Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mitigation BADUSB . My laptops keyboard locks up


  • Please log in to reply
35 replies to this topic

#1 spnkntm

spnkntm

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 30 October 2017 - 01:28 PM

Hows it going? I'm hoping to get some help with a keyboard problem I'm having. My keyboard will lock up, and only the mouse will work. I was also able to use the touch screen option, however it is impossible to work that way. I downloaded HitMan pro and it found the issue..Mitigation BADUSB. When the computer goes to sleep and reboots, I have to block this for the computer to work. Im pretty sure I got this when I installed FIREFOX browser.

 What is needed on my end to correct this?

 

Operating system is windows 10

what Im using for pc protection/cleaning

Norton AntiVirus

HitmanPro Alert 3.7.7 build

CCleaner

 

Thanks in advance, Adam



BC AdBot (Login to Remove)

 


m

#2 spnkntm

spnkntm
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 02 November 2017 - 04:17 PM

Hey guys..just following up on this. Thanks Adam



#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 34,499 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:49 AM

Posted 03 November 2017 - 09:14 AM

Greetings Adam and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Now that you have already started a topic please follow the steps as outlined here. Make sure to copy and paste both logs in your reply. If you receive an error message the content is too long simply post each report in a separate reply.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom shall we go? You have the words that give eternal life. We believe, and know that you are the Holy One of God."

#4 spnkntm

spnkntm
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 03 November 2017 - 10:07 AM

Hey Gary, no problem on what you are asking for. This is my work computer and is used 12 hrs a day. The only changes that may be made are to the tuning softwares that I use to calibrate cars. The softwares I use update almost daily, outside of that, I dont usually add anything else. What do we need to do to start? Thanks for the help, Adam


Forgot to add, it works as long as I block the program from starting up. I havent noticed any other issues. 

looking at how to post logs now....


Edited by spnkntm, 03 November 2017 - 10:08 AM.


#5 spnkntm

spnkntm
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 03 November 2017 - 10:20 AM

Once again, thanks for taking the time to help..Adam

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017
Ran by Adam Montague (03-11-2017 08:15:16)
Running from C:\Users\Adam Montague\Downloads
Windows 10 Home Version 1607 14393.1770 (X64) (2017-10-02 19:42:33)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Adam Montague (S-1-5-21-208816048-3736313202-4178057886-1001 - Administrator - Enabled) => C:\Users\Adam Montague
Administrator (S-1-5-21-208816048-3736313202-4178057886-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-208816048-3736313202-4178057886-503 - Limited - Disabled)
Guest (S-1-5-21-208816048-3736313202-41780Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
Ran by Adam Montague (administrator) on DESKTOP-JIG6R8L (03-11-2017 08:14:30)
Running from C:\Users\Adam Montague\Downloads
Loaded Profiles: Adam Montague (Available Profiles: Adam Montague)
Platform: Windows 10 Home Version 1607 14393.1770 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxCUIService.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Conexant Systems, Inc) C:\Windows\CxSvc\CxMonSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\syswow64\UIUSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxEM.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Conexant) C:\Program Files\CONEXANT\MicTray\MicTray64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\ns.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\ns.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17092.13511.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954272 2016-09-06] (Synaptics Incorporated)
HKLM\...\Run: [DeliveryAndStatusCheck] => C:\Program Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe [301832 2015-11-10] (HP)
HKLM\...\Run: [MicTray] => C:\Program Files\Conexant\MicTray\MicTray64.exe [2719832 2017-05-16] (Conexant)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-27] (Microsoft Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [654088 2015-08-04] (Hewlett-Packard Development Company, L.P.)
HKU\S-1-5-21-208816048-3736313202-4178057886-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6c9b0564-efbe-4f80-968d-a75d4d7de1e4}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-11-01] (Microsoft Corporation)
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\coIEPlg.dll [2017-10-03] (Symantec Corporation)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.11.0.41\coIEPlg.dll [2017-10-03] (Symantec Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\coIEPlg.dll [2017-10-03] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.11.0.41\coIEPlg.dll [2017-10-03] (Symantec Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 2hb6v2o3.default
FF ProfilePath: C:\Users\Adam Montague\AppData\Roaming\Mozilla\Firefox\Profiles\2hb6v2o3.default [2017-11-03]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.7.0.76\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.7.0.76\coFFAddon [2017-10-09]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.7.0.76\coFFAddon
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll [2015-06-25] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-10-25] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-10-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-10-30] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Adam Montague\AppData\Local\Google\Chrome\User Data\Default [2017-10-30]
CHR Extension: (Slides) - C:\Users\Adam Montague\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-30]
CHR Extension: (Docs) - C:\Users\Adam Montague\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-30]
CHR Extension: (Google Drive) - C:\Users\Adam Montague\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-30]
CHR Extension: (YouTube) - C:\Users\Adam Montague\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-30]
CHR Extension: (Norton Security Toolbar) - C:\Users\Adam Montague\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-10-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Adam Montague\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-30]
CHR Extension: (Gmail) - C:\Users\Adam Montague\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-30]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7923880 2017-10-23] (Microsoft Corporation)
R2 CxMonSvc; C:\WINDOWS\CxSvc\CxMonSvc.exe [22648 2016-06-06] (Conexant Systems, Inc)
R2 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [141432 2016-07-29] (Conexant Systems, Inc.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135488 2017-10-02] (SurfRight B.V.)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [4853384 2017-10-02] (SurfRight B.V.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [604936 2015-07-27] (Hewlett-Packard Development Company, L.P.)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [269480 2017-07-03] ()
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\NS.exe [326144 2017-10-04] (Symantec Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255584 2016-09-06] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-28] (TeamViewer GmbH)
R2 UIUService; C:\WINDOWS\SysWOW64\UIUSrv.exe [105984 2017-10-03] (Conexant Systems, Inc.) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-27] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-08-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3755176 2017-07-03] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\BASHDefs\20171101.001\BHDrvx64.sys [1872024 2017-10-11] (Symantec Corporation)
R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\160B000.029\ccSetx64.sys [187520 2017-10-03] (Symantec Corporation)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508056 2017-10-18] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [158360 2017-10-18] (Symantec Corporation)
R3 HID_PCI; C:\WINDOWS\System32\drivers\HID_PCI.sys [47928 2015-11-04] (Intel)
R1 hmpalert; C:\WINDOWS\system32\drivers\hmpalert.sys [253048 2017-10-02] (SurfRight B.V.)
R3 hmpnet; C:\WINDOWS\system32\drivers\hmpnet.sys [93800 2017-10-02] (SurfRight B.V.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel Corporation)
R3 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\IPSDefs\20171101.001\IDSvia64.sys [1056920 2017-10-13] (Symantec Corporation)
R3 ISH; C:\WINDOWS\System32\drivers\ISH.sys [135992 2015-11-04] (Intel)
R3 ISH_BusDriver; C:\WINDOWS\System32\drivers\ISH_BusDriver.sys [71992 2015-11-09] (Intel)
R1 MpKsl61932818; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5059CA75-2AC8-43A5-BCAD-BB7BD29593A7}\MpKsl61932818.sys [58120 2017-11-03] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7643648 2017-07-13] (Intel Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [762072 2015-11-02] (Realsil Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [408280 2015-11-02] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [50792 2016-09-06] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [51296 2016-09-06] (Synaptics Incorporated)
R3 SRTSP; C:\WINDOWS\System32\Drivers\NSx64\160B000.029\SRTSP64.SYS [812704 2017-10-03] (Symantec Corporation)
R3 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\160B000.029\SRTSPX64.SYS [49304 2017-10-03] (Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\160B000.029\SYMEFASI64.SYS [1868416 2017-10-03] (Symantec Corporation)
S4 SymELAM; C:\WINDOWS\system32\drivers\NSx64\160B000.029\SymELAM.sys [24608 2017-10-03] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102568 2017-10-07] (Symantec Corporation)
R3 SymIRON; C:\WINDOWS\system32\drivers\NSx64\160B000.029\Ironx64.SYS [301288 2017-10-03] (Symantec Corporation)
R3 SymNetS; C:\WINDOWS\System32\Drivers\NSx64\160B000.029\SYMNETS.SYS [566912 2017-10-03] (Symantec Corporation)
R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [41992 2017-03-31] (Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30544 2015-08-12] (HP)
U3 aspnet_state; no ImagePath
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20171002.007\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.7.0.76\Definitions\SDSDefs\20171002.007\EX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-03 08:14 - 2017-11-03 08:14 - 000017033 _____ C:\Users\Adam Montague\Downloads\FRST.txt
2017-11-03 08:14 - 2017-11-03 08:14 - 000000000 ____D C:\FRST
2017-11-03 08:11 - 2017-11-03 08:14 - 002403328 _____ (Farbar) C:\Users\Adam Montague\Downloads\FRST64.exe
2017-11-02 16:50 - 2017-11-02 16:50 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-11-02 16:35 - 2017-11-02 16:30 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-11-02 12:31 - 2017-11-02 11:39 - 002085848 _____ C:\Users\Adam Montague\Desktop\Debug.dat
2017-11-02 11:13 - 2017-11-02 17:46 - 000000000 ____D C:\Users\Adam Montague\Desktop\mark 2013 rt chally stage 3 mopar pkg
2017-11-01 19:29 - 2017-11-02 01:11 - 000000000 ____D C:\Users\Adam Montague\Desktop\sonny 17 charger hellcat 1300cc 2.8 pulley
2017-11-01 18:57 - 2017-11-01 18:57 - 010686906 _____ C:\Users\Adam Montague\Downloads\trinity_dcx_gas_15-1r13d_update.crom
2017-11-01 18:22 - 2017-11-01 18:22 - 010747562 _____ C:\Users\Adam Montague\Downloads\trinity_diablo_dcx_gas-1r13i_update.crom
2017-10-30 14:16 - 2017-10-30 14:16 - 023278593 _____ C:\Users\Adam Montague\Downloads\4th gear pull lean at 5500 2.mp4
2017-10-30 13:03 - 2017-10-30 13:03 - 000087886 _____ C:\Users\Adam Montague\Desktop\enriques cat.jpeg
2017-10-30 11:58 - 2017-10-30 11:59 - 005008801 _____ C:\Users\Adam Montague\Downloads\8D2A7BC1-D4FB-4FCF-BD1C-714ADFDC9E76 (1).mp4(1).crdownload
2017-10-30 11:57 - 2017-10-30 11:57 - 005008801 _____ C:\Users\Adam Montague\Downloads\8D2A7BC1-D4FB-4FCF-BD1C-714ADFDC9E76 (1).mp4.crdownload
2017-10-30 11:06 - 2017-10-30 11:09 - 000000000 ____D C:\Users\Adam Montague\Desktop\tuning need to backup 10-30-17
2017-10-30 11:04 - 2017-10-30 11:09 - 000003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-10-30 11:04 - 2017-10-30 11:09 - 000003292 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-10-30 11:04 - 2017-10-30 11:04 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2017-10-30 11:04 - 2017-10-30 11:04 - 000002886 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-10-30 11:04 - 2017-10-30 11:04 - 000002351 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-30 11:04 - 2017-10-30 11:04 - 000002339 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-10-30 11:04 - 2017-10-30 11:04 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-10-30 11:04 - 2017-10-30 11:04 - 000000000 ____D C:\Users\Adam Montague\AppData\Local\Google
2017-10-30 11:04 - 2017-10-30 11:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-10-30 11:04 - 2017-10-30 11:04 - 000000000 ____D C:\Program Files\CCleaner
2017-10-30 11:04 - 2017-10-30 11:04 - 000000000 ____D C:\Program Files (x86)\Google
2017-10-30 11:03 - 2017-10-30 11:03 - 010427120 _____ (Piriform Ltd) C:\Users\Adam Montague\Downloads\ccsetup536.exe
2017-10-30 09:37 - 2017-10-30 12:38 - 000000000 ____D C:\Users\Adam Montague\AppData\Roaming\TeamViewer
2017-10-30 09:37 - 2017-10-30 09:37 - 000001119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-10-30 09:37 - 2017-10-30 09:37 - 000001107 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-10-30 09:37 - 2017-10-30 09:37 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-10-30 09:35 - 2017-10-30 09:37 - 015756368 _____ (TeamViewer GmbH) C:\Users\Adam Montague\Downloads\TeamViewer_Setup.exe
2017-10-30 04:45 - 2017-10-30 04:45 - 038768635 _____ C:\Users\Adam Montague\Downloads\FullSizeRender(1).mov
2017-10-29 10:24 - 2017-10-29 10:28 - 026087894 _____ C:\Users\Adam Montague\Downloads\IMG_2156 (2).mp4
2017-10-28 12:43 - 2017-10-28 12:43 - 102491569 _____ C:\Users\Adam Montague\Downloads\IMG_3164.MOV
2017-10-28 11:37 - 2017-10-28 11:37 - 000068270 _____ C:\Users\Adam Montague\Downloads\PCM_05030375AG_Backup.drg
2017-10-28 11:36 - 2017-10-28 11:36 - 000068449 _____ C:\Users\Adam Montague\Downloads\PCM_05030375AG_LastTuneWritten.drg
2017-10-28 11:35 - 2017-10-28 11:35 - 000073441 _____ C:\Users\Adam Montague\Downloads\Predator backup(1).drg
2017-10-28 11:34 - 2017-10-28 11:34 - 000073441 _____ C:\Users\Adam Montague\Downloads\Predator backup.drg
2017-10-23 13:58 - 2017-10-23 13:59 - 000000033 _____ C:\Users\Adam Montague\Desktop\jimmy ram tune.txt
2017-10-20 16:23 - 2017-10-20 16:23 - 000097126 _____ C:\Users\Adam Montague\Downloads\1490886064.hpt
2017-10-20 03:37 - 2017-10-30 11:05 - 000000000 ____D C:\WINDOWS\Minidump
2017-10-18 08:12 - 2017-10-18 08:14 - 000181038 _____ C:\TDSSKiller.2.8.16.0_18.10.2017_08.12.52_log.txt
2017-10-18 08:12 - 2017-10-18 08:12 - 000208216 _____ (Kaspersky Lab, GERT) C:\WINDOWS\system32\Drivers\14005531.sys
2017-10-18 08:10 - 2017-10-18 08:12 - 000000000 ____D C:\AdwCleaner
2017-10-18 07:56 - 2017-10-18 07:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Tuners
2017-10-18 07:56 - 2017-10-18 07:56 - 000000000 ____D C:\Program Files (x86)\HP Tuners
2017-10-18 07:50 - 2017-10-18 07:56 - 189775872 _____ C:\Users\Adam Montague\Downloads\VCM Suite (Beta)(3).msi
2017-10-17 14:41 - 2017-11-02 10:37 - 000000396 _____ C:\WINDOWS\Tasks\HPCeeScheduleForAdam Montague.job
2017-10-17 14:41 - 2017-11-01 16:35 - 000003320 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForAdam Montague
2017-10-16 12:41 - 2017-10-16 12:42 - 000563926 _____ C:\Users\Adam Montague\Downloads\1491254822.hpt
2017-10-16 11:53 - 2017-10-16 11:54 - 000863862 _____ C:\Users\Adam Montague\Downloads\1500005066.hpt
2017-10-14 17:36 - 2017-11-02 11:06 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2017-10-14 17:26 - 2017-10-14 17:26 - 000003388 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-10-12 23:39 - 2017-10-12 23:39 - 000000000 ____D C:\Users\Adam Montague\AppData\Roaming\MSD
2017-10-12 23:38 - 2017-10-12 23:40 - 000001356 _____ C:\Users\Public\Desktop\MSD ReView.lnk
2017-10-12 23:38 - 2017-10-12 23:40 - 000001317 _____ C:\Users\Public\Desktop\MSDView4.lnk
2017-10-12 23:38 - 2017-10-12 23:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSD View
2017-10-12 23:38 - 2017-10-12 23:40 - 000000000 ____D C:\Program Files (x86)\MSD View
2017-10-12 23:38 - 2017-10-12 23:38 - 000000000 ____D C:\ProgramData\MSD
2017-10-12 23:36 - 2017-10-12 23:38 - 017694320 _____ (MSD LLC ) C:\Users\Adam Montague\Downloads\techlibrary_msdview-4.3.21.exe
2017-10-11 20:29 - 2017-10-11 20:30 - 100252828 _____ C:\Users\Adam Montague\Downloads\IMG_2981.MOV
2017-10-11 15:50 - 2017-10-30 11:05 - 000000000 ____D C:\Users\Adam Montague\AppData\Local\CrashDumps
2017-10-11 15:49 - 2017-10-11 15:49 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-11 15:47 - 2017-09-17 20:27 - 000218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-10-11 15:47 - 2017-09-17 20:09 - 007780192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-11 15:47 - 2017-09-17 20:09 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-10-11 15:47 - 2017-09-17 20:09 - 000646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-11 15:47 - 2017-09-17 20:09 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-11 15:47 - 2017-09-17 20:08 - 000998920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-10-11 15:47 - 2017-09-17 20:05 - 001177688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-10-11 15:47 - 2017-09-17 20:05 - 000497424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-11 15:47 - 2017-09-17 20:05 - 000172536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-11 15:47 - 2017-09-17 20:04 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-10-11 15:47 - 2017-09-17 20:04 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-10-11 15:47 - 2017-09-17 20:04 - 000404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-11 15:47 - 2017-09-17 20:03 - 000791272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-10-11 15:47 - 2017-09-17 20:02 - 007213464 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-10-11 15:47 - 2017-09-17 20:02 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-10-11 15:47 - 2017-09-17 20:01 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-10-11 15:47 - 2017-09-17 20:01 - 000431456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-10-11 15:47 - 2017-09-17 20:01 - 000223072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-11 15:47 - 2017-09-17 20:00 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-10-11 15:47 - 2017-09-17 19:59 - 022220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-10-11 15:47 - 2017-09-17 19:59 - 008173672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-11 15:47 - 2017-09-17 19:59 - 004260072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-10-11 15:47 - 2017-09-17 19:59 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-10-11 15:47 - 2017-09-17 19:59 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-10-11 15:47 - 2017-09-17 19:59 - 000341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-11 15:47 - 2017-09-17 19:59 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-10-11 15:47 - 2017-09-17 19:58 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-10-11 15:47 - 2017-09-17 19:57 - 001566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-11 15:47 - 2017-09-17 19:56 - 000057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-10-11 15:47 - 2017-09-17 19:55 - 005722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-10-11 15:47 - 2017-09-17 19:55 - 001431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-10-11 15:47 - 2017-09-17 19:54 - 001980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-10-11 15:47 - 2017-09-17 19:52 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-10-11 15:47 - 2017-09-17 19:52 - 006672680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-11 15:47 - 2017-09-17 19:52 - 004023560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-10-11 15:47 - 2017-09-17 19:52 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-10-11 15:47 - 2017-09-17 19:52 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-10-11 15:47 - 2017-09-17 19:52 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-10-11 15:47 - 2017-09-17 19:52 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-10-11 15:47 - 2017-09-17 19:51 - 000178016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-10-11 15:47 - 2017-09-17 19:49 - 001435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-10-11 15:47 - 2017-09-17 19:49 - 001412128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-11 15:47 - 2017-09-17 19:49 - 001260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-11 15:47 - 2017-09-17 19:48 - 000117792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-11 15:47 - 2017-09-17 19:36 - 022570496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-10-11 15:47 - 2017-09-17 19:35 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-10-11 15:47 - 2017-09-17 19:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-10-11 15:47 - 2017-09-17 19:33 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-11 15:47 - 2017-09-17 19:33 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-10-11 15:47 - 2017-09-17 19:33 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransliterationRanker.dll
2017-10-11 15:47 - 2017-09-17 19:32 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpninputrouter.dll
2017-10-11 15:47 - 2017-09-17 19:32 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmojiDS.dll
2017-10-11 15:47 - 2017-09-17 19:32 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-11 15:47 - 2017-09-17 19:32 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-11 15:47 - 2017-09-17 19:31 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-10-11 15:47 - 2017-09-17 19:31 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-10-11 15:47 - 2017-09-17 19:31 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-10-11 15:47 - 2017-09-17 19:31 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-10-11 15:47 - 2017-09-17 19:31 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-10-11 15:47 - 2017-09-17 19:31 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\RuleBasedDS.dll
2017-10-11 15:47 - 2017-09-17 19:30 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpnranker.dll
2017-10-11 15:47 - 2017-09-17 19:30 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-10-11 15:47 - 2017-09-17 19:30 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-10-11 15:47 - 2017-09-17 19:30 - 000174592 _____ C:\WINDOWS\system32\IHDS.dll
2017-10-11 15:47 - 2017-09-17 19:30 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-10-11 15:47 - 2017-09-17 19:30 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\VocabRoamingHandler.dll
2017-10-11 15:47 - 2017-09-17 19:30 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\StaticDictDS.dll
2017-10-11 15:47 - 2017-09-17 19:30 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-10-11 15:47 - 2017-09-17 19:30 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\chxranker.dll
2017-10-11 15:47 - 2017-09-17 19:29 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-10-11 15:47 - 2017-09-17 19:29 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChsStrokeDS.dll
2017-10-11 15:47 - 2017-09-17 19:29 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-11 15:47 - 2017-09-17 19:29 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-10-11 15:47 - 2017-09-17 19:29 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-10-11 15:47 - 2017-09-17 19:29 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-10-11 15:47 - 2017-09-17 19:28 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-11 15:47 - 2017-09-17 19:28 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtHkStrokeDS.dll
2017-10-11 15:47 - 2017-09-17 19:28 - 000406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-10-11 15:47 - 2017-09-17 19:28 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChsPinyinRanker.dll
2017-10-11 15:47 - 2017-09-17 19:28 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtfDecoder.dll
2017-10-11 15:47 - 2017-09-17 19:28 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-10-11 15:47 - 2017-09-17 19:28 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2017-10-11 15:47 - 2017-09-17 19:28 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-10-11 15:47 - 2017-09-17 19:28 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-11 15:47 - 2017-09-17 19:27 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-10-11 15:47 - 2017-09-17 19:27 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-10-11 15:47 - 2017-09-17 19:27 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-10-11 15:47 - 2017-09-17 19:27 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-10-11 15:47 - 2017-09-17 19:27 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-10-11 15:47 - 2017-09-17 19:27 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxAPDS.dll
2017-10-11 15:47 - 2017-09-17 19:27 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimeChsPinyinMainDS.dll
2017-10-11 15:47 - 2017-09-17 19:27 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxHAPDS.dll
2017-10-11 15:47 - 2017-09-17 19:27 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-11 15:47 - 2017-09-17 19:27 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtCangjieDS.dll
2017-10-11 15:47 - 2017-09-17 19:27 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtQuickDS.dll
2017-10-11 15:47 - 2017-09-17 19:27 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-10-11 15:47 - 2017-09-17 19:27 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-10-11 15:47 - 2017-09-17 19:27 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpndecoder.dll
2017-10-11 15:47 - 2017-09-17 19:27 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\chxinputrouter.dll
2017-10-11 15:47 - 2017-09-17 19:27 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-10-11 15:47 - 2017-09-17 19:27 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-10-11 15:47 - 2017-09-17 19:27 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-10-11 15:47 - 2017-09-17 19:27 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-10-11 15:47 - 2017-09-17 19:26 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-10-11 15:47 - 2017-09-17 19:26 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-10-11 15:47 - 2017-09-17 19:26 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-10-11 15:47 - 2017-09-17 19:26 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-10-11 15:47 - 2017-09-17 19:26 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-10-11 15:47 - 2017-09-17 19:26 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-11 15:47 - 2017-09-17 19:26 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-11 15:47 - 2017-09-17 19:26 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-10-11 15:47 - 2017-09-17 19:26 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-10-11 15:47 - 2017-09-17 19:26 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-11 15:47 - 2017-09-17 19:26 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-10-11 15:47 - 2017-09-17 19:26 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-10-11 15:47 - 2017-09-17 19:25 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-10-11 15:47 - 2017-09-17 19:25 - 001914368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-10-11 15:47 - 2017-09-17 19:25 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2017-10-11 15:47 - 2017-09-17 19:25 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-10-11 15:47 - 2017-09-17 19:24 - 013107712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-10-11 15:47 - 2017-09-17 19:24 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-10-11 15:47 - 2017-09-17 19:24 - 002103808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-10-11 15:47 - 2017-09-17 19:24 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-10-11 15:47 - 2017-09-17 19:24 - 001584640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-10-11 15:47 - 2017-09-17 19:24 - 000819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-10-11 15:47 - 2017-09-17 19:24 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-10-11 15:47 - 2017-09-17 19:24 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-11 15:47 - 2017-09-17 19:24 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-11 15:47 - 2017-09-17 19:23 - 000857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-10-11 15:47 - 2017-09-17 19:23 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-10-11 15:47 - 2017-09-17 19:23 - 000636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-10-11 15:47 - 2017-09-17 19:23 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-10-11 15:47 - 2017-09-17 19:23 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-10-11 15:47 - 2017-09-17 19:23 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-11 15:47 - 2017-09-17 19:23 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-10-11 15:47 - 2017-09-17 19:22 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-10-11 15:47 - 2017-09-17 19:22 - 003291648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-10-11 15:47 - 2017-09-17 19:22 - 001323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-10-11 15:47 - 2017-09-17 19:22 - 001137664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-10-11 15:47 - 2017-09-17 19:22 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-10-11 15:47 - 2017-09-17 19:22 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2017-10-11 15:47 - 2017-09-17 19:21 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-10-11 15:47 - 2017-09-17 19:20 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-11 15:47 - 2017-09-17 19:20 - 019414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-11 15:47 - 2017-09-17 19:20 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-10-11 15:47 - 2017-09-17 19:20 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-10-11 15:47 - 2017-09-17 19:20 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-10-11 15:47 - 2017-09-17 19:20 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-10-11 15:47 - 2017-09-17 19:19 - 002750976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-10-11 15:47 - 2017-09-17 19:19 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-10-11 15:47 - 2017-09-17 19:19 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2017-10-11 15:47 - 2017-09-17 19:19 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-10-11 15:47 - 2017-09-17 19:18 - 012204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-10-11 15:47 - 2017-09-17 19:18 - 008114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-10-11 15:47 - 2017-09-17 19:18 - 008077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-10-11 15:47 - 2017-09-17 19:18 - 007470592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-10-11 15:47 - 2017-09-17 19:18 - 001145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-10-11 15:47 - 2017-09-17 19:18 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-10-11 15:47 - 2017-09-17 19:18 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-11 15:47 - 2017-09-17 19:18 - 000932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-10-11 15:47 - 2017-09-17 19:18 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-10-11 15:47 - 2017-09-17 19:17 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-10-11 15:47 - 2017-09-17 19:17 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-11 15:47 - 2017-09-17 19:17 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-11 15:47 - 2017-09-17 19:17 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-10-11 15:47 - 2017-09-17 19:16 - 004743168 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-11 15:47 - 2017-09-17 19:16 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-10-11 15:47 - 2017-09-17 19:16 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-10-11 15:47 - 2017-09-17 19:16 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-11 15:47 - 2017-09-17 19:15 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-10-11 15:47 - 2017-09-17 19:15 - 003202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-10-11 15:47 - 2017-09-17 19:15 - 002919936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-10-11 15:47 - 2017-09-17 19:15 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-10-11 15:47 - 2017-09-17 19:15 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-10-11 15:47 - 2017-09-17 19:15 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-10-11 15:47 - 2017-09-17 19:15 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-11 15:47 - 2017-09-17 19:15 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-10-11 15:47 - 2017-09-17 19:15 - 001231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-10-11 15:47 - 2017-09-17 19:15 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-10-11 15:47 - 2017-09-17 19:14 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-10-11 15:47 - 2017-09-17 19:14 - 002997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-10-11 15:47 - 2017-09-17 19:14 - 002897408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 002740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 002649600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 002483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 002321408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 001599488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 001518080 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-10-11 15:47 - 2017-09-17 19:14 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 001040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 000983552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-10-11 15:47 - 2017-09-17 19:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-10-11 15:47 - 2017-09-17 19:13 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-10-11 15:47 - 2017-09-17 19:13 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-10-11 15:47 - 2017-09-17 19:13 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-10-11 15:47 - 2017-09-17 19:13 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-10-11 15:47 - 2017-09-17 19:13 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-10-11 15:47 - 2017-09-17 19:13 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-10-11 15:47 - 2017-09-17 19:13 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-10-11 15:47 - 2017-09-17 19:13 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-10-11 15:47 - 2017-09-17 19:13 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-10-11 15:47 - 2017-09-17 19:13 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2017-10-11 15:47 - 2017-09-17 19:12 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-10-11 15:47 - 2017-09-17 19:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-11 15:47 - 2017-09-17 19:12 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-10-11 15:47 - 2017-09-17 19:11 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-10-11 15:47 - 2017-09-17 19:11 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-11 15:47 - 2017-09-17 19:11 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\trie.dll
2017-10-11 15:47 - 2017-09-17 19:11 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFFuzzyDS.dll
2017-10-11 15:47 - 2017-09-17 19:11 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFSpellcheckDS.dll
2017-10-11 15:47 - 2017-09-14 16:14 - 000119328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-10-11 15:47 - 2017-09-14 16:05 - 001302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-10-11 15:47 - 2017-09-14 15:59 - 000096064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-10-11 15:47 - 2017-09-14 15:52 - 000136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-10-11 15:47 - 2017-09-14 15:49 - 001202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-10-11 15:47 - 2017-09-14 15:34 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-10-11 15:47 - 2017-09-14 15:32 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollUI.dll
2017-10-11 15:47 - 2017-09-14 15:32 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-10-11 15:47 - 2017-09-14 15:32 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-10-11 15:47 - 2017-09-14 15:32 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-10-11 15:47 - 2017-09-14 15:31 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-10-11 15:47 - 2017-09-14 15:30 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-10-11 15:47 - 2017-09-14 15:30 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollUI.dll
2017-10-11 15:47 - 2017-09-14 15:30 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB7.dll
2017-10-11 15:47 - 2017-09-14 15:30 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-10-11 15:47 - 2017-09-14 15:30 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-10-11 15:47 - 2017-09-14 15:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-10-11 15:47 - 2017-09-14 15:28 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-10-11 15:47 - 2017-09-14 15:28 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-10-11 15:47 - 2017-09-14 15:27 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-10-11 15:47 - 2017-09-14 15:26 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-10-11 15:47 - 2017-09-14 15:26 - 000636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-10-11 15:47 - 2017-09-14 15:26 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certreq.exe
2017-10-11 15:47 - 2017-09-14 15:25 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2017-10-11 15:47 - 2017-09-14 15:25 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-10-11 15:47 - 2017-09-14 15:24 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-10-11 15:47 - 2017-09-14 15:23 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-10-11 15:47 - 2017-09-14 15:22 - 000987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2017-10-11 15:47 - 2017-09-14 15:22 - 000634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-10-11 15:47 - 2017-09-14 15:20 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-10-11 15:47 - 2017-09-14 15:18 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-10-11 15:47 - 2017-09-14 15:18 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
2017-10-11 15:47 - 2017-09-14 15:16 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2017-10-11 15:47 - 2017-09-14 15:15 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-10-11 15:47 - 2017-09-13 19:04 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-11 15:47 - 2017-09-13 19:04 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-11 15:47 - 2017-09-13 19:04 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-11 15:47 - 2017-03-04 00:10 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-10-11 15:47 - 2017-03-03 23:28 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-10-11 15:47 - 2017-03-03 23:25 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-10-11 15:47 - 2017-03-03 23:24 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-10-11 15:47 - 2017-03-03 23:23 - 001184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-10-11 15:47 - 2017-03-03 23:23 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-10-11 15:47 - 2017-03-03 23:18 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-10-11 15:47 - 2017-03-03 23:16 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-10-11 15:47 - 2017-03-03 23:11 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-10-11 15:47 - 2017-03-03 23:07 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-10-11 15:47 - 2017-03-03 23:00 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-10-11 15:47 - 2017-03-03 23:00 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-10-11 15:47 - 2016-08-26 22:12 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-10-11 15:47 - 2016-08-02 01:13 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-10-11 15:46 - 2017-09-17 20:17 - 001564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-10-11 15:46 - 2017-09-17 20:17 - 000245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-10-11 15:46 - 2017-09-17 20:17 - 000136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-10-11 15:46 - 2017-09-17 20:08 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-11 15:46 - 2017-09-17 20:05 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-10-11 15:46 - 2017-09-17 20:01 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-11 15:46 - 2017-09-17 19:58 - 000206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-10-11 15:46 - 2017-09-17 19:57 - 001460696 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-10-11 15:46 - 2017-09-17 19:57 - 001415712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-11 15:46 - 2017-09-17 19:32 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-11 15:46 - 2017-09-17 19:30 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-10-11 15:46 - 2017-09-17 19:28 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-10-11 15:46 - 2017-09-17 19:27 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-11 15:46 - 2017-09-17 19:27 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-10-11 15:46 - 2017-09-17 19:27 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-10-11 15:46 - 2017-09-17 19:26 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2017-10-11 15:46 - 2017-09-17 19:26 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-10-11 15:46 - 2017-09-17 19:26 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-10-11 15:46 - 2017-09-17 19:26 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-10-11 15:46 - 2017-09-17 19:25 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-10-11 15:46 - 2017-09-17 19:25 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-10-11 15:46 - 2017-09-17 19:22 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-10-11 15:46 - 2017-09-17 19:19 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-10-11 15:46 - 2017-09-17 19:19 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2017-10-11 15:46 - 2017-09-17 19:15 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-11 15:46 - 2017-09-17 19:14 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-10-11 15:46 - 2017-09-17 19:13 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2017-10-11 15:46 - 2017-09-14 15:32 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB7.dll
2017-10-11 15:46 - 2017-09-14 15:31 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-10-11 15:46 - 2017-09-14 15:31 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-10-11 15:46 - 2017-09-14 15:29 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-10-11 15:46 - 2017-09-14 15:24 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2017-10-11 15:46 - 2017-09-14 15:22 - 000820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-10-11 15:46 - 2017-09-14 15:19 - 001421824 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-10-11 15:46 - 2017-09-14 15:19 - 000928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-10-11 15:46 - 2016-08-05 21:16 - 000026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-10-11 15:43 - 2017-10-11 16:49 - 000000000 ____D C:\Users\Adam Montague\Desktop\carlos cmr
2017-10-09 22:37 - 2017-11-02 17:09 - 001388448 _____ C:\Users\Public\GROUP.dat
2017-10-09 22:36 - 2017-10-09 22:36 - 000659968 _____ C:\Users\Adam Montague\Downloads\archive(1).zip
2017-10-09 22:23 - 2017-10-09 22:24 - 380822560 _____ C:\Users\Adam Montague\Downloads\IMG_2899.MOV
2017-10-09 22:08 - 2017-10-09 22:12 - 618984615 _____ C:\Users\Adam Montague\Downloads\IMG_2897.MOV
2017-10-09 07:06 - 2017-10-09 07:06 - 170441225 _____ C:\Users\Adam Montague\Downloads\IMG_2864.MOV
2017-10-09 07:05 - 2017-10-09 07:05 - 046472243 _____ C:\Users\Adam Montague\Downloads\IMG_2904.MOV
2017-10-08 21:40 - 2017-10-08 21:44 - 459832146 _____ C:\Users\Adam Montague\Downloads\IMG_2896.MOV
2017-10-08 21:40 - 2017-10-08 21:44 - 454074231 _____ C:\Users\Adam Montague\Downloads\IMG_2892.MOV
2017-10-08 21:05 - 2017-10-08 21:08 - 502596984 _____ C:\Users\Adam Montague\Downloads\IMG_2887.MOV
2017-10-08 20:07 - 2017-10-08 20:08 - 273495250 _____ C:\Users\Adam Montague\Downloads\IMG_2905.MOV
2017-10-07 12:07 - 2017-10-07 12:15 - 189530112 _____ C:\Users\Adam Montague\Downloads\VCM Suite (Beta)(2).msi
2017-10-05 22:39 - 2017-10-05 22:40 - 000000000 ____D C:\Users\Adam Montague\AppData\Local\NPE
2017-10-05 13:06 - 2017-10-05 13:06 - 000001198 _____ C:\Users\Public\Desktop\DataViewer.lnk
2017-10-05 13:06 - 2017-10-05 13:06 - 000000000 ___HD C:\ProgramData\{65888DB7-A303-41CC-9F28-799131A7BAAF}
2017-10-05 13:06 - 2017-10-05 13:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Data Viewer
2017-10-05 11:42 - 2017-10-05 11:42 - 000000000 ___HD C:\ProgramData\{E20CE159-0D14-4EA0-AFA6-DF96DA60DEB1}
2017-10-05 11:41 - 2017-10-05 11:41 - 000001157 _____ C:\Users\Public\Desktop\DSDownloader.lnk
2017-10-05 11:41 - 2017-10-05 11:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DSDL
2017-10-05 11:39 - 2017-10-05 13:05 - 025575128 _____ (DiabloSport, LLC ) C:\Users\Adam Montague\Downloads\DataViewer_3.4.1.4.exe
2017-10-05 11:39 - 2017-10-05 11:41 - 016774072 _____ (DiabloSport, LLC ) C:\Users\Adam Montague\Downloads\DSDownloader_installer_2.5.0.14.exe
2017-10-05 07:34 - 2017-10-05 07:34 - 000000000 ____D C:\Users\Adam Montague\Downloads\luigi
2017-10-05 07:33 - 2017-10-05 07:33 - 000000000 ____D C:\Users\Adam Montague\Downloads\anotherhellcatbuildsteves
2017-10-05 07:31 - 2017-10-05 07:31 - 000332790 _____ C:\Users\Adam Montague\Downloads\anotherhellcatbuildsteves.zip
2017-10-05 07:25 - 2017-10-05 07:25 - 000000000 ____D C:\Users\Adam Montague\Downloads\albertsengine2
2017-10-05 07:25 - 2017-10-05 07:25 - 000000000 ____D C:\Users\Adam Montague\Downloads\albertsengine1
2017-10-05 07:23 - 2017-10-05 07:23 - 000978793 _____ C:\Users\Adam Montague\Downloads\albertsengine2.zip
2017-10-05 07:23 - 2017-10-05 07:23 - 000484747 _____ C:\Users\Adam Montague\Downloads\albertsengine1.zip
2017-10-05 07:23 - 2017-10-05 07:23 - 000278882 _____ C:\Users\Adam Montague\Downloads\newbattery.zip
2017-10-04 14:43 - 2017-10-04 14:43 - 000001449 _____ C:\Users\Public\Desktop\Chipmaster Revolution.lnk
2017-10-04 14:42 - 2017-10-05 13:06 - 000000000 ____D C:\Program Files (x86)\DiabloSport
2017-10-04 14:42 - 2017-10-04 14:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chipmaster Revolution
2017-10-04 14:42 - 2017-10-04 14:42 - 000000000 ____D C:\ProgramData\DiabloSport
2017-10-04 14:25 - 2017-10-04 14:25 - 000000000 ____D C:\Users\Adam Montague\AppData\Local\{597CD81C-E903-447C-858D-1711F96CEB74}
2017-10-04 14:20 - 2017-10-04 14:23 - 073327664 _____ (DiabloSport ) C:\Users\Adam Montague\Downloads\CMR_Installer(2).exe
2017-10-04 12:07 - 2017-10-05 13:05 - 000000000 ____D C:\Users\Adam Montague\AppData\Local\IIIQF
2017-10-04 12:07 - 2017-10-04 14:43 - 000000000 ___HD C:\ProgramData\{597CD81C-E903-447C-858D-1711F96CEB74}
2017-10-04 11:49 - 2017-10-04 11:49 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ser2pl64_01009.Wdf
2017-10-04 11:32 - 2017-10-04 11:32 - 000184476 _____ C:\Users\Adam Montague\Desktop\warviking.hpl
2017-10-04 11:04 - 2017-10-04 11:04 - 000001803 _____ C:\Users\Adam Montague\Desktop\VCM Scanner - Shortcut.lnk
2017-10-04 11:04 - 2017-10-04 11:04 - 000001798 _____ C:\Users\Adam Montague\Desktop\VCM Editor - Shortcut.lnk
2017-10-04 10:50 - 2017-10-04 11:02 - 189415424 _____ C:\Users\Adam Montague\Downloads\VCM Suite (Beta)(1).msi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-03 08:14 - 2017-10-02 20:09 - 000000000 ____D C:\WINDOWS\CryptoGuard
2017-11-03 08:10 - 2017-10-03 07:14 - 000000000 ____D C:\Users\Adam Montague\AppData\LocalLow\Mozilla
2017-11-03 08:08 - 2017-10-02 12:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-02 17:46 - 2015-11-02 23:05 - 001457028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-02 17:09 - 2017-10-02 20:14 - 000000000 ____D C:\Program Files\rempl
2017-11-02 17:01 - 2017-10-02 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-02 10:59 - 2017-10-02 12:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-02 10:59 - 2016-11-25 23:28 - 000000000 __SHD C:\Users\Adam Montague\IntelGraphicsProfiles
2017-11-02 10:37 - 2017-10-02 12:17 - 000336600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-01 16:59 - 2017-10-02 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-01 16:58 - 2016-09-07 05:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-11-01 16:48 - 2017-10-02 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-01 16:33 - 2017-10-02 19:19 - 000003392 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-208816048-3736313202-4178057886-1001
2017-11-01 16:33 - 2017-10-02 12:45 - 000002394 _____ C:\Users\Adam Montague\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-01 16:33 - 2016-11-25 23:30 - 000000000 ___RD C:\Users\Adam Montague\OneDrive
2017-11-01 16:29 - 2017-10-02 13:04 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-30 11:32 - 2017-10-02 20:09 - 000000000 ____D C:\Users\Adam Montague\Desktop\desktop crap
2017-10-30 11:08 - 2017-10-02 13:10 - 000000000 ____D C:\WINDOWS\INF
2017-10-30 11:05 - 2017-10-02 13:17 - 000000000 ___DC C:\WINDOWS\Panther
2017-10-27 09:49 - 2017-10-02 13:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-10-27 09:46 - 2017-10-03 07:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-27 09:46 - 2017-10-03 07:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-10-25 11:13 - 2017-10-02 13:12 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-25 11:13 - 2017-10-02 13:12 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-18 15:03 - 2016-10-22 22:06 - 000000000 ____D C:\ProgramData\HP
2017-10-18 07:56 - 2016-11-26 10:47 - 000000000 ____D C:\Users\Adam Montague\Documents\HP Tuners
2017-10-17 14:41 - 2017-10-02 12:44 - 000000000 ____D C:\Users\Adam Montague\AppData\Local\Hewlett-Packard
2017-10-17 14:41 - 2016-04-11 08:41 - 000000000 ____D C:\SWSetup
2017-10-16 20:33 - 2017-10-02 13:10 - 000000000 ____D C:\WINDOWS\rescache
2017-10-15 10:17 - 2017-10-02 12:35 - 000000000 ____D C:\Users\Adam Montague
2017-10-14 20:10 - 2017-10-03 21:12 - 000000000 ____D C:\Program Files\Common Files\AV
2017-10-14 17:45 - 2015-11-02 11:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-14 17:29 - 2017-10-02 20:09 - 000000000 ____D C:\ProgramData\HitmanPro.Alert
2017-10-14 17:27 - 2017-10-02 13:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-10-14 17:27 - 2017-10-02 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-10-14 17:27 - 2017-10-02 13:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-10-14 17:26 - 2017-10-02 19:51 - 000002387 _____ C:\Users\Public\Desktop\Norton Security.lnk
2017-10-14 17:26 - 2017-10-02 19:49 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2017-10-14 17:26 - 2017-10-02 19:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2017-10-13 20:57 - 2017-10-02 12:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2017-10-13 20:49 - 2017-06-27 16:04 - 000000000 ____D C:\Users\Adam Montague\Documents\MSD
2017-10-11 15:50 - 2017-10-02 20:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-11 15:49 - 2017-10-02 20:07 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-08 21:00 - 2017-07-10 23:54 - 000000000 ___HD C:\$WINDOWS.~BT
2017-10-07 11:31 - 2017-10-02 19:51 - 000102568 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-10-07 11:31 - 2017-10-02 19:51 - 000008309 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-10-06 20:23 - 2017-10-02 13:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-10-06 15:02 - 2017-10-02 12:47 - 000000000 ____D C:\Users\Adam Montague\AppData\Roaming\Hewlett-Packard
2017-10-06 15:02 - 2017-10-02 12:43 - 000000000 ____D C:\Users\Adam Montague\AppData\Local\Packages
2017-10-06 10:36 - 2017-10-02 19:49 - 000000000 ____D C:\Program Files (x86)\Norton Security
2017-10-06 10:36 - 2017-10-02 13:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-10-04 13:32 - 2017-10-02 13:16 - 000000000 ____D C:\Windows.old
2017-10-04 12:08 - 2016-10-22 22:09 - 000000000 ____D C:\ProgramData\Package Cache

==================== Files in the root of some directories =======

2016-01-27 07:14 - 2016-01-27 07:14 - 000071339 _____ () C:\Program Files (x86)\License EULA.pdf

Files to move or delete:
====================
C:\Users\Public\GROUP.dat


Some files in TEMP:
====================
2017-11-01 20:07 - 2017-11-01 20:14 - 001302528 _____ (DiabloSport, LLC                                                                                                                                                                                                                                                                                            ) C:\Users\Adam Montague\AppData\Local\Temp\DataViewer_Update.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-28 15:15

==================== End of FRST.txt ============================
57886-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Disabled - Out of date) {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Disabled - Up to date) {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Security (Disabled) {084FC016-54FB-7A6D-DFFC-2B9050228CD1}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.159 - Adobe Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)
Chipmaster Revolution (HKLM\...\{5E7B8CBD-EA12-476B-A4B4-7DCD140492B9}) (Version: 5.3 - DiabloSport) Hidden
Chipmaster Revolution (HKLM-x32\...\Chipmaster Revolution) (Version: 5.3 - DiabloSport)
Conexant ISST Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.68.61 - Conexant)
Data Viewer (HKLM\...\{39CB1A9A-F252-49DE-A087-D19A41E91808}) (Version: 3.4 - DiabloSport, LLC) Hidden
Data Viewer (HKLM-x32\...\Data Viewer) (Version: 3.4 - DiabloSport)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
DSDL (HKLM\...\{516F685C-BCC5-4B7B-A406-1E99AECEB059}) (Version: 2.5 - DiabloSport, LLC) Hidden
DSDL (HKLM-x32\...\DSDL) (Version: 2.5 - DiabloSport, LLC)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.75 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.20.286 - SurfRight B.V.)
HitmanPro.Alert 3 (HKLM\...\HitmanPro.Alert) (Version: 3.6.7.604 - SurfRight B.V.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.3 - HP)
HP ePrint SW (HKLM-x32\...\{88970959-baf7-4864-a39a-69a58e8ae5cf}) (Version: 5.0.18701 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8305.5282 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{7878B5ED-BD5A-49C9-B314-D3B0FA55795D}) (Version: 8.5.37.19 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{0715118B-DC4F-4C69-B1F8-F29631332DFA}) (Version: 12.8.37.11 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{1BE6E90E-F615-432E-A588-DB9BB792C81D}) (Version: 1.4.3 - Hewlett-Packard Company)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{DD21DBC9-2A74-44DA-A543-B1F4AF3ABFCA}) (Version: 1.1.8.1 - HP)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4542 - Intel Corporation)
Intel® Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation)
Intel® WiDi (HKLM\...\{6B15F1EF-F3A8-4C29-BF9E-18EB3683A83D}) (Version: 6.0.60.0 - Intel Corporation)
Intel® WiDi Software Asset Manager (HKLM-x32\...\{AC8973AF-7F4C-40F4-BFE1-C02FE95ED2C2}) (Version: 3.2.1184 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{4DA9DC19-4E1D-4B10-A726-A5F2A1BC7265}) (Version: 18.1.1546.2762 - Intel Corporation)
Intel® Integrated Sensor Solution (HKLM-x32\...\{755abcd0-2942-482b-a27d-22921a5849f0}) (Version: 3.0.14.3056 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{ed5cef80-a339-45bd-8c06-514eaf785ca8}) (Version: 19.71.0 - Intel Corporation)
ISS_Drivers_x64 (HKLM\...\{7E28859E-AD3D-4FC2-8D70-E345F8C87722}) (Version: 3.0.14.3056 - Intel Corporation) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8528.2147 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-208816048-3736313202-4178057886-1001\...\OneDriveSetup.exe) (Version: 17.3.7074.1023 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 56.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 56.0.2 (x64 en-US)) (Version: 56.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0 - Mozilla)
MSD View version 4.3.30.0 (HKLM-x32\...\{A134FF44-CB79-4981-892E-AFFF8A65A359}_is1) (Version: 4.3.30.0 - MSD LLC)
Norton Security (HKLM-x32\...\NS) (Version: 22.11.0.41 - Symantec Corporation)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.1.145 - Symantec Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8528.2147 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8528.2147 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8528.2147 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.112 - Synaptics Incorporated)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{17515373-7495-4995-9089-B7D6DF455C38}) (Version: 2.6.0.0 - Microsoft Corporation)
VCM Suite (Beta) (HKLM-x32\...\{9449D377-212F-4EC8-9214-3427F6402581}) (Version: 3.7.542.0 - HP Tuners)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\NavShExt.dll [2017-10-03] (Symantec Corporation)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\NavShExt.dll [2017-10-03] (Symantec Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxDTCM.dll [2017-02-22] (Intel Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\buShell.dll [2017-10-03] (Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\NavShExt.dll [2017-10-03] (Symantec Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {026D270D-E078-4FFB-BB99-4188D9532714} - System32\Tasks\HPCeeScheduleForAdam Montague => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {0BBD7242-C2B9-44DF-B82A-82B2505876AD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd)
Task: {0F47D9D1-EBF5-4069-8F90-438146D77225} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-09-25] (HP Inc.)
Task: {1BA471F8-13F9-4339-B35C-A8096DD8F24B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {1C72130E-BF36-4D4E-A9C7-B83BB28BB87E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-09-25] (HP Inc.)
Task: {23A61706-49B5-4073-9803-84D633CC1687} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-10-11] (HP Inc.)
Task: {3CE789B5-2ABE-48FC-9F65-A61CABC14EA0} - \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start -> No File <==== ATTENTION
Task: {4AA66140-C67B-40DA-BA4A-9413884F8762} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-07] (Microsoft Corporation)
Task: {4DE5D087-F492-4E3E-A49D-483E112B2B31} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {6194DD91-AF77-46DD-A3E0-A31DF98D04B1} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {637BE724-5CDB-4226-BCA7-886029486F2D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {70884962-31FD-4503-AEA5-A2A45E6A122C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-30] (Google Inc.)
Task: {726561D7-98EF-4FF4-BE7E-37408A59DD83} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-07] (Microsoft Corporation)
Task: {8395F96B-7E8D-46F5-82A9-EC13DADF6427} - \Intel\Intel Telemetry 2 -> No File <==== ATTENTION
Task: {8C79EED0-2500-4D34-8254-C9D53B730467} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-07] (Microsoft Corporation)
Task: {9C426F35-D282-4B1B-918F-42AF947618A8} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\SymErr.exe [2017-10-03] (Symantec Corporation)
Task: {A8E5803A-E9D0-4C40-9943-501146C57855} - System32\Tasks\Norton Security Scan for Adam Montague => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.145\Nss.exe [2017-09-29] (Symantec Corporation)
Task: {B1FEA19B-750F-4793-9FB4-9740AE42A760} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd)
Task: {B35710F7-D63D-4D95-8DAC-80B771AEF952} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\SymErr.exe [2017-10-03] (Symantec Corporation)
Task: {C7487F22-E1F6-48C2-9BFD-67484F9D39AE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-08-07] (Microsoft Corporation)
Task: {D3245B6D-1231-48CF-AD88-E11F8F38CEE2} - \IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon -> No File <==== ATTENTION
Task: {D8751BE2-F660-4323-A870-6D32688F5B5A} - \Microsoft\Office\Microsoft Office Touchless Attach Notification -> No File <==== ATTENTION
Task: {DB402FDD-FA59-464A-AFFA-D21C57666F66} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-10-30] (Google Inc.)
Task: {DC82913A-9238-4FA0-912E-4764DADE6B7E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\WSCStub.exe [2017-10-03] (Symantec Corporation)
Task: {E097080D-3430-4999-B6B9-B237B5978DB5} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.11.0.41\SymErr.exe [2017-10-03] (Symantec Corporation)
Task: {F355C5A6-D67C-47FC-84D5-4205802804E9} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2017-10-03] (Symantec Corporation)
Task: {F5DF2294-DA12-4294-B5EA-FBF3732207A5} - System32\Tasks\Microsoft\Windows\Conexant\SA3 => C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SACpl.exe [2016-01-08] (Conexant Systems, Inc.)
Task: {FB0116A6-CD07-439F-852C-3B11A895B980} - \IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec -> No File <==== ATTENTION
Task: {FED6981C-01AD-470C-9A24-B0CA4644AB2E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForAdam Montague.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-07-16 04:42 - 2016-07-16 04:42 - 000231424 ____N () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-09-13 18:20 - 2017-09-06 23:01 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-21 14:59 - 2016-12-21 14:59 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 19:34 - 2017-03-03 23:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-14 19:34 - 2017-03-03 23:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-14 19:34 - 2017-03-03 23:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-14 19:34 - 2017-03-03 23:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-10-11 15:47 - 2017-09-17 19:13 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-10-11 15:47 - 2017-09-17 19:14 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-10-11 15:47 - 2017-09-17 19:16 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-10-18 07:49 - 2017-10-18 07:50 - 025741312 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17092.13511.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-10-18 07:49 - 2017-10-18 07:50 - 009257984 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17092.13511.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-10-03 20:19 - 2017-10-03 20:19 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17092.13511.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 00:24 - 2015-10-30 00:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-208816048-3736313202-4178057886-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Adam Montague\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C5D93F4A-7DBD-485E-BB72-E887332EDE8C}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe
FirewallRules: [{D2B5384F-6DAF-4171-87B0-3AA0861CD8D8}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe
FirewallRules: [{4BECAA62-90D6-49F1-B4D8-2B42365F0A19}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe
FirewallRules: [{532519A8-DC07-4A5E-B03E-66E3840C7634}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{62C948CA-4150-497E-8962-80E6955BA126}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A9FFC76B-7B01-42D2-ABFE-791B1A7E7DFA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{23F11983-12A8-40F9-B352-EDB427FADD60}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EECFE1BA-C09D-4DE0-9B7C-92750A791690}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{459C99A3-64CC-44CB-9AF2-C527B3FCEF74}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{60235778-93F7-44C3-9CD7-7C184DC8D47C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{B1BB64E2-17A3-47E7-AF9D-398A362A72A3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D83ABE81-EC70-4BEF-9A89-88FBC08497CA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{7F1967E0-8E87-4506-B57D-C3E36DFE8AA7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{07B87C3E-C6C7-4694-A9C2-7A1897ECBEFF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BDC1D0E3-6F10-4A04-968A-7B7A844416C0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6803384D-D4DD-48DA-96DA-EF50CCFD9945}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{179C30FC-AC81-4BEE-904E-8A41B965A8BA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

25-10-2017 09:58:44 Scheduled Checkpoint
01-11-2017 16:29:07 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/03/2017 08:09:03 AM) (Source: HitmanPro.Alert) (EventID: 911) (User: )
Description: Mitigation   BadUSB

Platform     10.0.14393/x64 v604 06_4e

Keyboard name        Touchscreen
Hardware ID        HID\VID_04F3&PID_2073&REV_5107&Col06

Error: (11/02/2017 06:14:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-JIG6R8L)
Description: Package Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen was terminated because it took too long to suspend.

Error: (11/02/2017 06:14:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2547

Error: (11/02/2017 06:14:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2547

Error: (11/02/2017 06:14:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/02/2017 06:14:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1266

Error: (11/02/2017 06:14:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1266

Error: (11/02/2017 06:14:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/02/2017 05:56:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6438

Error: (11/02/2017 05:56:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6438


System errors:
=============
Error: (11/02/2017 05:56:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/02/2017 05:34:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/02/2017 05:09:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
Incorrect function.

Error: (11/02/2017 05:09:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
Incorrect function.

Error: (11/02/2017 05:09:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
Incorrect function.

Error: (11/02/2017 05:09:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
Incorrect function.

Error: (11/02/2017 05:09:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Interactive Services Detection service terminated with the following error:
Incorrect function.

Error: (11/02/2017 10:59:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/02/2017 10:59:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/02/2017 10:59:10 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


==================== Memory info ===========================

Processor: Intel® Core™ i7-6500U CPU @ 2.50GHz
Percentage of memory in use: 20%
Total physical RAM: 16294.95 MB
Available physical RAM: 12882.16 MB
Total Virtual: 18726.95 MB
Available Virtual: 15127.09 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:466.06 GB) (Free:359.97 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:9.82 GB) (Free:1.23 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 1C290C0F)

Partition: GPT.

==================== End of Addition.txt ============================

Attached Files


Edited by Oh My!, 03 November 2017 - 11:04 AM.


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 34,499 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:49 AM

Posted 03 November 2017 - 11:36 AM

Hi Adam.

Thank you for the information. Unless otherwise requested (like I have done below for the System Summary) please copy and paste all information in your reply.

Please do this.

====================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Boot into Normal Boot
  • Right click on the FRST64English icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time
Start::
CreateRestorePoint:
CloseProcesses:
Task: {3CE789B5-2ABE-48FC-9F65-A61CABC14EA0} - \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start
Task: {8395F96B-7E8D-46F5-82A9-EC13DADF6427} - \Intel\Intel Telemetry 2
Task: {D3245B6D-1231-48CF-AD88-E11F8F38CEE2} - \IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon
Task: {D8751BE2-F660-4323-A870-6D32688F5B5A} - \Microsoft\Office\Microsoft Office Touchless Attach Notification
Task: {FB0116A6-CD07-439F-852C-3B11A895B980} - \IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec
Folder: C:\ProgramData\{597CD81C-E903-447C-858D-1711F96CEB74}
Folder: C:\Users\Adam Montague\AppData\Local\IIIQF
cmd: type "C:\Users\Public\GROUP.dat"
End::
  • Click Fix
  • When completed he tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

System Summary Information

--------------------
  • Press the Windows Key + R on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • Attached System Summary file

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom shall we go? You have the words that give eternal life. We believe, and know that you are the Holy One of God."

#7 spnkntm

spnkntm
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 03 November 2017 - 01:15 PM

Hope this is what you need...thanks

Attached Files



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 34,499 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:49 AM

Posted 03 November 2017 - 01:23 PM

Yes it is, thank you.

Please do this.

===================================================

Uninstalling/Reinstalling a Device Driver

----------
  • Press Windows Key + R at the same time
  • Type devmgmt.msc and press Enter
  • Expand the Keyboards section by clicking + sign
  • Right click on each entry under Keyboards and select Uninstall
  • Reboot your computer
  • Check your computer/keyboard performance
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Results?

Edited by Oh My!, 03 November 2017 - 01:48 PM.
Changed instructions

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom shall we go? You have the words that give eternal life. We believe, and know that you are the Holy One of God."

#9 spnkntm

spnkntm
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 03 November 2017 - 01:47 PM

No, just the keyboard that came with the laptop.



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 34,499 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:49 AM

Posted 03 November 2017 - 01:49 PM

OK thank you. I modified the previous step. Please complete those instructions.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom shall we go? You have the words that give eternal life. We believe, and know that you are the Holy One of God."

#11 spnkntm

spnkntm
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 03 November 2017 - 02:03 PM

performed  those steps, on restart hitman pro still blocked the usb keyboard command



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 34,499 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:49 AM

Posted 03 November 2017 - 02:05 PM

How does your keyboard perform now?

Is your keyboard built in (laptop) or is it external?

Do you have any external USB devices attached?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom shall we go? You have the words that give eternal life. We believe, and know that you are the Holy One of God."

#13 spnkntm

spnkntm
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 03 November 2017 - 02:19 PM

The keyboard work fine as long as I block the USB mitgation on startup..take a picture of it. The keyboard is the one supplied with the laptop. I do not have any external USB devices attached.Ill post the HitmanPro log...



#14 spnkntm

spnkntm
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 03 November 2017 - 02:23 PM

This is a screen shot of the alert..not sure how to pull a log



#15 spnkntm

spnkntm
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 03 November 2017 - 02:24 PM

forgot the picture

Attached Files






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users