => ff_vfw.dll
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb] -> IIS Express Application Compatibility Database for x64
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\Custom64\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb [2012-05-29]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\WINDOWS\AppPatch\Custom\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-16] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll [2017-11-01] (Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
IFEO\dropbox.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2019-01-23]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-01-16]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Citrix Receiver.lnk [2014-06-06]
ShortcutTarget: Citrix Receiver.lnk -> C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc.)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-06-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\jsmor_000\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 d3oxij66pru1i3.cloudfront.net
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{204A0868-B3D7-4DE8-89AF-F9A9003EEA91}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{4A227A8D-58DE-4BC7-921D-CAC25201CFE1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AB6F3422-4053-469D-A1A2-576CF81A42F2}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{C96D715B-E051-44D5-9E78-456F2542A360}: [DhcpNameServer] 8.8.8.8 4.2.2.1
Tcpip\..\Interfaces\{D0CFED1C-7C39-402C-959F-C4557795326C}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3873563209-1122956-651633644-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3873563209-1122956-651633644-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.msn.com/
HKU\S-1-5-21-3873563209-1122956-651633644-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-3873563209-1122956-651633644-1007\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3873563209-1122956-651633644-1007\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.msn.com/
SearchScopes: HKLM-x32 -> DefaultScope {2CBA769A-317D-4FC5-A2EF-D226DD33326B} URL =
SearchScopes: HKLM-x32 -> {8DB226C8-BEAA-4008-931E-EC2450067D48} URL = hxxp://
www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM-x32 -> {9ABD6215-6543-4B66-91F8-5873CF7708C4} URL = hxxp://
www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3873563209-1122956-651633644-1001 -> DefaultScope {A32532F0-AECA-4184-8BF1-6832FB4A6594} URL = hxxp://
www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3873563209-1122956-651633644-1001 -> {A32532F0-AECA-4184-8BF1-6832FB4A6594} URL = hxxp://
www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-3873563209-1122956-651633644-1007 -> {8DB226C8-BEAA-4008-931E-EC2450067D48} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2013-03-05] (Sun Microsystems, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-03-05] (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-06-30] (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll => No File
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2019-01-16] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Updater For XFIN_PORTAL -> {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} -> C:\Program Files (x86)\xfin_portal\auxi\comcastAu.dll => No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2019-01-16] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-06-30] (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-3873563209-1122956-651633644-1001 -> No Name - {25E2E5C9-C43C-4EE8-B23E-4383915F2BCE} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc.)
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-03-21] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-16] ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_43 -> C:\Windows\system32\npdeployJava1.dll [2013-03-05] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2013-03-05] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2009-07-21] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2013-10-01] (Citrix Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2019-01-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2019-01-16] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3873563209-1122956-651633644-1001: @nsroblox.roblox.com/launcher -> C:\Users\Home\AppData\Local\Roblox\Versions\version-d2fd1d56447746e9\\NPRobloxProxy.dll [2012-12-31] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3873563209-1122956-651633644-1001: @nsroblox.roblox.com/launcher64 -> C:\Users\Home\AppData\Local\Roblox\Versions\version-d2fd1d56447746e9\\NPRobloxProxy64.dll [2012-12-31] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3873563209-1122956-651633644-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-11] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3873563209-1122956-651633644-1007: @nsroblox.roblox.com/launcher -> C:\Users\jsmor_000\AppData\Local\Roblox\Versions\version-e1544481252d4990\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default [2019-01-23]
CHR Extension: (Docs) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-17]
CHR Extension: (Google Drive) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-17]
CHR Extension: (YouTube) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-17]
CHR Extension: (Google Search) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-17]
CHR Extension: (Google Docs Offline) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-16]
CHR Extension: (Avast Online Security) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-01-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-17]
CHR Extension: (Gmail) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-17]
CHR Extension: (Chrome Media Router) - C:\Users\jsmor_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-23]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-16] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-16] (AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [9874528 2019-01-17] (AVAST Software)
S3 fussvc; C:\Program Files\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [File not signed]
S4 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [120832 2009-10-15] (Hewlett-Packard) [File not signed]
S4 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] () [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [22744 2014-10-15] (Microsoft Corporation)
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-02-22] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S4 MsDepSvc; C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe [88720 2014-05-05] (Microsoft Corporation)
R2 pcmaxservice; C:\Program Files\pcmax\pcmax.exe [241344 2014-05-29] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37304 2019-01-16] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [203488 2019-01-16] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [223056 2019-01-16] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196264 2019-01-16] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320888 2019-01-16] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58160 2019-01-16] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239808 2019-01-16] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46584 2019-01-16] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42488 2019-01-16] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166792 2019-01-19] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111992 2019-01-16] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88144 2019-01-16] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034056 2019-01-16] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474648 2019-01-16] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218056 2019-01-16] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380144 2019-01-16] (AVAST Software)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes)
S3 ManyCam; C:\WINDOWS\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-10] (ManyCam LLC)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-01-16] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [126624 2019-01-17] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72536 2019-01-17] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-01-17] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [113016 2019-01-23] (Malwarebytes)
S3 mcaudrv_simple; C:\WINDOWS\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-22] (Realtek Semiconductor Corp.)
R3 SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
U3 idsvc; no ImagePath
S1 MpKslaf8b41fa; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B315FCA1-C16F-465E-A068-27E427C3E3D7}\MpKslaf8b41fa.sys [X]
S1 qxdmsyrs; \??\C:\WINDOWS\system32\drivers\qxdmsyrs.sys [X]
S3 X6va019; \??\C:\WINDOWS\SysWOW64\Drivers\X6va019 [X]
S3 X6va022; \??\C:\WINDOWS\SysWOW64\Drivers\X6va022 [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-23 08:30 - 2019-01-23 08:31 - 000028929 _____ C:\Users\jsmor_000\Desktop\FRST.txt
2019-01-23 08:29 - 2019-01-23 08:30 - 000000000 ____D C:\FRST
2019-01-23 08:29 - 2019-01-23 08:29 - 000000000 ____D C:\Users\jsmor_000\Desktop\FRST-OlderVersion
2019-01-23 08:28 - 2019-01-23 08:29 - 002428416 _____ (Farbar) C:\Users\jsmor_000\Desktop\FRST64.exe
2019-01-17 18:07 - 2019-01-23 05:59 - 000113016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-01-17 18:07 - 2019-01-17 18:07 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-01-17 18:07 - 2019-01-17 18:07 - 000126624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-01-17 18:07 - 2019-01-17 18:07 - 000072536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-01-17 13:47 - 2019-01-02 14:05 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-17 13:47 - 2019-01-02 14:05 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-17 12:44 - 2018-03-26 18:24 - 000029352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2019-01-17 12:44 - 2018-03-26 18:17 - 000019088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2019-01-17 12:43 - 2018-03-26 18:24 - 000019088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2019-01-17 12:43 - 2018-03-26 18:17 - 000030888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2019-01-17 10:49 - 2018-11-28 03:34 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2019-01-17 10:49 - 2018-11-28 03:17 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2019-01-17 10:49 - 2018-10-12 14:51 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-17 10:49 - 2018-06-24 10:04 - 000504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-01-17 10:49 - 2017-12-10 08:46 - 007079424 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2019-01-17 10:49 - 2017-12-10 08:24 - 005275136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2019-01-17 10:49 - 2017-12-10 08:06 - 007797760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-01-17 10:49 - 2017-12-10 07:59 - 005270528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-01-17 10:49 - 2017-02-04 12:19 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2019-01-17 10:49 - 2014-10-28 19:45 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2019-01-17 10:48 - 2018-12-27 18:38 - 002902016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-17 10:48 - 2018-12-27 18:25 - 020279808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-17 10:48 - 2018-12-27 18:02 - 002295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-17 10:48 - 2018-12-27 17:48 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-01-17 10:48 - 2018-12-27 17:48 - 000728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-01-17 10:48 - 2018-12-27 17:48 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-01-17 10:48 - 2018-12-27 17:45 - 002135552 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-01-17 10:48 - 2018-12-27 17:33 - 004494848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-01-17 10:48 - 2018-12-27 17:29 - 013680640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-17 10:48 - 2018-12-27 17:29 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-01-17 10:48 - 2018-12-27 17:29 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-01-17 10:48 - 2018-12-27 17:29 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-01-17 10:48 - 2018-12-27 17:22 - 001555968 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-17 10:48 - 2018-12-27 17:07 - 001329664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-17 10:48 - 2018-12-08 15:22 - 002014152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-17 10:48 - 2018-12-08 00:56 - 001901896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-17 10:48 - 2018-11-28 03:08 - 015441408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-01-17 10:48 - 2018-11-28 03:04 - 013322240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-01-17 10:48 - 2018-11-10 14:42 - 001368584 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2019-01-17 10:48 - 2018-11-10 11:25 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2019-01-17 10:48 - 2018-09-23 11:20 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-01-17 10:48 - 2018-09-23 10:51 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-01-17 10:48 - 2018-05-22 23:13 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2019-01-17 10:48 - 2018-04-07 10:15 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-01-17 10:48 - 2018-03-09 13:57 - 000276816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-01-17 10:48 - 2018-01-02 00:58 - 001502000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-01-17 10:48 - 2017-11-08 10:55 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2019-01-17 10:48 - 2017-08-06 16:20 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-01-17 10:48 - 2017-08-06 02:13 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-01-17 10:48 - 2017-05-12 11:13 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-01-17 10:48 - 2017-05-11 21:48 - 001377792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-01-17 10:48 - 2017-04-06 11:35 - 001362432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2019-01-17 10:48 - 2016-11-10 21:33 - 001541240 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-01-17 10:48 - 2016-11-09 12:25 - 001376768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-01-17 10:48 - 2014-10-28 22:51 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-01-17 10:47 - 2018-12-27 19:01 - 025738240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-17 10:47 - 2018-12-27 18:31 - 005778944 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-01-17 10:47 - 2018-12-27 17:48 - 015284224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-17 10:47 - 2018-12-27 17:41 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-17 10:47 - 2018-12-27 17:33 - 004860416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-17 10:47 - 2018-12-27 17:24 - 000780800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-17 10:47 - 2018-12-27 17:11 - 004386816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-17 10:47 - 2018-12-08 15:22 - 007371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-17 10:47 - 2018-12-08 03:13 - 002534664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-17 10:47 - 2018-11-28 04:39 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-01-17 10:47 - 2018-11-03 10:25 - 002348032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-01-17 10:47 - 2018-11-03 10:11 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-01-17 10:47 - 2018-10-06 13:14 - 001547192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-01-17 10:47 - 2018-10-06 13:14 - 000388536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-01-17 10:47 - 2018-09-23 11:24 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-01-17 10:47 - 2018-09-23 11:23 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-01-17 10:47 - 2018-09-23 11:00 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-01-17 10:47 - 2018-09-23 10:53 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2019-01-17 10:47 - 2018-09-11 10:30 - 003718144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-01-17 10:47 - 2018-09-08 13:22 - 001737696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-01-17 10:47 - 2018-08-28 00:39 - 001491032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2019-01-17 10:47 - 2018-08-27 22:46 - 001764408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2019-01-17 10:47 - 2018-06-30 13:00 - 001113952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-01-17 10:47 - 2018-06-14 23:34 - 000923512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-01-17 10:47 - 2018-06-08 13:47 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-01-17 10:47 - 2018-06-08 12:54 - 000656384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-01-17 10:47 - 2018-06-08 12:53 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-01-17 10:47 - 2018-06-08 11:44 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-01-17 10:47 - 2018-04-07 10:34 - 002255360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-01-17 10:47 - 2018-03-10 11:21 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2019-01-17 10:47 - 2018-03-10 11:18 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2019-01-17 10:47 - 2018-03-09 16:20 - 000418640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-01-17 10:47 - 2018-01-10 09:48 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2019-01-17 10:47 - 2018-01-02 01:35 - 000989528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-01-17 10:47 - 2018-01-02 00:38 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2019-01-17 10:47 - 2017-07-07 22:16 - 000086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-01-17 10:47 - 2017-05-11 21:58 - 001985536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-01-17 10:47 - 2017-01-11 12:28 - 000422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-01-17 10:47 - 2014-10-28 20:20 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2019-01-17 10:46 - 2018-12-08 01:25 - 002173040 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-17 10:46 - 2018-12-08 00:32 - 001563376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-17 10:46 - 2018-12-08 00:06 - 006286336 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmwp.exe
2019-01-17 10:46 - 2018-12-07 22:49 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-17 10:46 - 2018-10-15 22:39 - 001662504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-01-17 10:46 - 2018-10-15 22:02 - 001214920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-01-17 10:46 - 2018-10-12 15:35 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-01-17 10:46 - 2018-10-05 12:06 - 001200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-01-17 10:46 - 2018-10-05 11:20 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-01-17 10:46 - 2018-09-23 11:47 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-01-17 10:46 - 2018-09-23 11:45 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-01-17 10:46 - 2018-09-23 11:37 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-01-17 10:46 - 2018-09-23 11:23 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-01-17 10:46 - 2018-09-23 11:17 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-01-17 10:46 - 2018-09-23 10:58 - 000904192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-01-17 10:46 - 2018-09-23 10:56 - 002551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-01-17 10:46 - 2018-09-23 10:50 - 000709632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-01-17 10:46 - 2018-09-12 13:30 - 000137008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-01-17 10:46 - 2018-09-05 10:33 - 013840896 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmms.exe
2019-01-17 10:46 - 2018-09-01 11:43 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-01-17 10:46 - 2018-08-29 23:21 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys
2019-01-17 10:46 - 2018-08-29 08:51 - 002451800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-01-17 10:46 - 2018-08-21 08:39 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-01-17 10:46 - 2018-07-29 08:44 - 001265664 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-01-17 10:46 - 2018-07-24 08:45 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-01-17 10:46 - 2018-06-24 10:11 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-01-17 10:46 - 2018-06-14 20:26 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-01-17 10:46 - 2018-06-14 20:22 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2019-01-17 10:46 - 2018-06-14 20:19 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-01-17 10:46 - 2018-06-11 11:36 - 003119616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-01-17 10:46 - 2018-06-09 11:26 - 002712064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-01-17 10:46 - 2018-06-08 13:26 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2019-01-17 10:46 - 2018-06-08 12:07 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2019-01-17 10:46 - 2018-05-24 16:29 - 000428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-01-17 10:46 - 2018-04-25 12:38 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-01-17 10:46 - 2018-04-22 03:06 - 000612600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-01-17 10:46 - 2018-04-07 11:43 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2019-01-17 10:46 - 2018-04-07 11:09 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2019-01-17 10:46 - 2018-04-06 16:27 - 000376656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-01-17 10:46 - 2018-03-28 20:06 - 002608640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2019-01-17 10:46 - 2018-03-28 20:05 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll