Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07.01.2019 Ran by SYSTEM on MININT-65A3E0I (08-01-2019 13:47:39) Running from F:\ Platform: Windows 10 Pro Version 1803 17134.471 (X64) Language: English (United States) Internet Explorer Version 11 Boot Mode: Recovery Default: ControlSet001 [b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b] Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation) HKLM\...\Run: [NerveCenterTray] => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe [258400 2017-09-29] (Lenovo(beijing) Limited) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-17] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-17] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-17] (Realtek Semiconductor) HKLM\...\Run: [DisplayLinkUI] => "C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe" -basicMode HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated) HKLM\...\Run: [AvastUI.exe] => "d:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui HKLM\...\Run: [Sophos UI.exe] => C:\Program Files\Sophos\Sophos UI\Sophos UI.exe [2915072 2018-09-04] (Sophos Limited) HKLM\...\Run: [APP] => C:\Program Files\Dolby\Dolby DAX3\APP\DAX3TrayIcon.exe [988976 2017-09-19] (Dolby Laboratories, Inc.) HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-06-18] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5524336 2013-06-19] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4049216 2018-12-12] (Dropbox, Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2018-09-12] (Adobe Inc.) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => "D:\Program Files (x86)\Acrobat DC\Acrobat\Acrotray.exe" HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [3956368 2018-12-12] (Webroot) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [588288 2016-01-08] (Nikon Corporation) HKLM-x32\...\Run: [openvpn-gui] => C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe [620088 2017-07-03] () HKLM-x32\...\Run: [AvastUI.exe] => "d:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:windowsupdate HKU\Default\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation) HKU\Default User\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation) HKU\labtech\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation) HKU\labtech\...\Policies\Explorer: [NoWindowsUpdate] 1 HKU\WillPLocal\...\Policies\Explorer: [HideSCANetwork] 0 HKU\WillPLocal\...\Policies\Explorer: [NoWindowsUpdate] 1 HKU\willp_1nk\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd) HKU\willp_1nk\...\Policies\Explorer: [NoWindowsUpdate] 1 AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~3\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [235928 2018-10-17] (Sophos Limited) AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~3\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [207864 2018-10-17] (Sophos Limited) AppInit_DLLs-x32: ,C:\PROGRA~2\Sophos\SOPHOS~3\\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\\sophos_detoured.dll [207864 2018-10-17] (Sophos Limited) GroupPolicy\User: Restriction ? <==== ATTENTION ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-12] (Adobe Inc.) S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems, Incorporated) S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems, Incorporated) S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522536 2018-12-10] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-07-25] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-07-25] (Dropbox, Inc.) S2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-12-12] (Dropbox, Inc.) S2 Dolby DAX API Service; C:\Program Files\Dolby\Dolby DAX3\API\DAX3API.exe [212784 2017-09-19] () S2 ETDService; C:\Program Files\Elantech\ETDService.exe [134880 2017-08-21] (ELAN Microelectronics Corp.) S2 ForensiTAppxService; C:\Program Files (x86)\ForensiT\AppX Management Service\ForensiTAppxService.exe [36352 2018-08-01] () S3 GameRecorderSVC; C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe [458592 2017-09-29] (Lenovo(beijing) Limited) S2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [4784704 2018-09-04] (SurfRight B.V.) S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2410672 2017-11-27] (Intel Corporation) S2 ibtsiva; C:\Windows\system32\ibtsiva.exe [535592 2018-02-10] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Corporation) S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-08] (Intel Corporation) S2 LTService; C:\WINDOWS\LTSvc\LTSVC.exe [2386872 2018-03-12] (LabTech Software) S2 LTSvcMon; C:\WINDOWS\LTSvc\LTSvcMon.exe [277432 2018-03-12] (LabTech Software) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes) S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2015-10-30] (HP Inc.) S2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation) S3 OpenVPNService; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [96104 2017-07-03] (The OpenVPN Project) S2 OpenVPNServiceInteractive; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [96104 2017-07-03] (The OpenVPN Project) S2 PluginLoaderSvc; C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe [1016672 2017-09-29] (Lenovo(beijing) Limited) S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2015-10-30] (HP Inc.) S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268336 2018-10-17] (Realtek Semiconductor) S2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [251984 2018-10-17] (Sophos Limited) S2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [225000 2018-10-17] (Sophos Limited) S2 ScreenConnect Client (fed23689d5ebe2bf); C:\Program Files (x86)\ScreenConnect Client (fed23689d5ebe2bf)\ScreenConnect.ClientService.exe [90768 2017-04-13] () S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-26] (Microsoft Corporation) S2 SntpService; C:\Program Files\Sophos\Sophos Network Threat Protection\SntpService.exe [2425568 2018-08-17] (Sophos Limited) S2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [775696 2018-06-08] (Sophos Limited) S2 Sophos Clean Service; C:\Program Files (x86)\Sophos\Clean\Clean.exe [1185544 2018-09-04] (Sophos Limited) S3 Sophos Device Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sdcservice.exe [549224 2018-10-17] (Sophos Limited) S2 Sophos Device Encryption Service; C:\Program Files (x86)\Sophos\Sophos Data Protection\Sophos.Encryption.BitLockerService.exe [34520 2018-07-16] (Sophos Limited) S2 Sophos Endpoint Defense Service; C:\Program Files\Sophos\Endpoint Defense\SEDService.exe [1683752 2018-10-16] (Sophos Limited) S2 Sophos File Scanner Service; C:\Program Files\Sophos\Sophos File Scanner\SophosFS.exe [1767448 2018-09-07] (Sophos Limited) S2 Sophos Health Service; C:\Program Files (x86)\Sophos\Health\Health.exe [1813552 2018-08-16] (Sophos Limited) S2 Sophos MCS Agent; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe [1357024 2018-08-28] (Sophos Limited) S2 Sophos MCS Client; C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe [1902488 2018-08-28] (Sophos Limited) S2 Sophos Safestore Service; C:\Program Files\Sophos\Safestore\Safestore64.exe [761184 2018-09-04] (Sophos Limited) S2 Sophos System Protection Service; C:\Program Files\Sophos\Endpoint Defense\SSPService.exe [13003712 2018-10-16] (Sophos Limited) S2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [360040 2018-10-17] (Sophos Limited) S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () S2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [475384 2018-10-17] (Sophos Limited) S2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3623528 2018-10-17] (Sophos Limited) S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2250472 2017-06-20] (Intel Corporation) S2 tvnserver; C:\WINDOWS\LTSvc\labvnc.exe [1640736 2018-08-03] (LabTech) S2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-06-19] (Western Digital Technologies, Inc.) S2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270192 2013-06-18] (Western Digital Technologies, Inc.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-10] (Microsoft Corporation) S2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-10] (Microsoft Corporation) S2 WRSVC; C:\Program Files\Webroot\WRSA.exe [3956368 2018-12-12] (Webroot) S3 aswbIDSAgent; "d:\Program Files\AVAST Software\Avast\aswidsagent.exe" [X] S2 avast! Antivirus; "d:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X] S3 AvastWscReporter; "d:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc [X] S2 ImControllerService; "%SystemDrive%\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" [X] S2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r S2 TeamViewer; "d:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe" [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-07] () S3 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-07] () S3 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [220688 2019-01-07] () S3 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-07] () S3 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-07] () S3 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-07] () S0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15488 2019-01-07] (AVAST Software) S1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-07] () S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-07] () S1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-07] () S2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166472 2019-01-07] () S3 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-07] () S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-07] () S3 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-07] () S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-07] () S3 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-07] () S3 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-07] () S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) S3 dlcdcncm; C:\Windows\System32\drivers\dlcdcncm62_x64.sys [92400 2017-05-29] (DisplayLink Corp.) S3 dlusbaudio; C:\Windows\system32\DRIVERS\dlusbaudio_x64.sys [238320 2017-05-29] (DisplayLink Corp.) S3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [32336 2017-08-21] (ELAN Microelectronic Corp.) S3 FBNetFilter; C:\Windows\system32\Drivers\FBNetFlt.sys [55256 2017-09-29] (Lenovo(beijing) Limited) S1 googledrivefs2544; C:\Windows\System32\DRIVERS\googledrivefs2544.sys [120784 2018-10-19] (Google, Inc.) S1 hmpalert; C:\WINDOWS\system32\drivers\hmpalert.sys [304112 2018-12-21] (SurfRight B.V.) S3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [98968 2017-10-15] (Intel Corporation) S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [69632 2017-11-27] (Intel Corporation) S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136128 2018-02-10] (Intel Corporation) S3 ITEHIDfilter; C:\Windows\System32\drivers\ITEHIDfilter.sys [28104 2017-10-30] (ITE Tech. Inc. ) S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [42848 2017-10-30] (hxxp://libusb-win32.sourceforge.net) S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [261032 2019-01-04] (Malwarebytes) S3 mt7612US_bc; C:\Windows\System32\drivers\mt7612US_bc.sys [400880 2017-05-30] (MediaTek Inc.) S3 Netwtw06; C:\Windows\system32\DRIVERS\Netwtw06.sys [8752120 2018-05-02] (Intel Corporation) S3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_1f73e70a98343fe5\nvlddmkm.sys [20365000 2018-11-05] (NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation) S3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [74576 2018-11-02] (NVIDIA Corporation) S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1010648 2017-12-13] (Realtek ) S3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3236808 2018-02-06] (Realtek Semiconductor Corp.) S1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [204328 2018-10-17] (Sophos Limited) S3 sdcfilter; C:\Windows\system32\DRIVERS\sdcfilter.sys [38144 2018-10-17] (Sophos Limited) S1 sntp; C:\Windows\system32\DRIVERS\sntp.sys [142912 2018-08-17] (Sophos Limited) S0 Sophos ELAM; C:\Windows\System32\DRIVERS\SophosEL.sys [19960 2018-10-16] (Sophos Limited) S0 Sophos Endpoint Defense; C:\Windows\System32\DRIVERS\SophosED.sys [912360 2018-10-16] (Sophos Limited) S4 SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [45840 2018-10-17] (Sophos Limited) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S1 swi_callout; C:\Windows\system32\DRIVERS\swi_callout.sys [47760 2018-10-17] (Sophos Limited) S5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2015-05-24] (Seiko Epson Corporation) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46680 2018-12-10] (Microsoft Corporation) S0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [330936 2018-12-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-10] (Microsoft Corporation) S0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [128216 2018-08-20] (Webroot) S3 wrUrlFlt; C:\WINDOWS\system32\DRIVERS\wrUrlFlt.sys [68896 2018-08-03] (Webroot) S3 aswbdisk; no ImagePath S4 warpview; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-01-08 13:45 - 2019-01-08 13:45 - 000000000 ____D C:\FRST 2019-01-07 09:19 - 2019-01-07 09:19 - 000000000 ___HD C:\$SysReset 2019-01-07 05:51 - 2019-01-07 05:50 - 000361352 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe 2019-01-07 05:51 - 2019-01-07 05:49 - 000320888 _____ C:\Windows\System32\Drivers\aswblog.sys 2019-01-07 05:51 - 2019-01-07 05:49 - 000220688 _____ C:\Windows\System32\Drivers\aswbidsdriver.sys 2019-01-07 05:51 - 2019-01-07 05:49 - 000196264 _____ C:\Windows\System32\Drivers\aswbidsh.sys 2019-01-07 05:51 - 2019-01-07 05:49 - 000058160 _____ C:\Windows\System32\Drivers\aswbuniv.sys 2019-01-07 05:51 - 2019-01-07 05:49 - 000037304 _____ C:\Windows\System32\Drivers\aswArDisk.sys 2019-01-04 10:25 - 2019-01-04 10:25 - 2265119116 _____ C:\Windows\MEMORY.DMP 2019-01-04 10:25 - 2019-01-04 10:25 - 002054028 _____ C:\Windows\Minidump\010419-12312-01.dmp 2019-01-03 14:51 - 2019-01-03 14:51 - 000000000 ____D C:\Program Files\Dolby 2019-01-03 14:51 - 2019-01-03 14:51 - 000000000 ____D C:\Program Files\Common Files\Dolby 2019-01-03 14:49 - 2019-01-03 14:49 - 000000000 ____D C:\Windows\LastGood.Tmp 2019-01-03 14:49 - 2018-10-17 22:08 - 003677232 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RTSnMg64.cpl 2019-01-03 14:49 - 2018-10-17 22:08 - 003159488 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtPgEx64.dll 2019-01-03 14:49 - 2018-10-17 22:08 - 002930224 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RCoInstII64.dll 2019-01-03 14:49 - 2018-10-17 22:07 - 007178544 _____ (Dolby Laboratories) C:\Windows\System32\R4EEP64A.dll 2019-01-03 14:49 - 2018-10-17 22:07 - 007101608 _____ (Dolby Laboratories) C:\Windows\System32\DDPP64A.dll 2019-01-03 14:49 - 2018-10-17 22:07 - 003319280 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtkApi64.dll 2019-01-03 14:49 - 2018-10-17 22:07 - 001159048 _____ (Dolby Laboratories) C:\Windows\System32\DolbyDAX2APOProp.dll 2019-01-03 14:49 - 2018-10-17 22:07 - 000453144 _____ (Dolby Laboratories) C:\Windows\System32\R4EED64A.dll 2019-01-03 14:49 - 2018-10-17 22:07 - 000378248 _____ (Dolby Laboratories) C:\Windows\System32\HiFiDAX2API.dll 2019-01-03 14:49 - 2018-10-17 22:07 - 000343576 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtlCPAPI64.dll 2019-01-03 14:49 - 2018-10-17 22:07 - 000157208 _____ (Dolby Laboratories) C:\Windows\System32\R4EEL64A.dll 2019-01-03 14:49 - 2018-10-17 22:07 - 000139624 _____ (Dolby Laboratories) C:\Windows\System32\R4EEA64A.dll 2019-01-03 14:49 - 2018-10-17 22:07 - 000122184 _____ (Real Sound Lab SIA) C:\Windows\System32\CONEQMSAPOGUILibrary.dll 2019-01-03 14:49 - 2018-10-17 22:07 - 000090040 _____ (Dolby Laboratories) C:\Windows\System32\R4EEG64A.dll 2019-01-03 14:49 - 2018-10-17 22:06 - 005347056 _____ (Dolby Laboratories) C:\Windows\System32\DolbyDAX2APOv211.dll 2019-01-03 14:49 - 2018-10-17 22:06 - 001971424 _____ (Dolby Laboratories) C:\Windows\System32\DDPD64A.dll 2019-01-03 14:49 - 2018-10-17 22:06 - 001544312 _____ (Dolby Laboratories) C:\Windows\System32\DAX3APOProp.dll 2019-01-03 14:49 - 2018-10-17 22:06 - 000333072 _____ (Dolby Laboratories) C:\Windows\System32\DDPO64A.dll 2019-01-03 14:49 - 2018-10-17 21:41 - 023174577 _____ C:\Windows\System32\Drivers\RTAIODAT.DAT 2018-12-24 05:19 - 2019-01-07 05:51 - 000000000 ____D C:\Windows\CryptoGuard 2018-12-24 05:19 - 2019-01-04 10:25 - 000261032 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbamswissarmy.sys 2018-12-21 12:36 - 2019-01-04 13:34 - 000000000 ____D C:\ProgramData\HitmanPro.Alert 2018-12-21 12:36 - 2018-12-21 12:36 - 001275560 _____ (SurfRight B.V.) C:\Windows\System32\hmpalert.dll 2018-12-21 12:36 - 2018-12-21 12:36 - 000894176 _____ (SurfRight B.V.) C:\Windows\SysWOW64\hmpalert.dll 2018-12-21 12:36 - 2018-12-21 12:36 - 000304112 _____ (SurfRight B.V.) C:\Windows\System32\Drivers\hmpalert.sys 2018-12-21 12:36 - 2018-12-21 12:36 - 000000000 ____D C:\Program Files (x86)\HitmanPro.Alert 2018-12-21 12:36 - 2018-08-17 10:12 - 000142912 _____ (Sophos Limited) C:\Windows\System32\Drivers\sntp.sys 2018-12-21 12:35 - 2018-10-17 07:18 - 000047760 _____ (Sophos Limited) C:\Windows\System32\Drivers\swi_callout.sys 2018-12-21 12:35 - 2018-10-17 07:18 - 000044304 _____ (Sophos Limited) C:\Windows\System32\SophosBootTasks.exe 2018-12-21 12:34 - 2018-12-21 12:36 - 000000000 ____D C:\Program Files\Sophos 2018-12-21 12:34 - 2018-12-21 12:34 - 000000000 ____D C:\Program Files\Common Files\Sophos 2018-12-21 12:34 - 2018-10-17 07:18 - 000204328 _____ (Sophos Limited) C:\Windows\System32\Drivers\savonaccess.sys 2018-12-21 12:34 - 2018-10-17 07:18 - 000176120 _____ (Sophos Limited) C:\Windows\System32\sdccoinstaller.dll 2018-12-21 12:34 - 2018-10-17 07:18 - 000045840 _____ (Sophos Limited) C:\Windows\System32\Drivers\SophosBootDriver.sys 2018-12-21 12:34 - 2018-10-17 07:18 - 000038144 _____ (Sophos Limited) C:\Windows\System32\Drivers\sdcfilter.sys 2018-12-21 12:34 - 2018-10-16 15:16 - 000912360 _____ (Sophos Limited) C:\Windows\System32\Drivers\SophosED.sys 2018-12-21 12:34 - 2018-10-16 15:16 - 000049088 _____ (Sophos Limited) C:\Windows\System32\SophosNA.exe 2018-12-21 12:34 - 2018-10-16 15:16 - 000039713 _____ C:\Windows\System32\Drivers\SophosED.man 2018-12-21 12:34 - 2018-10-16 15:16 - 000019960 _____ (Sophos Limited) C:\Windows\System32\Drivers\SophosEL.sys 2018-12-21 12:31 - 2018-12-24 05:20 - 000000000 ____D C:\ProgramData\Sophos 2018-12-21 12:13 - 2018-12-21 12:37 - 000000000 ____D C:\Program Files (x86)\Sophos 2018-12-21 03:08 - 2018-12-21 03:08 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2018-12-17 22:10 - 2018-12-08 04:42 - 001634944 _____ (Microsoft Corporation) C:\Windows\System32\gdi32full.dll 2018-12-17 22:10 - 2018-12-08 04:41 - 002394960 _____ (Microsoft Corporation) C:\Windows\System32\WMVCORE.DLL 2018-12-17 22:10 - 2018-12-08 04:40 - 001454648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll 2018-12-17 22:10 - 2018-12-08 04:28 - 012710400 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2018-12-17 22:10 - 2018-12-08 04:25 - 012500992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2018-12-17 22:10 - 2018-12-08 04:25 - 011902976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2018-12-17 22:10 - 2018-12-08 04:23 - 003649024 _____ (Microsoft Corporation) C:\Windows\System32\win32kfull.sys 2018-12-17 22:10 - 2018-12-08 04:23 - 002892288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys 2018-12-17 22:10 - 2018-12-08 04:23 - 001856512 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll 2018-12-17 22:10 - 2018-12-08 04:22 - 001586176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2018-12-17 22:10 - 2018-12-08 00:07 - 001221632 _____ (Microsoft Corporation) C:\Windows\System32\hvix64.exe 2018-12-17 22:10 - 2018-12-08 00:07 - 001030184 _____ (Microsoft Corporation) C:\Windows\System32\hvax64.exe 2018-12-17 22:10 - 2018-12-08 00:06 - 001017168 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2adec.dll 2018-12-17 22:10 - 2018-12-08 00:06 - 000709936 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys 2018-12-17 22:10 - 2018-12-08 00:06 - 000491416 _____ (Microsoft Corporation) C:\Windows\System32\mf.dll 2018-12-17 22:10 - 2018-12-08 00:05 - 007520096 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.Protection.PlayReady.dll 2018-12-17 22:10 - 2018-12-08 00:05 - 002822656 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys 2018-12-17 22:10 - 2018-12-08 00:05 - 001935008 _____ (Microsoft Corporation) C:\Windows\System32\AudioEng.dll 2018-12-17 22:10 - 2018-12-08 00:05 - 001209888 _____ (Microsoft Corporation) C:\Windows\System32\AudioSes.dll 2018-12-17 22:10 - 2018-12-08 00:05 - 000793592 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms2.sys 2018-12-17 22:10 - 2018-12-08 00:05 - 000706040 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys 2018-12-17 22:10 - 2018-12-08 00:05 - 000594224 _____ (Microsoft Corporation) C:\Windows\System32\audiodg.exe 2018-12-17 22:10 - 2018-12-08 00:05 - 000413920 _____ (Microsoft Corporation) C:\Windows\System32\AUDIOKSE.dll 2018-12-17 22:10 - 2018-12-08 00:05 - 000171008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys 2018-12-17 22:10 - 2018-12-08 00:04 - 009084216 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2018-12-17 22:10 - 2018-12-08 00:04 - 002590296 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL 2018-12-17 22:10 - 2018-12-08 00:04 - 002371296 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll 2018-12-17 22:10 - 2018-12-08 00:04 - 001150312 _____ (Microsoft Corporation) C:\Windows\System32\MSVP9DEC.dll 2018-12-17 22:10 - 2018-12-08 00:04 - 000885760 _____ (Microsoft Corporation) C:\Windows\System32\CoreMessaging.dll 2018-12-17 22:10 - 2018-12-08 00:04 - 000604984 _____ (Microsoft Corporation) C:\Windows\System32\securekernel.exe 2018-12-17 22:10 - 2018-12-08 00:04 - 000416024 _____ (Microsoft Corporation) C:\Windows\System32\MSAudDecMFT.dll 2018-12-17 22:10 - 2018-12-08 00:04 - 000413176 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys 2018-12-17 22:10 - 2018-12-07 23:47 - 000861744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll 2018-12-17 22:10 - 2018-12-07 23:46 - 002331480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2018-12-17 22:10 - 2018-12-07 23:46 - 001989040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2018-12-17 22:10 - 2018-12-07 23:46 - 001397104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVP9DEC.dll 2018-12-17 22:10 - 2018-12-07 23:46 - 000457056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll 2018-12-17 22:10 - 2018-12-07 23:45 - 006569040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll 2018-12-17 22:10 - 2018-12-07 23:45 - 004789952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2018-12-17 22:10 - 2018-12-07 23:45 - 002307240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2018-12-17 22:10 - 2018-12-07 23:45 - 001805656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2018-12-17 22:10 - 2018-12-07 23:45 - 001011872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2018-12-17 22:10 - 2018-12-07 23:45 - 000567256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll 2018-12-17 22:10 - 2018-12-07 23:37 - 001308160 _____ (Microsoft Corporation) C:\Windows\System32\MSVPXENC.dll 2018-12-17 22:10 - 2018-12-07 23:36 - 007573504 _____ (Microsoft Corporation) C:\Windows\System32\Chakra.dll 2018-12-17 22:10 - 2018-12-07 23:36 - 001768448 _____ (Microsoft Corporation) C:\Windows\System32\audiosrv.dll 2018-12-17 22:10 - 2018-12-07 23:36 - 000154112 _____ (Microsoft Corporation) C:\Windows\System32\Chakradiag.dll 2018-12-17 22:10 - 2018-12-07 23:35 - 001551360 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.desktop.dll 2018-12-17 22:10 - 2018-12-07 23:35 - 000808448 _____ (Microsoft Corporation) C:\Windows\System32\EdgeManager.dll 2018-12-17 22:10 - 2018-12-07 23:34 - 002173440 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.onecore.dll 2018-12-17 22:10 - 2018-12-07 23:34 - 001535488 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll 2018-12-17 22:10 - 2018-12-07 23:34 - 000684544 _____ (Microsoft Corporation) C:\Windows\System32\AudioEndpointBuilder.dll 2018-12-17 22:10 - 2018-12-07 23:33 - 002904064 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2018-12-17 22:10 - 2018-12-07 23:32 - 001032704 _____ (Microsoft Corporation) C:\Windows\System32\modernexecserver.dll 2018-12-17 22:10 - 2018-12-07 23:32 - 000776192 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll 2018-12-17 22:10 - 2018-12-07 23:32 - 000542208 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2018-12-17 22:10 - 2018-12-07 23:28 - 005775872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2018-12-17 22:10 - 2018-12-07 23:28 - 001295360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll 2018-12-17 22:10 - 2018-12-07 23:25 - 000669696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2018-12-17 22:10 - 2018-12-07 23:24 - 000533504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2018-12-17 22:10 - 2018-11-08 21:59 - 008623616 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll 2018-12-17 22:10 - 2018-11-08 21:56 - 000392192 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2018-12-17 22:10 - 2018-11-08 21:55 - 000878592 _____ (Microsoft Corporation) C:\Windows\System32\CPFilters.dll 2018-12-17 22:10 - 2018-11-08 21:20 - 007987712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2018-12-17 22:10 - 2018-11-08 21:18 - 000344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2018-12-17 22:10 - 2018-11-08 21:17 - 000704000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll 2018-12-17 22:10 - 2018-11-08 18:49 - 000565048 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS 2018-12-17 22:10 - 2018-11-08 18:48 - 003179760 _____ (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2018-12-17 22:10 - 2018-11-08 18:48 - 001613288 _____ (Microsoft Corporation) C:\Windows\System32\D3D12.dll 2018-12-17 22:10 - 2018-11-08 18:47 - 002571128 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll 2018-12-17 22:10 - 2018-11-08 18:21 - 004866560 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2018-12-17 22:10 - 2018-11-08 18:20 - 006032384 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2018-12-17 22:10 - 2018-11-08 18:19 - 002368512 _____ (Microsoft Corporation) C:\Windows\System32\WebRuntimeManager.dll 2018-12-17 22:10 - 2018-11-08 18:19 - 000726528 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll 2018-12-17 22:10 - 2018-11-08 18:16 - 002224640 _____ (Microsoft Corporation) C:\Windows\System32\win32kbase.sys 2018-12-17 22:10 - 2018-11-08 18:07 - 002417976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2018-12-17 22:10 - 2018-11-08 18:07 - 001299704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll 2018-12-17 22:10 - 2018-11-08 17:48 - 000550728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2018-12-17 22:10 - 2018-11-08 17:46 - 002253184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2018-12-17 22:10 - 2018-11-08 17:46 - 001980776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2018-12-17 22:10 - 2018-11-08 17:31 - 000094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll 2018-12-17 22:10 - 2018-11-08 17:29 - 003711488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2018-12-17 22:10 - 2018-11-08 17:29 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2018-12-17 22:10 - 2018-11-08 17:28 - 005307392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2018-12-17 22:10 - 2018-11-08 17:28 - 002900992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2018-12-17 22:10 - 2018-11-08 17:26 - 004514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2018-12-17 22:09 - 2018-12-08 04:48 - 000034104 _____ C:\Windows\System32\SyncAppvPublishingServer.exe 2018-12-17 22:09 - 2018-12-08 04:47 - 001786896 _____ (Microsoft Corporation) C:\Windows\System32\AppVEntVirtualization.dll 2018-12-17 22:09 - 2018-12-08 04:47 - 001627656 _____ (Microsoft Corporation) C:\Windows\System32\AppVIntegration.dll 2018-12-17 22:09 - 2018-12-08 04:47 - 001422864 _____ (Microsoft Corporation) C:\Windows\System32\AppVEntSubsystemController.dll 2018-12-17 22:09 - 2018-12-08 04:47 - 001048712 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Internal.Shell.Broker.dll 2018-12-17 22:09 - 2018-12-08 04:47 - 001038352 _____ (Microsoft Corporation) C:\Windows\System32\AppVPolicy.dll 2018-12-17 22:09 - 2018-12-08 04:47 - 000954384 _____ (Microsoft Corporation) C:\Windows\System32\AppVManifest.dll 2018-12-17 22:09 - 2018-12-08 04:47 - 000830480 _____ (Microsoft Corporation) C:\Windows\System32\AppVOrchestration.dll 2018-12-17 22:09 - 2018-12-08 04:47 - 000825352 _____ (Microsoft Corporation) C:\Windows\System32\AppVEntStreamingManager.dll 2018-12-17 22:09 - 2018-12-08 04:47 - 000750096 _____ (Microsoft Corporation) C:\Windows\System32\AppVReporting.dll 2018-12-17 22:09 - 2018-12-08 04:47 - 000670224 _____ (Microsoft Corporation) C:\Windows\System32\AppVCatalog.dll 2018-12-17 22:09 - 2018-12-08 04:47 - 000652296 _____ (Microsoft Corporation) C:\Windows\System32\AppVPublishing.dll 2018-12-17 22:09 - 2018-12-08 04:47 - 000645320 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll 2018-12-17 22:09 - 2018-12-08 04:47 - 000495632 _____ (Microsoft Corporation) C:\Windows\System32\TransportDSA.dll 2018-12-17 22:09 - 2018-12-08 04:47 - 000399880 _____ (Microsoft Corporation) C:\Windows\System32\AppVScripting.dll 2018-12-17 22:09 - 2018-12-08 04:47 - 000258064 _____ (Microsoft Corporation) C:\Windows\System32\AppVFileSystemMetadata.dll 2018-12-17 22:09 - 2018-12-08 04:47 - 000231440 _____ (Microsoft Corporation) C:\Windows\System32\AppVShNotify.exe 2018-12-17 22:09 - 2018-12-08 04:47 - 000228368 _____ (Microsoft Corporation) C:\Windows\System32\AppVStreamMap.dll 2018-12-17 22:09 - 2018-12-08 04:47 - 000201744 _____ (Microsoft Corporation) C:\Windows\System32\AppVStreamingUX.dll 2018-12-17 22:09 - 2018-12-08 04:47 - 000180752 _____ (Microsoft Corporation) C:\Windows\System32\AppVDllSurrogate.exe 2018-12-17 22:09 - 2018-12-08 04:47 - 000173072 _____ (Microsoft Corporation) C:\Windows\System32\AppVNice.exe 2018-12-17 22:09 - 2018-12-08 04:46 - 000549760 _____ (Microsoft Corporation) C:\Windows\System32\AppResolver.dll 2018-12-17 22:09 - 2018-12-08 04:43 - 000304144 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mssecflt.sys 2018-12-17 22:09 - 2018-12-08 04:42 - 004527800 _____ (Microsoft Corporation) C:\Windows\System32\sppsvc.exe 2018-12-17 22:09 - 2018-12-08 04:42 - 001616824 _____ (Microsoft Corporation) C:\Windows\System32\sppobjs.dll 2018-12-17 22:09 - 2018-12-08 04:41 - 000481880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2018-12-17 22:09 - 2018-12-08 04:39 - 000444416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll 2018-12-17 22:09 - 2018-12-08 04:29 - 013572608 _____ (Microsoft Corporation) C:\Windows\System32\wmp.dll 2018-12-17 22:09 - 2018-12-08 04:29 - 000064000 _____ (Microsoft Corporation) C:\Windows\System32\iemigplugin.dll 2018-12-17 22:09 - 2018-12-08 04:28 - 006586880 _____ (Microsoft Corporation) C:\Windows\System32\twinui.dll 2018-12-17 22:09 - 2018-12-08 04:28 - 004708864 _____ (Microsoft Corporation) C:\Windows\System32\twinui.pcshell.dll 2018-12-17 22:09 - 2018-12-08 04:27 - 005657600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2018-12-17 22:09 - 2018-12-08 04:27 - 000140800 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Internal.Management.SecureAssessment.dll 2018-12-17 22:09 - 2018-12-08 04:27 - 000082432 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storqosflt.sys 2018-12-17 22:09 - 2018-12-08 04:27 - 000068608 _____ (Microsoft Corporation) C:\Windows\System32\fdBth.dll 2018-12-17 22:09 - 2018-12-08 04:27 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdBth.dll 2018-12-17 22:09 - 2018-12-08 04:23 - 001661440 _____ (Microsoft Corporation) C:\Windows\System32\GdiPlus.dll 2018-12-17 22:09 - 2018-12-08 04:23 - 001364992 _____ (Microsoft Corporation) C:\Windows\System32\bcastdvruserservice.dll 2018-12-17 22:09 - 2018-12-08 04:23 - 000503296 _____ (Microsoft Corporation) C:\Windows\System32\sppcext.dll 2018-12-17 22:09 - 2018-12-08 04:23 - 000471040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcSpecfc.dll 2018-12-17 22:09 - 2018-12-08 04:22 - 001469952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2018-12-17 22:09 - 2018-12-08 04:22 - 000577024 _____ (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe 2018-12-17 22:09 - 2018-12-08 00:13 - 001040936 _____ (Microsoft Corporation) C:\Windows\System32\ApplyTrustOffline.exe 2018-12-17 22:09 - 2018-12-08 00:12 - 000272408 _____ (Microsoft Corporation) C:\Windows\System32\SgrmEnclave.dll 2018-12-17 22:09 - 2018-12-08 00:12 - 000269336 _____ (Microsoft Corporation) C:\Windows\System32\SgrmEnclave_secure.dll 2018-12-17 22:09 - 2018-12-08 00:12 - 000092688 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bindflt.sys 2018-12-17 22:09 - 2018-12-08 00:07 - 005625352 _____ (Microsoft Corporation) C:\Windows\System32\StartTileData.dll 2018-12-17 22:09 - 2018-12-08 00:07 - 001328632 _____ (Microsoft Corporation) C:\Windows\System32\wpx.dll 2018-12-17 22:09 - 2018-12-08 00:07 - 001063416 _____ (Microsoft Corporation) C:\Windows\System32\SecConfig.efi 2018-12-17 22:09 - 2018-12-08 00:07 - 000135168 _____ (Microsoft Corporation) C:\Windows\System32\hvloader.dll 2018-12-17 22:09 - 2018-12-08 00:07 - 000076280 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hvservice.sys 2018-12-17 22:09 - 2018-12-08 00:06 - 000777512 _____ (Microsoft Corporation) C:\Windows\System32\wer.dll 2018-12-17 22:09 - 2018-12-08 00:06 - 000566784 _____ (Microsoft Corporation) C:\Windows\System32\tcblaunch.exe 2018-12-17 22:09 - 2018-12-08 00:06 - 000433168 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys 2018-12-17 22:09 - 2018-12-08 00:06 - 000249088 _____ (Microsoft Corporation) C:\Windows\System32\weretw.dll 2018-12-17 22:09 - 2018-12-08 00:05 - 007436216 _____ (Microsoft Corporation) C:\Windows\System32\windows.storage.dll 2018-12-17 22:09 - 2018-12-08 00:05 - 002463384 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll 2018-12-17 22:09 - 2018-12-08 00:05 - 001018880 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ClipSp.sys 2018-12-17 22:09 - 2018-12-08 00:05 - 000421176 _____ (Microsoft Corporation) C:\Windows\System32\xbgmengine.dll 2018-12-17 22:09 - 2018-12-08 00:05 - 000130312 _____ (Microsoft Corporation) C:\Windows\System32\rmclient.dll 2018-12-17 22:09 - 2018-12-08 00:05 - 000086016 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fileinfo.sys 2018-12-17 22:09 - 2018-12-08 00:04 - 004404720 _____ (Microsoft Corporation) C:\Windows\System32\mfcore.dll 2018-12-17 22:09 - 2018-12-08 00:04 - 001943328 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll 2018-12-17 22:09 - 2018-12-08 00:04 - 001457032 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi 2018-12-17 22:09 - 2018-12-08 00:04 - 001257672 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe 2018-12-17 22:09 - 2018-12-08 00:04 - 001188512 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll 2018-12-17 22:09 - 2018-12-08 00:04 - 001140480 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi 2018-12-17 22:09 - 2018-12-08 00:04 - 000982912 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe 2018-12-17 22:09 - 2018-12-08 00:04 - 000527160 _____ (Microsoft Corporation) C:\Windows\System32\hal.dll 2018-12-17 22:09 - 2018-12-08 00:04 - 000375608 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msrpc.sys 2018-12-17 22:09 - 2018-12-08 00:04 - 000335672 _____ (Microsoft Corporation) C:\Windows\System32\moshostcore.dll 2018-12-17 22:09 - 2018-12-08 00:04 - 000268280 _____ (Microsoft Corporation) C:\Windows\System32\browserbroker.dll 2018-12-17 22:09 - 2018-12-08 00:04 - 000260800 _____ (Microsoft Corporation) C:\Windows\System32\mfps.dll 2018-12-17 22:09 - 2018-12-08 00:04 - 000158624 _____ (Microsoft Corporation) C:\Windows\System32\vertdll.dll 2018-12-17 22:09 - 2018-12-08 00:04 - 000128824 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tm.sys 2018-12-17 22:09 - 2018-12-08 00:04 - 000058168 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\iorate.sys 2018-12-17 22:09 - 2018-12-08 00:04 - 000043520 _____ (Microsoft Corporation) C:\Windows\System32\browser_broker.exe 2018-12-17 22:09 - 2018-12-07 23:49 - 025855488 _____ (Microsoft Corporation) C:\Windows\System32\edgehtml.dll 2018-12-17 22:09 - 2018-12-07 23:47 - 000785760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2018-12-17 22:09 - 2018-12-07 23:46 - 000665224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2018-12-17 22:09 - 2018-12-07 23:46 - 000101192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll 2018-12-17 22:09 - 2018-12-07 23:45 - 006043496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll 2018-12-17 22:09 - 2018-12-07 23:45 - 001620472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2018-12-17 22:09 - 2018-12-07 23:45 - 001379816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll 2018-12-17 22:09 - 2018-12-07 23:45 - 000356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2018-12-17 22:09 - 2018-12-07 23:45 - 000129296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2018-12-17 22:09 - 2018-12-07 23:42 - 022715392 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2018-12-17 22:09 - 2018-12-07 23:42 - 009084928 _____ (Microsoft Corporation) C:\Windows\System32\BingMaps.dll 2018-12-17 22:09 - 2018-12-07 23:41 - 007057408 _____ (Microsoft Corporation) C:\Windows\System32\mos.dll 2018-12-17 22:09 - 2018-12-07 23:40 - 004710912 _____ (Microsoft Corporation) C:\Windows\System32\cdp.dll 2018-12-17 22:09 - 2018-12-07 23:40 - 004384768 _____ (Microsoft Corporation) C:\Windows\System32\EdgeContent.dll 2018-12-17 22:09 - 2018-12-07 23:39 - 000036352 _____ (Microsoft Corporation) C:\Windows\System32\wpnsruprov.dll 2018-12-17 22:09 - 2018-12-07 23:38 - 022016000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2018-12-17 22:09 - 2018-12-07 23:38 - 003392000 _____ (Microsoft Corporation) C:\Windows\System32\tquery.dll 2018-12-17 22:09 - 2018-12-07 23:38 - 002739200 _____ (Microsoft Corporation) C:\Windows\System32\mssrch.dll 2018-12-17 22:09 - 2018-12-07 23:38 - 000419328 _____ (Microsoft Corporation) C:\Windows\System32\eeprov.dll 2018-12-17 22:09 - 2018-12-07 23:38 - 000310272 _____ (Microsoft Corporation) C:\Windows\System32\wc_storage.dll 2018-12-17 22:09 - 2018-12-07 23:38 - 000132608 _____ (Microsoft Corporation) C:\Windows\System32\DataUsageLiveTileTask.exe 2018-12-17 22:09 - 2018-12-07 23:38 - 000085504 _____ (Microsoft Corporation) C:\Windows\System32\LocationFrameworkInternalPS.dll 2018-12-17 22:09 - 2018-12-07 23:38 - 000083456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wcnfs.sys 2018-12-17 22:09 - 2018-12-07 23:38 - 000055296 _____ (Microsoft Corporation) C:\Windows\System32\msscntrs.dll 2018-12-17 22:09 - 2018-12-07 23:37 - 002825728 _____ (Microsoft Corporation) C:\Windows\System32\MapGeocoder.dll 2018-12-17 22:09 - 2018-12-07 23:37 - 000395776 _____ (Microsoft Corporation) C:\Windows\System32\Search.ProtocolHandler.MAPI2.dll 2018-12-17 22:09 - 2018-12-07 23:37 - 000386048 _____ (Microsoft Corporation) C:\Windows\System32\Windows.System.Diagnostics.dll 2018-12-17 22:09 - 2018-12-07 23:37 - 000358912 _____ (Microsoft Corporation) C:\Windows\System32\DataUsageHandlers.dll 2018-12-17 22:09 - 2018-12-07 23:37 - 000209408 _____ (Microsoft Corporation) C:\Windows\System32\AppXApplicabilityBlob.dll 2018-12-17 22:09 - 2018-12-07 23:37 - 000184320 _____ (Microsoft Corporation) C:\Windows\System32\bthserv.dll 2018-12-17 22:09 - 2018-12-07 23:37 - 000170496 _____ (Microsoft Corporation) C:\Windows\System32\appsruprov.dll 2018-12-17 22:09 - 2018-12-07 23:37 - 000157696 _____ (Microsoft Corporation) C:\Windows\System32\energyprov.dll 2018-12-17 22:09 - 2018-12-07 23:37 - 000106496 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys 2018-12-17 22:09 - 2018-12-07 23:37 - 000099328 _____ (Microsoft Corporation) C:\Windows\System32\utcutil.dll 2018-12-17 22:09 - 2018-12-07 23:37 - 000079872 _____ (Microsoft Corporation) C:\Windows\System32\offreg.dll 2018-12-17 22:09 - 2018-12-07 23:36 - 003396608 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll 2018-12-17 22:09 - 2018-12-07 23:36 - 003381248 _____ (Microsoft Corporation) C:\Windows\System32\MapRouter.dll 2018-12-17 22:09 - 2018-12-07 23:36 - 003090432 _____ (Microsoft Corporation) C:\Windows\System32\diagtrack.dll 2018-12-17 22:09 - 2018-12-07 23:36 - 002364928 _____ (Microsoft Corporation) C:\Windows\System32\OpcServices.dll 2018-12-17 22:09 - 2018-12-07 23:36 - 000894464 _____ (Microsoft Corporation) C:\Windows\System32\webplatstorageserver.dll 2018-12-17 22:09 - 2018-12-07 23:36 - 000566784 _____ (Microsoft Corporation) C:\Windows\System32\daxexec.dll 2018-12-17 22:09 - 2018-12-07 23:36 - 000462336 _____ (Microsoft Corporation) C:\Windows\System32\bcdedit.exe 2018-12-17 22:09 - 2018-12-07 23:36 - 000356352 _____ (Microsoft Corporation) C:\Windows\System32\dusmsvc.dll 2018-12-17 22:09 - 2018-12-07 23:36 - 000227328 _____ (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe 2018-12-17 22:09 - 2018-12-07 23:36 - 000153600 _____ (Microsoft Corporation) C:\Windows\System32\RMapi.dll 2018-12-17 22:09 - 2018-12-07 23:36 - 000043008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mmcss.sys 2018-12-17 22:09 - 2018-12-07 23:35 - 002126336 _____ (Microsoft Corporation) C:\Windows\System32\LocationFramework.dll 2018-12-17 22:09 - 2018-12-07 23:35 - 001826816 _____ (Microsoft Corporation) C:\Windows\System32\Windows.CloudStore.dll 2018-12-17 22:09 - 2018-12-07 23:35 - 001708544 _____ (Microsoft Corporation) C:\Windows\System32\MSPhotography.dll 2018-12-17 22:09 - 2018-12-07 23:35 - 000623104 _____ (Microsoft Corporation) C:\Windows\System32\PsmServiceExtHost.dll 2018-12-17 22:09 - 2018-12-07 23:34 - 001023488 _____ (Microsoft Corporation) C:\Windows\System32\ShareHost.dll 2018-12-17 22:09 - 2018-12-07 23:34 - 000884224 _____ (Microsoft Corporation) C:\Windows\System32\NMAA.dll 2018-12-17 22:09 - 2018-12-07 23:34 - 000693248 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Connectivity.dll 2018-12-17 22:09 - 2018-12-07 23:34 - 000491520 _____ (Microsoft Corporation) C:\Windows\System32\defragsvc.dll 2018-12-17 22:09 - 2018-12-07 23:33 - 019405312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2018-12-17 22:09 - 2018-12-07 23:33 - 001457152 _____ (Microsoft Corporation) C:\Windows\System32\dosvc.dll 2018-12-17 22:09 - 2018-12-07 23:33 - 001264640 _____ (Microsoft Corporation) C:\Windows\System32\JpMapControl.dll 2018-12-17 22:09 - 2018-12-07 23:33 - 001058304 _____ (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe 2018-12-17 22:09 - 2018-12-07 23:33 - 000949248 _____ (Microsoft Corporation) C:\Windows\System32\wcmsvc.dll 2018-12-17 22:09 - 2018-12-07 23:33 - 000823296 _____ (Microsoft Corporation) C:\Windows\System32\twinui.appcore.dll 2018-12-17 22:09 - 2018-12-07 23:33 - 000176640 _____ (Microsoft Corporation) C:\Windows\System32\mssph.dll 2018-12-17 22:09 - 2018-12-07 23:32 - 001097728 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys 2018-12-17 22:09 - 2018-12-07 23:32 - 000895488 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll 2018-12-17 22:09 - 2018-12-07 23:32 - 000796672 _____ (Microsoft Corporation) C:\Windows\System32\mssvp.dll 2018-12-17 22:09 - 2018-12-07 23:32 - 000406528 _____ (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe 2018-12-17 22:09 - 2018-12-07 23:30 - 006647296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll 2018-12-17 22:09 - 2018-12-07 23:30 - 002966528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll 2018-12-17 22:09 - 2018-12-07 23:30 - 000074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe 2018-12-17 22:09 - 2018-12-07 23:29 - 005883904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll 2018-12-17 22:09 - 2018-12-07 23:29 - 002700288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2018-12-17 22:09 - 2018-12-07 23:29 - 000311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Diagnostics.dll 2018-12-17 22:09 - 2018-12-07 23:29 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll 2018-12-17 22:09 - 2018-12-07 23:28 - 002258944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2018-12-17 22:09 - 2018-12-07 23:28 - 001361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSPhotography.dll 2018-12-17 22:09 - 2018-12-07 23:28 - 000391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll 2018-12-17 22:09 - 2018-12-07 23:28 - 000288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2018-12-17 22:09 - 2018-12-07 23:27 - 002449408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll 2018-12-17 22:09 - 2018-12-07 23:27 - 001986560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll 2018-12-17 22:09 - 2018-12-07 23:27 - 000608768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll 2018-12-17 22:09 - 2018-12-07 23:27 - 000578560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll 2018-12-17 22:09 - 2018-12-07 23:27 - 000555008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll 2018-12-17 22:09 - 2018-12-07 23:27 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll 2018-12-17 22:09 - 2018-12-07 23:26 - 001348096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll 2018-12-17 22:09 - 2018-12-07 23:26 - 000848384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll 2018-12-17 22:09 - 2018-12-07 23:25 - 000978944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll 2018-12-17 22:09 - 2018-12-07 23:25 - 000856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2018-12-17 22:09 - 2018-12-07 23:25 - 000729088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll 2018-12-17 22:09 - 2018-12-07 23:25 - 000702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll 2018-12-17 22:09 - 2018-12-07 23:25 - 000145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2018-12-17 22:09 - 2018-12-07 23:24 - 000795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll 2018-12-17 22:09 - 2018-12-07 23:24 - 000735744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2018-12-17 22:09 - 2018-12-07 23:24 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2018-12-17 22:09 - 2018-12-07 22:16 - 000001310 _____ C:\Windows\System32\tcbres.wim 2018-12-17 22:09 - 2018-11-08 22:15 - 021388752 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll 2018-12-17 22:09 - 2018-11-08 22:00 - 000177664 _____ (Microsoft Corporation) C:\Windows\System32\t2embed.dll 2018-12-17 22:09 - 2018-11-08 21:58 - 000244736 _____ (Microsoft Corporation) C:\Windows\System32\WinSCard.dll 2018-12-17 22:09 - 2018-11-08 21:57 - 004491264 _____ (Microsoft Corporation) C:\Windows\System32\xpsrchvw.exe 2018-12-17 22:09 - 2018-11-08 21:57 - 000208896 _____ (Microsoft Corporation) C:\Windows\System32\sensrsvc.dll 2018-12-17 22:09 - 2018-11-08 21:56 - 000381952 _____ (Microsoft Corporation) C:\Windows\System32\ninput.dll 2018-12-17 22:09 - 2018-11-08 21:56 - 000103936 _____ (Microsoft Corporation) C:\Windows\System32\DeviceSoftwareInstallationClient.dll 2018-12-17 22:09 - 2018-11-08 21:55 - 001254400 _____ (Microsoft Corporation) C:\Windows\System32\SystemSettings.Handlers.dll 2018-12-17 22:09 - 2018-11-08 21:54 - 001535488 _____ (Microsoft Corporation) C:\Windows\System32\wbengine.exe 2018-12-17 22:09 - 2018-11-08 21:32 - 020383832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2018-12-17 22:09 - 2018-11-08 21:22 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2018-12-17 22:09 - 2018-11-08 21:20 - 003397632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe 2018-12-17 22:09 - 2018-11-08 21:19 - 000181248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2018-12-17 22:09 - 2018-11-08 21:18 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ninput.dll 2018-12-17 22:09 - 2018-11-08 18:56 - 001213472 _____ (Microsoft Corporation) C:\Windows\System32\ClipUp.exe 2018-12-17 22:09 - 2018-11-08 18:49 - 000723416 _____ (Microsoft Corporation) C:\Windows\System32\ci.dll 2018-12-17 22:09 - 2018-11-08 18:49 - 000368656 _____ (Microsoft Corporation) C:\Windows\System32\thumbcache.dll 2018-12-17 22:09 - 2018-11-08 18:48 - 002719736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2018-12-17 22:09 - 2018-11-08 18:48 - 000899920 _____ (Microsoft Corporation) C:\Windows\System32\winhttp.dll 2018-12-17 22:09 - 2018-11-08 18:48 - 000766704 _____ (Microsoft Corporation) C:\Windows\System32\dnsapi.dll 2018-12-17 22:09 - 2018-11-08 18:48 - 000745472 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys 2018-12-17 22:09 - 2018-11-08 18:48 - 000375296 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys 2018-12-17 22:09 - 2018-11-08 18:47 - 002765344 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2018-12-17 22:09 - 2018-11-08 18:47 - 002062392 _____ (Microsoft Corporation) C:\Windows\System32\mfsrcsnk.dll 2018-12-17 22:09 - 2018-11-08 18:47 - 001285432 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys 2018-12-17 22:09 - 2018-11-08 18:47 - 000930616 _____ (Microsoft Corporation) C:\Windows\System32\WWAHost.exe 2018-12-17 22:09 - 2018-11-08 18:47 - 000537912 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys 2018-12-17 22:09 - 2018-11-08 18:22 - 000185344 _____ (Microsoft Corporation) C:\Windows\System32\InstallServiceTasks.dll 2018-12-17 22:09 - 2018-11-08 18:22 - 000097792 _____ (Microsoft Corporation) C:\Windows\System32\winhttpcom.dll 2018-12-17 22:09 - 2018-11-08 18:21 - 001627136 _____ (Microsoft Corporation) C:\Windows\System32\enterprisecsps.dll 2018-12-17 22:09 - 2018-11-08 18:21 - 000119808 _____ (Microsoft Corporation) C:\Windows\System32\UserDataTimeUtil.dll 2018-12-17 22:09 - 2018-11-08 18:21 - 000112128 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\bthhfenum.sys 2018-12-17 22:09 - 2018-11-08 18:21 - 000002560 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll 2018-12-17 22:09 - 2018-11-08 18:20 - 000530432 _____ (Microsoft Corporation) C:\Windows\System32\MapConfiguration.dll 2018-12-17 22:09 - 2018-11-08 18:20 - 000399872 _____ (Microsoft Corporation) C:\Windows\System32\BthAvctpSvc.dll 2018-12-17 22:09 - 2018-11-08 18:20 - 000193536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndiswan.sys 2018-12-17 22:09 - 2018-11-08 18:20 - 000092160 _____ (Microsoft Corporation) C:\Windows\System32\tzautoupdate.dll 2018-12-17 22:09 - 2018-11-08 18:19 - 000304128 _____ (Microsoft Corporation) C:\Windows\System32\domgmt.dll 2018-12-17 22:09 - 2018-11-08 18:18 - 003320320 _____ (Microsoft Corporation) C:\Windows\System32\dwmcore.dll 2018-12-17 22:09 - 2018-11-08 18:18 - 001487360 _____ (Microsoft Corporation) C:\Windows\System32\InstallService.dll 2018-12-17 22:09 - 2018-11-08 18:18 - 000573952 _____ (Microsoft Corporation) C:\Windows\System32\webio.dll 2018-12-17 22:09 - 2018-11-08 18:18 - 000514048 _____ (Microsoft Corporation) C:\Windows\System32\BTAGService.dll 2018-12-17 22:09 - 2018-11-08 18:18 - 000300032 _____ (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll 2018-12-17 22:09 - 2018-11-08 18:17 - 002584576 _____ (Microsoft Corporation) C:\Windows\System32\wlansvc.dll 2018-12-17 22:09 - 2018-11-08 18:17 - 001069568 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.Streaming.dll 2018-12-17 22:09 - 2018-11-08 18:16 - 004939776 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2018-12-17 22:09 - 2018-11-08 18:16 - 001364992 _____ (Microsoft Corporation) C:\Windows\System32\lpasvc.dll 2018-12-17 22:09 - 2018-11-08 18:16 - 001225216 _____ (Microsoft Corporation) C:\Windows\System32\MapsStore.dll 2018-12-17 22:09 - 2018-11-08 18:16 - 000308736 _____ (Microsoft Corporation) C:\Windows\System32\EnterpriseAppMgmtSvc.dll 2018-12-17 22:09 - 2018-11-08 18:15 - 000943616 _____ (Microsoft Corporation) C:\Windows\System32\BingOnlineServices.dll 2018-12-17 22:09 - 2018-11-08 18:15 - 000933888 _____ (Microsoft Corporation) C:\Windows\System32\rasmans.dll 2018-12-17 22:09 - 2018-11-08 18:15 - 000884224 _____ (Microsoft Corporation) C:\Windows\System32\MapControlCore.dll 2018-12-17 22:09 - 2018-11-08 18:15 - 000505344 _____ (Microsoft Corporation) C:\Windows\System32\edgeIso.dll 2018-12-17 22:09 - 2018-11-08 17:47 - 000295224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll 2018-12-17 22:09 - 2018-11-08 17:46 - 002161008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll 2018-12-17 22:09 - 2018-11-08 17:46 - 000829960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe 2018-12-17 22:09 - 2018-11-08 17:46 - 000721024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2018-12-17 22:09 - 2018-11-08 17:46 - 000573504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll 2018-12-17 22:09 - 2018-11-08 17:31 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2018-12-17 22:09 - 2018-11-08 17:30 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll 2018-12-17 22:09 - 2018-11-08 17:30 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttpcom.dll 2018-12-17 22:09 - 2018-11-08 17:29 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll 2018-12-17 22:09 - 2018-11-08 17:29 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll 2018-12-17 22:09 - 2018-11-08 17:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll 2018-12-17 22:09 - 2018-11-08 17:26 - 001110528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll 2018-12-17 22:09 - 2018-11-08 17:26 - 000873472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2018-12-17 22:09 - 2018-11-08 17:26 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll 2018-12-17 22:09 - 2018-11-08 17:25 - 000713216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll 2018-12-17 22:09 - 2018-11-08 17:25 - 000705024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll 2018-12-17 12:39 - 2018-12-17 12:39 - 000002163 _____ C:\Users\Public\Desktop\Capture NX-D.lnk 2018-12-17 12:39 - 2018-12-17 12:39 - 000002113 _____ C:\Users\Public\Desktop\Nikon Transfer 2.lnk 2018-12-14 07:56 - 2018-12-14 07:56 - 000000000 ____D C:\Program Files\Phase One 2018-12-12 21:12 - 2018-12-12 21:12 - 000051024 _____ (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe 2018-12-12 21:12 - 2018-12-12 21:12 - 000047800 _____ (Dropbox, Inc.) C:\Windows\System32\Drivers\dbx-stable.sys 2018-12-12 21:12 - 2018-12-12 21:12 - 000047800 _____ (Dropbox, Inc.) C:\Windows\System32\Drivers\dbx-dev.sys 2018-12-12 21:12 - 2018-12-12 21:12 - 000047800 _____ (Dropbox, Inc.) C:\Windows\System32\Drivers\dbx-canary.sys ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-01-07 05:51 - 2018-08-03 09:37 - 000000000 ____D C:\Windows\LTSvc 2019-01-07 05:51 - 2018-04-11 15:38 - 000000000 ___HD C:\Windows\ELAMBKUP 2019-01-07 05:50 - 2018-10-09 05:19 - 000042488 _____ C:\Windows\System32\Drivers\aswKbd.sys 2019-01-07 05:50 - 2018-09-21 05:46 - 000474648 _____ C:\Windows\System32\Drivers\aswSP.sys 2019-01-07 05:50 - 2018-09-21 05:46 - 000380144 _____ C:\Windows\System32\Drivers\aswVmm.sys 2019-01-07 05:50 - 2018-09-21 05:46 - 000239808 _____ C:\Windows\System32\Drivers\aswHdsKe.sys 2019-01-07 05:50 - 2018-09-21 05:46 - 000218056 _____ C:\Windows\System32\Drivers\aswStm.sys 2019-01-07 05:50 - 2018-09-21 05:46 - 000203488 _____ C:\Windows\System32\Drivers\aswArPot.sys 2019-01-07 05:50 - 2018-09-21 05:46 - 000166472 _____ C:\Windows\System32\Drivers\aswMonFlt.sys 2019-01-07 05:50 - 2018-09-21 05:46 - 000111992 _____ C:\Windows\System32\Drivers\aswRdr2.sys 2019-01-07 05:50 - 2018-09-21 05:46 - 000088144 _____ C:\Windows\System32\Drivers\aswRvrt.sys 2019-01-07 05:50 - 2018-09-21 05:46 - 000046584 _____ C:\Windows\System32\Drivers\aswHwid.sys 2019-01-07 05:50 - 2018-09-21 05:46 - 000015488 _____ (AVAST Software) C:\Windows\System32\Drivers\aswElam.sys 2019-01-07 05:50 - 2018-08-03 07:45 - 000000000 ____D C:\ProgramData\ScreenConnect Client (fed23689d5ebe2bf) 2019-01-07 05:50 - 2018-04-11 15:38 - 000000000 ___HD C:\Program Files\WindowsApps 2019-01-07 05:50 - 2018-04-11 15:38 - 000000000 ____D C:\Windows\AppReadiness 2019-01-07 05:49 - 2018-09-21 05:46 - 001034056 _____ C:\Windows\System32\Drivers\aswSnx.sys 2019-01-07 05:48 - 2018-09-21 05:46 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2019-01-07 05:47 - 2018-08-01 10:54 - 000000136 _____ C:\Windows\System32\config\netlogon.ftl 2019-01-07 05:45 - 2018-07-26 13:10 - 000000000 ____D C:\Windows\System32\SleepStudy 2019-01-07 05:45 - 2018-04-11 15:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-01-04 11:10 - 2018-07-26 13:14 - 000853688 _____ C:\Windows\System32\PerfStringBackup.INI 2019-01-04 11:10 - 2018-04-11 15:36 - 000000000 ____D C:\Windows\INF 2019-01-04 10:28 - 2018-05-21 03:59 - 000000000 ____D C:\ProgramData\NVIDIA 2019-01-04 10:26 - 2018-08-03 09:58 - 000000000 ____D C:\ProgramData\WRData 2019-01-04 10:25 - 2018-08-03 09:58 - 000273688 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll 2019-01-04 10:25 - 2018-08-03 09:58 - 000231104 _____ (Webroot) C:\Windows\System32\WRusr.dll 2019-01-04 10:25 - 2018-07-30 04:29 - 000000000 ____D C:\Windows\Minidump 2019-01-04 10:25 - 2018-07-26 13:19 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-01-04 10:25 - 2018-05-21 04:00 - 000491434 _____ C:\Windows\System32\Drivers\rtkhdasetting.zip 2019-01-04 08:36 - 2018-07-26 10:53 - 000000648 _____ C:\Windows\System32\Drivers\etc\hosts.ics 2019-01-03 14:51 - 2018-05-21 04:00 - 000000000 ____D C:\Windows\System32\DAX3 2019-01-03 14:49 - 2018-05-21 04:00 - 000000000 ____D C:\Windows\SysWOW64\RTCOM 2019-01-03 14:49 - 2018-05-21 04:00 - 000000000 ____D C:\Windows\System32\DAX2 2019-01-03 14:47 - 2018-07-26 13:19 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update 2019-01-03 14:47 - 2018-07-26 11:50 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk 2018-12-21 12:56 - 2018-04-11 13:04 - 001310720 _____ C:\Windows\System32\config\BBI 2018-12-21 05:24 - 2018-08-03 05:01 - 000003644 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-AMPFOT-WillP 2018-12-21 03:08 - 2018-04-11 15:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2018-12-21 03:07 - 2018-07-25 12:12 - 000000000 ____D C:\Program Files\Microsoft Office 2018-12-20 13:46 - 2018-10-30 11:41 - 000000933 _____ C:\Windows\Tasks\EPSON SC-P800 Series Update {29B2840C-3B80-4359-8226-92A4ED6D54B7}.job 2018-12-20 13:46 - 2018-10-09 10:21 - 000000933 _____ C:\Windows\Tasks\EPSON SC-P800 Series Update {35839D0B-45B0-4559-8A27-2E773FCB5AB8}.job 2018-12-20 13:46 - 2018-07-25 04:38 - 000000948 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2018-12-20 13:46 - 2018-07-25 04:38 - 000000944 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2018-12-20 10:00 - 2018-11-21 11:47 - 000002856 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1004336348-113007714-1644491937-4604 2018-12-20 10:00 - 2018-11-13 13:45 - 000003398 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-20 10:00 - 2018-11-13 13:45 - 000003196 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-20 10:00 - 2018-11-13 13:45 - 000003152 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-20 10:00 - 2018-11-13 13:45 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-20 10:00 - 2018-11-13 13:45 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-20 10:00 - 2018-11-13 13:45 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-20 10:00 - 2018-11-13 13:45 - 000002984 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-20 10:00 - 2018-11-13 13:45 - 000002956 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-20 10:00 - 2018-11-13 13:45 - 000002914 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-20 10:00 - 2018-11-13 13:45 - 000002838 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-20 10:00 - 2018-11-13 13:45 - 000002744 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2018-12-20 10:00 - 2018-10-30 11:41 - 000003486 _____ C:\Windows\System32\Tasks\EPSON SC-P800 Series Update {29B2840C-3B80-4359-8226-92A4ED6D54B7} 2018-12-20 10:00 - 2018-10-09 10:21 - 000003486 _____ C:\Windows\System32\Tasks\EPSON SC-P800 Series Update {35839D0B-45B0-4559-8A27-2E773FCB5AB8} 2018-12-20 10:00 - 2018-09-04 12:52 - 000003180 _____ C:\Windows\System32\Tasks\Intel PTT EK Recertification 2018-12-20 10:00 - 2018-09-04 10:15 - 000002218 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2018-12-20 10:00 - 2018-08-09 09:14 - 000003296 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{24645839-29CD-42D9-A35F-7C967ABD0F0C} 2018-12-20 10:00 - 2018-08-08 07:13 - 000002754 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-AMPFOT-WillP 2018-12-20 10:00 - 2018-07-26 13:19 - 000003482 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2018-12-20 10:00 - 2018-07-26 13:19 - 000003462 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA 2018-12-20 10:00 - 2018-07-26 13:19 - 000003346 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2018-12-20 10:00 - 2018-07-26 13:19 - 000003308 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{ACF392EF-37E0-4F13-8DDF-44969A997847} 2018-12-20 10:00 - 2018-07-26 13:19 - 000003238 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore 2018-12-20 10:00 - 2018-07-26 13:19 - 000003122 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2018-12-20 10:00 - 2018-07-26 13:19 - 000002856 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3895775199-811193724-1153901123-1003 2018-12-20 10:00 - 2018-07-26 13:19 - 000002856 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3895775199-811193724-1153901123-1002 2018-12-20 10:00 - 2018-07-26 13:19 - 000002856 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3895775199-811193724-1153901123-1001 2018-12-20 10:00 - 2018-07-26 13:19 - 000002822 _____ C:\Windows\System32\Tasks\NerveCenterUpdate 2018-12-20 10:00 - 2018-07-26 13:19 - 000002772 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-WILL-AMPLIS-LAP-WillP 2018-12-20 10:00 - 2018-07-26 13:19 - 000002768 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 2018-12-20 10:00 - 2018-07-26 13:19 - 000002726 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-WILL-AMPLIS-LAP-WillP 2018-12-20 10:00 - 2018-07-26 13:19 - 000002264 _____ C:\Windows\System32\Tasks\ITE HID monitor 2018-12-20 07:31 - 2018-07-25 12:54 - 000000000 ____D C:\Users\Public\Documents\Adobe 2018-12-20 07:14 - 2018-07-25 12:41 - 000000000 ____D C:\Program Files\Common Files\Adobe 2018-12-20 07:03 - 2018-07-25 12:30 - 000000000 ____D C:\ProgramData\Adobe 2018-12-18 05:33 - 2017-10-03 08:48 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-12-18 02:01 - 2018-10-09 05:19 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-12-18 02:01 - 2018-10-09 05:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-12-18 02:01 - 2018-07-26 13:10 - 001283504 _____ C:\Windows\System32\FNTCACHE.DAT 2018-12-18 02:00 - 2018-04-11 15:38 - 000000000 ___SD C:\Windows\System32\DiagSvcs 2018-12-18 02:00 - 2018-04-11 15:38 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2018-12-18 02:00 - 2018-04-11 15:38 - 000000000 ____D C:\Windows\TextInput 2018-12-18 02:00 - 2018-04-11 15:38 - 000000000 ____D C:\Windows\ShellComponents 2018-12-18 02:00 - 2018-04-11 15:38 - 000000000 ____D C:\Windows\bcastdvr 2018-12-17 22:12 - 2018-04-11 15:30 - 000000000 ____D C:\Windows\CbsTemp 2018-12-17 22:09 - 2018-07-24 09:55 - 000000000 ____D C:\Program Files\rempl 2018-12-17 21:04 - 2018-10-15 06:57 - 000152688 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbae64.sys 2018-12-17 12:59 - 2018-10-23 21:12 - 000000783 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk 2018-12-17 12:40 - 2018-10-09 10:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2018-12-17 12:39 - 2018-12-04 08:00 - 000002163 _____ C:\Users\Public\Desktop\Picture Control Utility 2.lnk 2018-12-17 12:39 - 2018-12-04 07:59 - 000000000 ____D C:\Windows\Downloaded Installations 2018-12-17 12:39 - 2018-12-04 07:59 - 000000000 ____D C:\Program Files\Nikon 2018-12-17 12:38 - 2018-12-04 07:58 - 000000000 ____D C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583 2018-12-13 17:32 - 2018-07-25 11:27 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-12-13 14:42 - 2018-07-25 04:38 - 000000000 ____D C:\Program Files (x86)\Dropbox 2018-12-11 13:55 - 2018-07-25 05:18 - 000592616 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe 2018-12-10 22:03 - 2018-07-24 09:54 - 000000000 ____D C:\Windows\System32\MRT 2018-12-10 22:01 - 2018-07-24 09:54 - 137810048 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe 2018-12-10 13:10 - 2018-07-25 06:21 - 000000000 ____D C:\Windows\System32\Drivers\wd ==================== KnownDLLs (Whitelisted) ========================= ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\dnsapi.dll => MD5 is legit C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit BCD (recoveryenabled=No -> recoveryenabled=Yes) <==== restored successfully ==================== Association (Whitelisted) ============= ==================== Restore Points ========================= ==================== Memory info =========================== Percentage of memory in use: 9% Total physical RAM: 16244.16 MB Available physical RAM: 14701.4 MB Total Virtual: 16244.16 MB Available Virtual: 14751.09 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:118 GB) (Free:54.49 GB) NTFS Drive e: (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.34 GB) NTFS Drive f: (7GB USB) (Removable) (Total:6.82 GB) (Free:6.81 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.49 GB) NTFS Drive y: (Will's Storage) (Fixed) (Total:931.39 GB) (Free:596.96 GB) NTFS \\?\Volume{14a81cfa-58d1-4e1c-845a-65b3afdcad8f}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 97ABE7CC) Partition: GPT. ======================================================== Disk: 1 (Size: 119.2 GB) (Disk ID: 5CD2CB43) Partition: GPT. ======================================================== Disk: 2 (Size: 6.8 GB) (Disk ID: 9BE4394F) Partition 1: (Not Active) - (Size=6.8 GB) - (Type=0C) LastRegBack: 2018-07-26 13:10 ==================== End of FRST.txt ============================