Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problems in Windows 7?


  • This topic is locked This topic is locked
1 reply to this topic

#1 Michaelg3

Michaelg3

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:57 PM

Posted 20 April 2018 - 04:17 PM

Hey guys, been looking on here for a fix and nothing yet, my problem seemed to start around 2 weeks ago with these pop ups (photo below) and I use chrome and most of the time I am not able to access the internet, (Even tried other browsers) I've just got back up today, I've ran virus scans and everything but nothing, side note when these pop ups do happen, after i close them I'm able to access the internet, that's how I'm asking this questions not. I tried FRST and this is what I cam up with (photo)

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2018
Ran by MichaelGD3 (administrator) on MICHAELGD3-HP (20-04-2018 16:54:54)
Running from C:\Users\MichaelGD3\Desktop\vv
Loaded Profiles: MichaelGD3 (Available Profiles: MichaelGD3 & JessicaG87)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Adlice Software) C:\Program Files\RogueKiller\RogueKiller64.exe
(Google Inc.) C:\Users\MichaelGD3\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Users\MichaelGD3\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-04-03] (AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230304 2018-02-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2018-02-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5867280 2018-03-01] (IObit)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3288293313-1438963180-3751763624-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation)
HKU\S-1-5-21-3288293313-1438963180-3751763624-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-03-06] (Piriform Ltd)
HKU\S-1-5-21-3288293313-1438963180-3751763624-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-3288293313-1438963180-3751763624-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3288293313-1438963180-3751763624-1000\...\MountPoints2: {07b21dcb-0df8-11e2-a338-e89a8fdcf810} - G:\Autorun.exe /s
HKU\S-1-5-21-3288293313-1438963180-3751763624-1000\...\MountPoints2: {4ca44054-7e52-11e1-a358-e89a8fdcf810} - F:\LiteAuto.exe
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
BootExecute: autocheck autochk * SmartDefragBootTime.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-3288293313-1438963180-3751763624-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 209.55.27.13
Tcpip\..\Interfaces\{93AD30C1-54CF-48C8-B0F2-79F5313FC568}: [DhcpNameServer] 8.8.8.8 8.8.4.4 209.55.27.13
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-3288293313-1438963180-3751763624-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
HKU\S-1-5-21-3288293313-1438963180-3751763624-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {66869871-357E-46E3-8B08-2F618FE038B6} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3288293313-1438963180-3751763624-1000 -> DefaultScope {7EB05C03-C3A6-4298-9807-6BB362764B96} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-3288293313-1438963180-3751763624-1000 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-3288293313-1438963180-3751763624-1000 -> {7EB05C03-C3A6-4298-9807-6BB362764B96} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-3288293313-1438963180-3751763624-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-05-22] (IObit)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-02-14] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-01] (Google Inc.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-03-19] (McAfee, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-07] (Intel Security)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll [2011-08-11] (Symantec Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.DLL [2011-07-25] (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-19] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-02-14] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-01] (Google Inc.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-03-19] (McAfee, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-19] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-06-01] (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll [2011-08-11] (Symantec Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-07] (Intel Security)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-06-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-3288293313-1438963180-3751763624-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-3288293313-1438963180-3751763624-1000 -> No Name - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} -  No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2018-03-19] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2018-03-19] (McAfee, Inc.)
Handler: WSKVAllmytubechrome - No CLSID Value
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF DefaultProfile: 7bnknog5.default
FF ProfilePath: C:\Users\MichaelGD3\AppData\Roaming\Mozilla\Firefox\Profiles\7bnknog5.default [2018-04-20]
FF Homepage: Mozilla\Firefox\Profiles\7bnknog5.default -> hxxps://www.malwarebytes.org/restorebrowser/
FF Extension: (Avast SafePrice) - C:\Users\MichaelGD3\AppData\Roaming\Mozilla\Firefox\Profiles\7bnknog5.default\Extensions\sp@avast.com.xpi [2018-03-07]
FF Extension: (Avast Online Security) - C:\Users\MichaelGD3\AppData\Roaming\Mozilla\Firefox\Profiles\7bnknog5.default\Extensions\wrc@avast.com.xpi [2017-10-31]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [2018-04-19]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn
FF Extension: (Norton Vulnerability Protection) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn [2012-04-05] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn
FF Extension: (Norton Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn [2012-04-05] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll [2018-03-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_113.dll [2018-03-13] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3288293313-1438963180-3751763624-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\MichaelGD3\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3288293313-1438963180-3751763624-1000: @talk.google.com/O1DPlugin -> C:\Users\MichaelGD3\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3288293313-1438963180-3751763624-1000: @tools.google.com/Google Update;version=3 -> C:\Users\MichaelGD3\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-3288293313-1438963180-3751763624-1000: @tools.google.com/Google Update;version=9 -> C:\Users\MichaelGD3\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-3288293313-1438963180-3751763624-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\MichaelGD3\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\MichaelGD3\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\MichaelGD3\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.google.com
CHR Profile: C:\Users\MichaelGD3\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-04-20]
CHR Profile: C:\Users\MichaelGD3\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-04-20]
CHR Extension: (YouTube) - C:\Users\MichaelGD3\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\MichaelGD3\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\MichaelGD3\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\MichaelGD3\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-14]
CHR Profile: C:\Users\MichaelGD3\AppData\Local\Google\Chrome\User Data\System Profile [2018-04-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [kkljlnkimgcfmiklhilenokeckdiiepf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3288293313-1438963180-3751763624-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaffhmecfaelkngcbnfdkcckmillnoki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bnbogedaiicgloncpfelaponhlikmngk] - C:\Program Files (x86)\OApps\chrome-sl.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kkljlnkimgcfmiklhilenokeckdiiepf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\Extensions\Chrome.crx <not found>
StartMenuInternet: Google Chrome - C:\Users\MichaelGD3\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7603408 2018-04-03] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [313640 2018-04-03] (AVAST Software)
S4 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2375168 2011-03-07] (Realsil Microelectronics Inc.) [File not signed]
S4 iFunSoftUpdaterSvc; C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe [2956472 2017-12-26] (iFunSoft)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206112 2017-06-14] (IObit)
S2 IOTUpdaterSvc; C:\Program Files (x86)\IOTransfer\Updater\IOTUpdater.exe [3103416 2017-12-05] (IOTransfer)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [604312 2018-03-19] (McAfee, Inc.)
S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.587\McCHSvc.exe [404376 2017-06-30] (McAfee, Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe [138760 2011-08-10] (Symantec Corporation)
S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2018-02-07] (Realtek Semiconductor)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996824 2017-02-06] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-02-06] (McAfee, Inc.)
S4 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2017-02-06] (McAfee, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196640 2018-04-03] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-03-01] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-03-01] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-03-01] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-03-01] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [227784 2018-04-03] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-04-03] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-08-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [147224 2018-04-12] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111352 2018-04-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84368 2018-04-03] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026696 2018-04-03] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-04-03] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-04-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380528 2018-04-03] (AVAST Software)
S3 AX88772; C:\Windows\System32\DRIVERS\ax88772.sys [83968 2017-01-19] (ASIX Electronics Corp.)
S3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120317.002\BHDrvx64.sys [1157240 2012-03-17] (Symantec Corporation)
S3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1301000.01C\ccSetx64.sys [167048 2011-08-08] (Symantec Corporation)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2018-01-22] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77432 2017-11-01] ()
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-01-10] (GFI Software)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-01-19] (REALiX™)
S3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSVia64.sys [488568 2011-07-20] (Symantec Corporation)
R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [26272 2017-03-17] (IObit.com)
S3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [21360 2017-03-08] (IObit.com)
S3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22440 2016-12-22] (IObit)
S3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [16216 2017-07-03] (IObit.com)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUFileFilter.sys [21928 2017-06-06] (IObit.com)
R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegProcessFilter.sys [21872 2017-09-28] (IObit.com)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [18456 2011-07-07] (HandSet Incorporated)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [193464 2018-04-20] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2018-04-20] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [46008 2018-04-20] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-04-20] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [84256 2018-04-20] (Malwarebytes)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\ENG64.SYS [117880 2011-08-09] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20110810.019\EX64.SYS [2048632 2011-08-09] (Symantec Corporation)
R3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2502288 2017-01-19] (MediaTek Inc.)
S3 qcfilter; C:\Windows\System32\DRIVERS\qcusbfilter.sys [49208 2017-12-18] (QUALCOMM Incorporated)
S3 qcusbnet; C:\Windows\System32\DRIVERS\qcusbnet.sys [428600 2017-03-15] (QUALCOMM Incorporated)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34752 2016-11-03] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit)
S3 SRTSP; C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSP64.SYS [729720 2011-08-02] (Symantec Corporation)
S3 SRTSPX; C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSPX64.SYS [37496 2011-08-02] (Symantec Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2018-02-07] (Samsung Electronics Co., Ltd.)
S3 SymDS; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)
S3 SymEFA; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMEFA64.SYS [1084536 2011-07-28] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-12-07] (Symantec Corporation)
S3 SymIRON; C:\Windows\system32\drivers\NISx64\1301000.01C\Ironx64.SYS [189560 2011-07-25] (Symantec Corporation)
S3 SymNetS; C:\Windows\system32\drivers\NISx64\1301000.01C\SYMNETS.SYS [401016 2011-07-25] (Symantec Corporation)
S3 tenCapture; C:\Windows\System32\DRIVERS\tenCapture.sys [23736 2012-07-20] (Hajo Krabbenhöft)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2018-04-20] ()
R3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
S3 DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-04-20 16:35 - 2018-04-20 16:35 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2018-04-20 16:33 - 2018-04-20 16:34 - 000001684 _____ C:\Users\MichaelGD3\Desktop\Rkill.txt
2018-04-20 16:33 - 2018-04-20 16:33 - 000000000 ____D C:\ProgramData\RogueKiller
2018-04-20 15:32 - 2018-04-20 15:33 - 000004838 _____ C:\TDSSKiller.3.1.0.16_20.04.2018_15.32.56_log.txt
2018-04-20 15:29 - 2018-04-20 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-04-20 15:29 - 2018-04-20 15:29 - 000000000 ____D C:\Program Files\RogueKiller
2018-04-20 14:41 - 2018-04-20 16:33 - 000000000 ____D C:\Users\MichaelGD3\Desktop\vv
2018-04-20 14:38 - 2018-04-20 16:54 - 000000000 ____D C:\FRST
2018-04-20 13:16 - 2018-04-20 13:16 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-04-20 13:14 - 2018-04-20 13:14 - 000110016 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-04-20 13:11 - 2018-04-20 13:11 - 000000336 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2018-04-20 13:09 - 2018-04-20 13:09 - 000000000 ____D C:\Users\MichaelGD3\AppData\Local\ElevatedDiagnostics
2018-04-20 13:07 - 2018-04-20 13:11 - 000178820 _____ C:\Windows\ntbtlog.txt
2018-04-19 13:45 - 2018-04-20 13:18 - 000046008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-04-19 13:45 - 2018-04-20 13:07 - 000193464 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-04-19 13:44 - 2018-04-20 13:13 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-04-19 13:44 - 2018-04-19 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-04-19 13:44 - 2017-11-01 08:54 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-04-19 13:43 - 2018-04-19 13:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-04-19 13:42 - 2018-04-19 13:42 - 000981960 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2018-04-19 13:42 - 2018-04-19 13:42 - 000122824 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2018-04-19 13:41 - 2018-04-19 13:41 - 000400320 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsPStor.sys
2018-04-19 13:34 - 2018-04-19 13:34 - 000059152 _____ C:\Users\MichaelGD3\AppData\Local\GDIPFONTCACHEV1.DAT
2018-04-19 13:28 - 2018-04-19 13:28 - 000272024 _____ C:\Windows\system32\FNTCACHE.DAT
2018-04-19 08:35 - 2018-04-20 11:45 - 000007602 _____ C:\Users\MichaelGD3\AppData\Local\Resmon.ResmonCfg
2018-04-17 17:57 - 2018-04-17 17:57 - 000549504 _____ (ESET) C:\Users\MichaelGD3\Downloads\ESETPoweliksCleaner.exe
2018-04-17 17:57 - 2018-04-17 17:57 - 000000022 _____ C:\Users\MichaelGD3\Downloads\ESETPoweliksCleaner.exe_20180417.175727.7172.zip
2018-04-17 08:03 - 2018-04-17 08:03 - 000000000 ____D C:\Users\MichaelGD3\AppData\Roaming\Google
2018-04-16 14:47 - 2018-04-16 14:47 - 000000000 ____D C:\Users\MichaelGD3\AppData\Local\{2663D21A-90BF-46EA-A006-9B497B4566C0}
2018-04-13 08:44 - 2018-03-30 22:09 - 005583040 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-04-13 08:44 - 2018-03-30 21:39 - 004046528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-04-13 08:44 - 2018-03-30 21:39 - 003958464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-04-13 08:44 - 2018-03-28 03:30 - 003225600 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-04-13 08:44 - 2018-03-23 14:50 - 000396952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-04-13 08:44 - 2018-03-23 13:59 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-04-13 08:44 - 2018-03-22 19:00 - 025742336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-04-13 08:44 - 2018-03-22 17:32 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-04-13 08:44 - 2018-03-22 17:32 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-04-13 08:44 - 2018-03-22 17:26 - 020287488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-04-13 08:44 - 2018-03-22 17:19 - 002901504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-04-13 08:44 - 2018-03-22 17:18 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-04-13 08:44 - 2018-03-22 17:17 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-04-13 08:44 - 2018-03-22 17:17 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-04-13 08:44 - 2018-03-22 17:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-04-13 08:44 - 2018-03-22 17:17 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-04-13 08:44 - 2018-03-22 17:15 - 005780480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-04-13 08:44 - 2018-03-22 17:10 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-04-13 08:44 - 2018-03-22 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-04-13 08:44 - 2018-03-22 17:07 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-04-13 08:44 - 2018-03-22 17:06 - 000794112 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-04-13 08:44 - 2018-03-22 17:06 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-04-13 08:44 - 2018-03-22 17:06 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-04-13 08:44 - 2018-03-22 17:05 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-04-13 08:44 - 2018-03-22 17:04 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-04-13 08:44 - 2018-03-22 16:58 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-04-13 08:44 - 2018-03-22 16:55 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-04-13 08:44 - 2018-03-22 16:52 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-04-13 08:44 - 2018-03-22 16:52 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-04-13 08:44 - 2018-03-22 16:51 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-04-13 08:44 - 2018-03-22 16:50 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-04-13 08:44 - 2018-03-22 16:49 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-04-13 08:44 - 2018-03-22 16:48 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-04-13 08:44 - 2018-03-22 16:48 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-04-13 08:44 - 2018-03-22 16:48 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-04-13 08:44 - 2018-03-22 16:45 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-04-13 08:44 - 2018-03-22 16:45 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-04-13 08:44 - 2018-03-22 16:45 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-04-13 08:44 - 2018-03-22 16:44 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-04-13 08:44 - 2018-03-22 16:43 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-04-13 08:44 - 2018-03-22 16:42 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-04-13 08:44 - 2018-03-22 16:42 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-04-13 08:44 - 2018-03-22 16:42 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-04-13 08:44 - 2018-03-22 16:41 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-04-13 08:44 - 2018-03-22 16:40 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-04-13 08:44 - 2018-03-22 16:33 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-04-13 08:44 - 2018-03-22 16:31 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-04-13 08:44 - 2018-03-22 16:29 - 015282688 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-04-13 08:44 - 2018-03-22 16:29 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-04-13 08:44 - 2018-03-22 16:29 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-04-13 08:44 - 2018-03-22 16:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-04-13 08:44 - 2018-03-22 16:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-04-13 08:44 - 2018-03-22 16:28 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-04-13 08:44 - 2018-03-22 16:27 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-04-13 08:44 - 2018-03-22 16:27 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-04-13 08:44 - 2018-03-22 16:25 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-04-13 08:44 - 2018-03-22 16:25 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-04-13 08:44 - 2018-03-22 16:24 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-04-13 08:44 - 2018-03-22 16:22 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-04-13 08:44 - 2018-03-22 16:21 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-04-13 08:44 - 2018-03-22 16:20 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-04-13 08:44 - 2018-03-22 16:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-04-13 08:44 - 2018-03-22 16:15 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-04-13 08:44 - 2018-03-22 16:15 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-04-13 08:44 - 2018-03-22 16:14 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-04-13 08:44 - 2018-03-22 16:14 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-04-13 08:44 - 2018-03-22 16:04 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-04-13 08:44 - 2018-03-22 15:55 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-04-13 08:44 - 2018-03-22 15:53 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-04-13 08:44 - 2018-03-22 15:52 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-04-13 08:44 - 2018-03-22 15:51 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-04-13 08:44 - 2018-02-10 14:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-04-13 08:44 - 2018-02-10 14:11 - 003665920 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-04-13 08:44 - 2018-02-10 14:11 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-04-13 08:44 - 2018-02-10 13:26 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-04-13 08:44 - 2018-02-02 14:29 - 002365952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-04-13 08:44 - 2018-02-02 14:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-04-13 08:44 - 2018-02-02 14:16 - 003246080 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-04-13 08:44 - 2018-02-02 14:14 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-04-13 08:44 - 2018-01-25 10:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-04-13 08:44 - 2018-01-25 10:04 - 000922944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-04-13 08:43 - 2018-03-30 22:09 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-04-13 08:43 - 2018-03-30 22:09 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-04-13 08:43 - 2018-03-30 22:09 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-04-13 08:43 - 2018-03-30 22:09 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-04-13 08:43 - 2018-03-30 21:45 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-04-13 08:43 - 2018-03-30 21:38 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 001461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:12 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 21:06 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-04-13 08:43 - 2018-03-30 21:06 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-04-13 08:43 - 2018-03-30 21:06 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-04-13 08:43 - 2018-03-30 21:06 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-04-13 08:43 - 2018-03-30 21:03 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-04-13 08:43 - 2018-03-30 21:02 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-04-13 08:43 - 2018-03-30 21:02 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-04-13 08:43 - 2018-03-30 20:59 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-04-13 08:43 - 2018-03-30 20:58 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-04-13 08:43 - 2018-03-30 20:58 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-04-13 08:43 - 2018-03-30 20:58 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-04-13 08:43 - 2018-03-30 20:58 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-04-13 08:43 - 2018-03-30 20:51 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-04-13 08:43 - 2018-03-30 20:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-04-13 08:43 - 2018-03-30 20:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-04-13 08:43 - 2018-03-30 20:47 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-04-13 08:43 - 2018-03-30 20:47 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-04-13 08:43 - 2018-03-30 20:47 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 20:47 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 20:47 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 20:47 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-04-13 08:43 - 2018-03-30 20:47 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-04-13 08:43 - 2018-03-22 16:51 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-04-13 08:43 - 2018-03-10 13:11 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-04-13 08:43 - 2018-03-09 14:18 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-04-13 08:43 - 2018-03-09 14:12 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-04-13 08:43 - 2018-03-09 14:12 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-04-13 08:43 - 2018-03-09 14:12 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-04-13 08:43 - 2018-03-09 14:12 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-04-13 08:43 - 2018-03-09 14:11 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-04-13 08:43 - 2018-03-09 14:07 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-04-13 08:43 - 2018-03-09 14:07 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-04-13 08:43 - 2018-03-09 14:07 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-04-13 08:43 - 2018-03-09 14:06 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-04-13 08:43 - 2018-03-09 14:06 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-04-13 08:43 - 2018-03-09 13:31 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-04-13 08:43 - 2018-03-06 14:13 - 000148160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-04-13 08:43 - 2018-03-06 14:11 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-04-13 08:43 - 2018-03-06 14:11 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2018-04-13 08:43 - 2018-03-06 14:10 - 000170176 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2018-04-13 08:43 - 2018-03-06 14:07 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2018-04-13 08:43 - 2018-03-06 14:07 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2018-04-13 08:43 - 2018-02-21 23:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-04-13 08:43 - 2018-02-21 23:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-04-13 08:43 - 2018-02-10 14:35 - 000367296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-04-13 08:43 - 2018-02-10 14:35 - 000334528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-04-13 08:43 - 2018-02-10 14:35 - 000185024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-04-13 08:43 - 2018-02-10 14:35 - 000122560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2018-04-13 08:43 - 2018-02-10 14:35 - 000068288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-04-13 08:43 - 2018-02-10 14:35 - 000064192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2018-04-13 08:43 - 2018-02-10 14:35 - 000063168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2018-04-13 08:43 - 2018-02-10 14:35 - 000060608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2018-04-13 08:43 - 2018-02-10 14:35 - 000036032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-04-13 08:43 - 2018-02-10 14:35 - 000031936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2018-04-13 08:43 - 2018-02-10 14:35 - 000023744 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2018-04-13 08:43 - 2018-02-10 14:35 - 000020160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-04-13 08:43 - 2018-02-10 14:35 - 000015040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2018-04-13 08:43 - 2018-02-10 14:35 - 000012096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2018-04-13 08:43 - 2018-02-10 14:23 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-04-13 08:43 - 2018-02-10 14:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\racpldlg.dll
2018-04-13 08:43 - 2018-02-10 14:11 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2018-04-13 08:43 - 2018-02-10 14:11 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-04-13 08:43 - 2018-02-10 13:36 - 000108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe
2018-04-13 08:43 - 2018-02-10 13:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdchange.exe
2018-04-13 08:43 - 2018-02-10 13:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2018-04-13 08:43 - 2018-02-10 13:26 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
2018-04-13 08:43 - 2018-02-10 13:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2018-04-13 08:43 - 2018-02-10 13:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
2018-04-13 08:43 - 2018-02-10 13:25 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2018-04-13 08:43 - 2018-02-02 14:40 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-04-13 08:43 - 2018-02-02 14:29 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-04-13 08:43 - 2018-02-02 14:29 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-04-13 08:43 - 2018-02-02 14:16 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-04-13 08:43 - 2018-02-02 14:16 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-04-13 08:43 - 2018-02-02 14:14 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-04-13 08:43 - 2018-02-02 13:46 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-04-13 08:43 - 2018-02-02 13:36 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-04-13 08:43 - 2018-01-25 10:05 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000019800 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000066392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000019800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000017752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000017752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000016216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000014168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000014168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000012632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000012632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000012632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-04-13 08:43 - 2018-01-25 10:04 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-04-13 08:43 - 2018-01-15 15:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-04-13 08:43 - 2018-01-15 15:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-04-13 08:43 - 2018-01-12 12:40 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2018-04-13 08:43 - 2018-01-12 12:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2018-04-13 08:09 - 2018-04-13 08:09 - 007256272 _____ (Malwarebytes) C:\Users\MichaelGD3\Downloads\adwcleaner_7.1.0.0.exe
2018-04-13 08:08 - 2018-04-13 08:08 - 008206624 _____ (Malwarebytes) C:\Users\MichaelGD3\Downloads\adwcleaner-7-0-7-0.exe
2018-04-12 13:04 - 2018-03-14 13:14 - 000135360 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-04-12 13:04 - 2018-03-14 13:09 - 000656384 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-04-12 13:04 - 2018-03-14 09:05 - 001993728 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-04-12 13:04 - 2018-03-14 09:05 - 001559552 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-04-12 13:04 - 2018-03-14 09:05 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-04-12 13:04 - 2018-03-14 09:05 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-04-12 13:04 - 2018-03-14 09:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-04-12 13:04 - 2018-03-14 09:05 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-04-12 13:04 - 2018-03-14 09:05 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-04-12 13:04 - 2018-03-14 09:05 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-04-12 11:20 - 2018-04-20 12:28 - 000002906 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (MichaelGD3)
2018-04-11 20:29 - 2018-04-11 20:30 - 015380128 _____ (IObit ) C:\Users\MichaelGD3\Downloads\iobituninstaller(1).exe
2018-04-04 16:46 - 2018-04-09 18:20 - 000000000 ____D C:\Users\MichaelGD3\Documents\Youcam
2018-04-03 12:15 - 2018-04-03 12:13 - 000376536 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-03-31 15:16 - 2018-02-18 17:34 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-03-31 12:21 - 2018-04-18 23:09 - 000001390 _____ C:\Users\MichaelGD3\Desktop\CLEAN WINK WINK.txt
2018-03-29 07:53 - 2018-03-29 07:53 - 020917912 _____ (IObit ) C:\Users\MichaelGD3\Downloads\driver_booster_setup(3).exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-04-20 16:58 - 2012-07-18 16:28 - 000000440 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2018-04-20 16:35 - 2016-11-15 21:20 - 000000000 ____D C:\Users\MichaelGD3\AppData\LocalLow\Mozilla
2018-04-20 16:20 - 2017-03-17 20:22 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-04-20 15:58 - 2018-02-09 16:34 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-04-20 14:16 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\system32\NDF
2018-04-20 13:37 - 2012-04-05 00:38 - 000000000 ____D C:\Users\MichaelGD3\AppData\Local\CrashDumps
2018-04-20 13:25 - 2009-07-14 00:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-04-20 13:25 - 2009-07-14 00:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-04-20 13:12 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-20 12:46 - 2017-01-19 10:09 - 000000000 ____D C:\Users\MichaelGD3\AppData\LocalLow\IObit
2018-04-20 12:26 - 2012-04-04 16:39 - 000003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7C3BD783-CCB3-4AF9-85C6-069B2B1C2D99}
2018-04-20 07:58 - 2012-04-11 16:50 - 000000000 ____D C:\Users\MichaelGD3\AppData\Local\Adobe
2018-04-19 14:47 - 2017-07-06 13:10 - 000003216 _____ C:\Windows\System32\Tasks\HPCeeScheduleForMichaelGD3
2018-04-19 14:47 - 2017-07-06 13:10 - 000000352 _____ C:\Windows\Tasks\HPCeeScheduleForMichaelGD3.job
2018-04-19 14:20 - 2012-07-11 17:36 - 000000000 ___RD C:\Users\MichaelGD3\Documents\Virus Protection
2018-04-19 13:50 - 2017-01-19 10:08 - 000000000 ____D C:\Users\MichaelGD3\AppData\Roaming\IObit
2018-04-19 13:49 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2018-04-19 13:43 - 2017-11-06 22:08 - 000000000 ____D C:\Program Files\Malwarebytes
2018-04-19 13:42 - 2011-12-07 00:51 - 000118784 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2018-04-19 13:33 - 2016-11-15 21:40 - 000000000 ____D C:\Users\MichaelGD3\AppData\Local\tkdata
2018-04-19 12:30 - 2017-01-19 10:10 - 000000000 ____D C:\ProgramData\ProductData
2018-04-19 09:27 - 2013-07-10 23:33 - 000000000 ___RD C:\Users\MichaelGD3\Documents\IMPORTENT
2018-04-19 08:56 - 2016-11-18 15:20 - 000000000 ____D C:\Program Files\Easeware
2018-04-19 08:55 - 2015-09-18 17:10 - 000000000 ____D C:\Users\MichaelGD3\AppData\Roaming\NCH Software
2018-04-19 08:55 - 2015-07-02 18:48 - 000000000 ____D C:\Program Files (x86)\NCH Software
2018-04-16 18:24 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\rescache
2018-04-16 15:44 - 2018-02-02 13:52 - 000000000 ____D C:\Users\MichaelGD3\Documents\Fam Other Photos Vids
2018-04-15 22:22 - 2012-04-20 17:20 - 000000000 ____D C:\Users\MichaelGD3\AppData\Roaming\SoftGrid Client
2018-04-15 22:18 - 2018-03-15 09:29 - 000000294 _____ C:\Users\MichaelGD3\Desktop\STUDY MATH NOWWW.txt
2018-04-15 12:28 - 2013-07-10 23:26 - 000000000 ___RD C:\Users\MichaelGD3\Documents\JoyMaids
2018-04-13 14:31 - 2009-07-14 01:13 - 002622056 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-13 08:12 - 2017-09-03 09:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-04-13 08:11 - 2017-11-13 21:20 - 000000000 ____D C:\AdwCleaner
2018-04-13 07:45 - 2015-04-15 10:13 - 000000000 ____D C:\Windows\system32\appraiser
2018-04-12 22:58 - 2013-07-18 03:06 - 000000000 ____D C:\Windows\system32\MRT
2018-04-12 22:49 - 2017-10-11 12:43 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-04-12 22:49 - 2012-04-04 21:43 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-04-12 11:23 - 2012-07-11 20:07 - 000147224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-04-12 09:32 - 2018-02-09 14:26 - 000000000 ____D C:\Users\MichaelGD3\Documents\CLEANING TIPS
2018-04-03 12:13 - 2017-11-09 16:57 - 000196640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-04-03 12:13 - 2017-01-06 13:03 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-04-03 12:13 - 2017-01-06 13:03 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-04-03 12:13 - 2013-07-03 19:04 - 000380528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-04-03 12:13 - 2013-07-03 19:04 - 000084368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-04-03 12:13 - 2012-07-11 20:07 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-04-03 12:13 - 2012-07-11 20:07 - 000111352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-04-03 12:11 - 2012-07-11 20:07 - 001026696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-04-03 12:10 - 2017-12-21 13:45 - 000227784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-03-29 14:47 - 2015-09-05 12:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-29 08:00 - 2017-12-12 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2018-03-24 09:04 - 2009-07-14 01:08 - 000032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
 
==================== Files in the root of some directories =======
 
2013-07-11 03:49 - 2013-07-11 03:49 - 000000058 _____ () C:\Users\MichaelGD3\AppData\Roaming\Camdata.ini
2013-07-11 03:49 - 2013-07-11 03:49 - 000000408 _____ () C:\Users\MichaelGD3\AppData\Roaming\CamLayout.ini
2013-07-11 03:49 - 2013-07-11 03:49 - 000000408 _____ () C:\Users\MichaelGD3\AppData\Roaming\CamShapes.ini
2013-07-11 03:49 - 2013-07-11 03:49 - 000004510 _____ () C:\Users\MichaelGD3\AppData\Roaming\CamStudio.cfg
2012-04-20 18:42 - 2012-04-20 18:42 - 000000089 _____ () C:\Users\MichaelGD3\AppData\Local\msmathematics.qat.MichaelGD3
2017-09-25 20:34 - 2017-09-25 20:34 - 000003516 _____ () C:\Users\MichaelGD3\AppData\Local\recently-used.xbel
2018-04-19 08:35 - 2018-04-20 11:45 - 000007602 _____ () C:\Users\MichaelGD3\AppData\Local\Resmon.ResmonCfg
 
Some files in TEMP:
====================
2017-10-21 12:31 - 2017-10-21 12:31 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\2kh8ne2i.dll
2017-10-21 07:59 - 2017-10-21 07:59 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\2wttvzjy.dll
2017-10-25 21:30 - 2017-10-25 21:30 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\2xc8ypmy.dll
2017-02-13 14:19 - 2017-02-13 14:19 - 000008704 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\78evn-bp.dll
2017-12-10 18:45 - 2017-12-10 18:45 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\9ctes_ug.dll
2017-09-30 22:26 - 2017-09-30 22:26 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\9ghu2ttx.dll
2017-05-08 22:31 - 2017-04-20 09:17 - 000050720 _____ (HP Inc.) C:\Users\MichaelGD3\AppData\Local\Temp\ACLMInstaller.exe
2017-09-20 18:50 - 2017-09-20 18:50 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\b0yve0jf.dll
2017-11-28 13:03 - 2017-11-28 13:03 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\bfyy1pwq.dll
2018-01-21 12:04 - 2018-01-21 12:04 - 000004608 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\bkmwriur.dll
2018-01-19 11:10 - 2018-01-19 11:11 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\bmv0zwzv.dll
2017-11-14 21:47 - 2017-11-14 21:47 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\branemnk.dll
2017-12-18 10:04 - 2017-12-18 10:04 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\cpppcj1e.dll
2017-10-04 19:26 - 2017-10-04 19:26 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\dklay_w5.dll
2018-04-20 16:33 - 2018-03-30 21:38 - 001665336 _____ (Microsoft Corporation) C:\Users\MichaelGD3\AppData\Local\Temp\dllnt_dump.dll
2017-10-09 22:09 - 2017-10-09 22:09 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\ezgsdkfg.dll
2017-01-30 16:54 - 2017-01-30 16:55 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\fverxsgu.dll
2017-11-08 12:28 - 2017-11-08 12:28 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\hglv_hnk.dll
2017-12-14 09:30 - 2017-11-22 13:15 - 011584088 _____ (SurfRight B.V.) C:\Users\MichaelGD3\AppData\Local\Temp\HitmanPro.exe
2017-02-23 13:57 - 2017-02-23 13:57 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\hstqpm0o.dll
2017-01-20 11:21 - 2017-01-20 11:21 - 000739904 _____ (Oracle Corporation) C:\Users\MichaelGD3\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-05-09 13:02 - 2017-05-09 13:02 - 000739904 _____ (Oracle Corporation) C:\Users\MichaelGD3\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-07-19 12:24 - 2017-07-19 12:24 - 000739904 _____ (Oracle Corporation) C:\Users\MichaelGD3\AppData\Local\Temp\jre-8u141-windows-au.exe
2017-10-18 21:49 - 2017-10-18 21:49 - 001856576 _____ (Oracle Corporation) C:\Users\MichaelGD3\AppData\Local\Temp\jre-8u151-windows-au.exe
2018-01-19 23:29 - 2018-01-19 23:29 - 001864256 _____ (Oracle Corporation) C:\Users\MichaelGD3\AppData\Local\Temp\jre-8u161-windows-au.exe
2017-12-18 20:50 - 2017-12-18 20:50 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\kwfrxdhg.dll
2017-09-30 12:59 - 2017-09-30 12:59 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\kyn1ea5x.dll
2017-12-19 20:07 - 2017-12-19 20:07 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\l8tzuwr5.dll
2017-10-22 17:27 - 2017-10-22 17:27 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\lckuzdxt.dll
2016-09-14 20:00 - 2016-09-14 20:00 - 002458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\MichaelGD3\AppData\Local\Temp\libeay32.dll
2016-09-14 20:00 - 2016-09-14 20:00 - 000970912 _____ (Microsoft Corporation) C:\Users\MichaelGD3\AppData\Local\Temp\msvcr120.dll
2017-12-29 13:02 - 2017-12-29 13:02 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\nbxsanp5.dll
2018-01-09 16:32 - 2018-01-09 16:33 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\nfdegdju.dll
2017-11-11 21:47 - 2017-11-11 21:47 - 000008704 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\nkvxtcqe.dll
2018-02-12 21:45 - 2018-02-12 21:45 - 000003584 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\nrvcdvtu.dll
2017-08-26 18:29 - 2017-08-26 18:29 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\nsphrvga.dll
2017-11-22 18:50 - 2017-11-22 18:50 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\o0v3nnzq.dll
2018-02-02 18:33 - 2018-02-02 18:33 - 001523592 _____ (AVM Software Inc.) C:\Users\MichaelGD3\AppData\Local\Temp\pal_install_r1111_2.exe
2017-03-25 10:34 - 2017-03-25 10:34 - 001513192 _____ (AVM Software Inc.) C:\Users\MichaelGD3\AppData\Local\Temp\pal_install_r1111_3.exe
2018-02-08 13:49 - 2018-02-08 13:50 - 000003584 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\sazxxnwp.dll
2017-02-18 14:19 - 2017-02-18 14:19 - 000008704 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\seemmbwv.dll
2016-09-14 20:00 - 2016-09-14 20:00 - 000772672 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\sqlite3.dll
2017-08-23 07:46 - 2017-08-23 07:48 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\uagi3vgf.dll
2017-11-29 20:53 - 2017-11-29 20:53 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\v1mlikaw.dll
2018-01-16 11:06 - 2018-01-16 11:06 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\vbkrzoh3.dll
2017-12-22 19:51 - 2017-12-22 19:51 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\vvwmumgg.dll
2017-12-03 11:27 - 2017-12-03 11:27 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\xpjdof6y.dll
2017-09-07 23:57 - 2017-09-07 23:57 - 000003584 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\y81o0ism.dll
2017-11-11 09:25 - 2017-11-11 09:25 - 000036864 _____ () C:\Users\MichaelGD3\AppData\Local\Temp\yva-47j6.dll
2017-04-21 22:19 - 2017-04-21 22:19 - 001130328 _____ (Google Inc.) C:\Users\MichaelGD3\AppData\Local\Temp\{718860CD-FD64-46F2-BBF0-F1EEB2261503}-GoogleUpdateSetup.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-04-19 15:17
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.04.2018
Ran by MichaelGD3 (20-04-2018 17:00:38)
Running from C:\Users\MichaelGD3\Desktop\vv
Windows 7 Home Premium Service Pack 1 (X64) (2012-04-04 20:33:09)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3288293313-1438963180-3751763624-500 - Administrator - Disabled)
Guest (S-1-5-21-3288293313-1438963180-3751763624-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3288293313-1438963180-3751763624-1003 - Limited - Enabled)
JessicaG87 (S-1-5-21-3288293313-1438963180-3751763624-1001 - Limited - Enabled) => C:\Users\JessicaG87
MichaelGD3 (S-1-5-21-3288293313-1438963180-3751763624-1000 - Administrator - Enabled) => C:\Users\MichaelGD3
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
AS: IObit Malware Fighter (Disabled - Up to date) {977BC609-CCE5-593E-B50A-E8F88416181F}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0_1) (Version: 18.0.1 - Adobe Systems Incorporated)
Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.3.2333 - AVAST Software)
AX88772A (HKLM-x32\...\{9C010BB4-7BA9-423C-B369-1E4EDFCAD33B}) (Version: 1.05 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4417 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.3.0 - IObit)
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 4.82 - NCH Software)
Facebook Gameroom 1.4.6366.18604 (HKLM-x32\...\{2F01827A-B2EC-4F28-AE83-DD605728ED85}) (Version: 1.4.6366.18604 - Facebook)
Google Chrome (HKU\S-1-5-21-3288293313-1438963180-3751763624-1000\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{FA1BBF34-E994-4310-95D7-BE93092B8E61}) (Version: 7.3.1.4507 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Application Assistant (HKLM\...\{B34A07DD-C6F7-414A-AE63-01019482EAF0}) (Version: 1.0.393.3870 - Hewlett-Packard)
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}) (Version: 5.1.4244.16367 - Hewlett-Packard)
HP DeskJet 3700 series Basic Device Software (HKLM\...\{7DFAA225-8F8E-42A3-A215-EF1400BA6123}) (Version: 40.2.1085.16258 - HP Inc.)
HP DeskJet 3700 series Help (HKLM-x32\...\{9D10BAEF-4767-46EC-8A40-A6E75D84432C}) (Version: 40.0.0 - HP)
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 5.0.0.3 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP RSS (HKLM-x32\...\{A35E58D6-2A0F-4051-983B-79342081338E}) (Version: 5.1.4301.21494 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15130.3904 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.15145.3905 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{2B5A1E68-6617-406D-B797-5DAB5B4630B8}) (Version: 12.8.47.1 - HP Inc.)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard)
HP Weather (HKLM-x32\...\{8364E531-493B-4B05-8041-09D5CE38B975}) (Version: 5.1.4295.16450 - Hewlett-Packard)
InstallVC90Support (HKLM-x32\...\{6B9C32DB-DBCD-45A8-B901-3A92A99A2474}) (Version: 1.01.0000 - Novatel Wireless) Hidden
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.13.125.1 - Intel Security)
InterActual Player (HKLM-x32\...\InterActual Player) (Version:  - )
IObit Malware Fighter 5 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 5.6 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.2.0.11 - IObit)
IOTransfer 2 (HKLM-x32\...\IOTransfer_is1) (Version: 2.0.1.5223 - IOTransfer)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.587.1 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.183 - McAfee, Inc.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.2.6656 - Mozilla)
MP3 Rocket (HKLM-x32\...\MP3 Rocket) (Version: 6.3.9 - MP3 TechSupport Inc)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.1.0.28 - Symantec Corporation)
Octoshape add-in for Adobe Flash Player (HKU\S-1-5-21-3288293313-1438963180-3751763624-1000\...\Octoshape add-in for Adobe Flash Player) (Version:  - )
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
Paltalk Messenger  11.8 (HKLM-x32\...\Paltalk Messenger) (Version: 11.8.672.18100 - AVM Software Inc.)
Password Recovery for Google (remove only) (HKU\S-1-5-21-3288293313-1438963180-3751763624-1000\...\Password Recovery for Google) (Version:  - Reactive Software)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.65 - PDF Complete, Inc)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5705 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5705 - CyberLink Corp.)
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.63 - NCH Software)
Product Improvement Study for HP DeskJet 3700 series (HKLM\...\{B5883CEC-2E8A-442B-A9A2-012F5829995D}) (Version: 40.2.1085.16258 - HP Inc.)
Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 4.0.3.0 - Ralink)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.28162 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8199 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.82 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.4424 - CyberLink Corp.) Hidden
Registry Repair 5.0.1.87 (HKLM-x32\...\Registry Repair) (Version: 5.0.1.87 - Glarysoft Ltd)
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RogueKiller version 12.12.13.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.13.0 - Adlice Software)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.8.5 - IObit)
Tinychat Installer (HKLM-x32\...\{7429088E-8008-4A3E-8377-7F1016DCBB22}) (Version: 1.0.2 - Tinychat Co.) Hidden
TSHostedAppLauncher (HKLM-x32\...\{F89BADB0-D319-470E-8024-443EE3A3402B}) (Version: 5.1.15.0 - Hewlett-Packard) Hidden
Unity Web Player (HKU\S-1-5-21-3288293313-1438963180-3751763624-1000\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinZip 22.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24119}) (Version: 22.0.12706 - Corel Corporation)
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version:  - ZTE Corporation)
ZTE Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2066.1.9B04 - ZTE Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
HKU\S-1-5-21-3288293313-1438963180-3751763624-1000\...\ChromeHTML: -> C:\Users\MichaelGD3\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3288293313-1438963180-3751763624-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\MichaelGD3\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3288293313-1438963180-3751763624-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3288293313-1438963180-3751763624-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\MichaelGD3\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-03] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-03] (AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-03] (AVAST Software)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\19.1.0.28\NavShExt.dll [2011-08-13] (Symantec Corporation)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-12-11] (WinZip Computing, S.L.)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\19.1.0.28\NavShExt.dll [2011-08-13] (Symantec Corporation)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-03] (AVAST Software)
ContextMenuHandlers3: [LinkUpMenuExt] -> {B793E5EA-5344-488E-B98D-A18E2E5938AB} => C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\LinkUpExt64.dll [2011-05-06] (Hewlett-Packard)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-12-11] (WinZip Computing, S.L.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-04-03] (AVAST Software)
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\Windows\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\19.1.0.28\NavShExt.dll [2011-08-13] (Symantec Corporation)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2017-12-11] (WinZip Computing, S.L.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {00FD44D0-B2CF-48A7-9BCD-BECA381A2A02} - System32\Tasks\F
Task: {02394B8F-7DEB-4BA0-88FD-309053C95E6E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {03FBCC25-660C-45C8-9BE1-776E36220552} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-05-25] (HP Inc.)
Task: {060F09D0-3306-4E1A-A8EE-AB94AF45F036} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [2016-02-18] (Hewlett-Packard)
Task: {0A525986-BFA6-443E-AEAB-C3E6DD8CFACA} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-12-15] (McAfee, Inc.)
Task: {0B2E43C3-AED8-40D4-89C5-9392A126A775} - System32\Tasks\HPCustParticipation HP DeskJet 3700 series => C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPCustPartic.exe [2016-09-14] (HP Inc.)
Task: {0E807230-331B-4707-8FD7-C98BD0794748} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3288293313-1438963180-3751763624-1000Core => C:\Users\MichaelGD3\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-10] (Google Inc.)
Task: {12794072-AB49-4443-AC17-1620CAF6CFD2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {12D6401B-2F67-4D14-AE12-58DA4B239BF5} - System32\Tasks\{BFE39D3D-968D-42EC-B421-61676F40CCEA} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe" -c --uninstall
Task: {1350DB72-C9BC-4582-8A8A-CC419966A41C} - System32\Tasks\dd => C:\Users\MichaelGD3\Desktop\JellyRoll Feat. Lil Wyte POP ANOTHER PILL.mp3
Task: {14EDBE08-2FDF-4840-8669-7F9B0D29AE49} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_170_pepper.exe [2017-10-22] (Adobe Systems Incorporated)
Task: {1511A3EB-E334-4CDA-A0CC-8947E1D075B4} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2011-08-23] (CyberLink)
Task: {1DA29551-5DE3-41A2-AA9A-14616526938E} - System32\Tasks\{7424301F-37DD-4CF1-8CA6-05AF69C271FF} => C:\Windows\system32\pcalua.exe -a "C:\Users\MichaelGD3\Downloads\Adaware_Installer (1).exe" -d C:\Users\MichaelGD3\Downloads
Task: {3C6148AD-E490-4C41-9C8D-7CB81CC96D61} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\SymErr.exe [2011-08-11] (Symantec Corporation)
Task: {3DC64CEC-98F0-4ECB-8173-6633FAC88837} - System32\Tasks\ddG
Task: {44E93C7D-3FC4-4D89-89ED-49326314101C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-10] (Google Inc.)
Task: {45B1765D-D9C6-46E7-AEE6-3D751029F539} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2018-01-29] (IObit)
Task: {45E1E31F-B852-4D61-9DEB-5A78AFD3306B} - System32\Tasks\SafeZone scheduled Autoupdate 1483722876 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {4CBD695D-DA06-42FA-8ED5-0702599AD3E3} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\WSCStub.exe [2011-08-13] (Symantec Corporation)
Task: {4D6A7210-EBF2-43E8-BFB6-56BB3DCD57AB} - System32\Tasks\IOTransfer SkipUAC (MichaelGD3) => C:\Program Files (x86)\IOTransfer\IOT\IOTransfer.exe [2017-12-21] (IOTransfer Studio)
Task: {55A8D5EB-0302-4C87-80D8-3B1399F565B9} - System32\Tasks\NCH Software\PrismDowngrade => C:\Program Files (x86)\NCH Software\Prism\prism.exe [2016-09-09] (NCH Software)
Task: {572C0FBC-A753-407B-B7AE-AD02CA71F18A} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2017-12-11] (WinZip)
Task: {58B33ACB-4A6B-46C2-BC8F-043E00A246CE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3288293313-1438963180-3751763624-1000UA => C:\Users\MichaelGD3\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-10] (Google Inc.)
Task: {5BA5AA1E-6DEE-4B4F-A13B-D0BF6C221810} - System32\Tasks\HJGJGHJGHJHJGJ => C:\Users\MichaelGD3\Desktop\joymaids\Logos\jalin.png
Task: {63BF29D1-ABBF-4344-8125-0909159B134E} - System32\Tasks\Driver Booster SkipUAC (MichaelGD3) => C:\Program Files (x86)\IObit\Driver Booster\5.3.0\DriverBooster.exe [2018-03-22] (IObit)
Task: {6C1C7B90-B919-40C1-AA1A-C8221FED83D9} - System32\Tasks\Uninstaller_Install_MichaelGD3 => C:\Program Files (x86)\IObit\Advanced SystemCare\IObitUninstaller.exe
Task: {75689172-4C73-45D2-A8F5-4C9554C58C7C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-02-07] (HP Inc.)
Task: {758B2989-964A-41F2-9DBE-71BEEF76C937} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\SymErr.exe [2011-08-11] (Symantec Corporation)
Task: {807FFFA8-1E31-4878-AB21-984B18A14223} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {81F0F46E-1D31-4FB6-BF5D-E99552F50DCE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-04-13] (AVAST Software)
Task: {86149163-E4C9-430C-A334-A6824782172A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-03-06] (Piriform Ltd)
Task: {8D67AD59-80C2-4950-B82E-DDAC7433FF8D} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {9173A28C-CB64-4C60-82BA-D1E2184C8BEC} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink)
Task: {9263A2AD-880E-4F78-BFE5-E60BF55DB762} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {9659A4B2-462A-4833-959E-C44AAC49168A} - System32\Tasks\HPCeeScheduleForMichaelGD3 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {9D1C1AC1-C3D1-40CE-9A0B-D9B02EC21BD3} - System32\Tasks\rrr => C:\Users\MichaelGD3\Desktop\ww.wav
Task: {9F16A0DC-0865-4BB2-A154-058572D84C1C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2018-02-07] (HP Inc.)
Task: {A2C12348-16C0-4892-A6C4-FB465CDAED73} - System32\Tasks\tt => C:\Users\MichaelGD3\Desktop\ww.wav
Task: {AFCEFE04-07F5-489B-B336-C99A4C9B7EC4} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2017-07-28] (IObit)
Task: {B13D4F51-5E08-4EB5-8CF2-E767237CA594} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-03-13] (Adobe Systems Incorporated)
Task: {B1844252-0D8F-4110-8C9C-E2B71E95982E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-03-06] (Piriform Ltd)
Task: {B9DC3A93-D705-48A6-8556-B2C66792FB78} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {BFDA9E6F-6114-4A7F-9BED-32D10FD380E5} - System32\Tasks\xzxzxzxzxz => C:\Users\MichaelGD3\Desktop\jessica.png
Task: {C11D341E-0913-44E3-BD70-A38040968091} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_Plugin.exe [2018-03-13] (Adobe Systems Incorporated)
Task: {CB23B584-D4C6-49A9-BD87-5BA76BBD2AA9} - \ASC10_SkipUac_MichaelGD3 -> No File <==== ATTENTION
Task: {D8FFF4B6-84A2-4448-9C20-92B8A0935627} - System32\Tasks\qw => C:\Users\MichaelGD3\Documents\00000000.aup
Task: {DD0C3C0C-C2C8-4B5F-B90F-58B167F924C4} - System32\Tasks\x
Task: {E03C8235-7D6D-4BFE-BDD5-BDB4AAC9FD7E} - System32\Tasks\FDFD => C:\Users\MichaelGD3\Desktop\joymaids\Logos\jalin.png
Task: {E876C9FF-8591-48C9-B12B-D289CD172CB0} - \Driver Booster Scheduler -> No File <==== ATTENTION
Task: {EAE2E99A-5685-4073-90D5-96D1DE1E3FC5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-04-03] (AVAST Software)
Task: {EF1F85F1-90B3-44B1-8E39-8675942A8939} - System32\Tasks\AdobeAAMUpdater-1.0-MichaelGD3-HP-MichaelGD3 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {EFD53539-03A7-491E-ABB5-63424A6BB4CB} - System32\Tasks\bb => C:\Users\MichaelGD3\Desktop\Horror_Sound_Effects_-_Scary_Screams[Mp3Converter.net].mp3
Task: {F847A019-EC50-41D1-B695-2E4B6916E412} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-10] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\MichaelGD3\Documents\Virus Protection\adwcleaner_7.1.0.0.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMichaelGD3.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\MichaelGD3\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\895109189e38790\Google Chrome.lnk -> C:\Users\MichaelGD3\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-08-04 01:25 - 2015-08-04 01:25 - 000127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2018-04-19 13:44 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-19 13:44 - 2017-11-01 08:54 - 002358736 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-04-03 12:11 - 2018-04-03 12:11 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2018-04-03 12:12 - 2018-04-03 12:12 - 000920280 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2018-04-03 12:12 - 2018-04-03 12:12 - 000348888 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-04-03 12:12 - 2018-04-03 12:12 - 000329432 _____ () C:\Program Files\AVAST Software\Avast\x64\tasks_core.dll
2016-10-25 10:57 - 2016-10-25 10:57 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2018-04-03 12:11 - 2018-04-03 12:11 - 000349912 _____ () C:\Program Files\AVAST Software\Avast\streamback_avast.dll
2018-04-03 12:11 - 2018-04-03 12:11 - 000295640 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-04-03 12:11 - 2018-04-03 12:11 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-04-03 12:11 - 2018-04-03 12:11 - 000763608 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2018-04-03 12:12 - 2018-04-03 12:12 - 000911064 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-04-03 12:10 - 2018-04-03 12:10 - 000172760 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-04-03 12:11 - 2018-04-03 12:11 - 000969944 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-04-03 12:11 - 2018-04-03 12:11 - 000501464 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-04-20 13:19 - 2018-04-20 13:19 - 005817488 _____ () C:\Program Files\AVAST Software\Avast\defs\18042004\algo.dll
2017-01-19 13:52 - 2016-01-11 18:03 - 000899872 _____ () C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
2017-01-19 13:52 - 2016-01-11 18:02 - 000630048 _____ () C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
2018-03-01 19:04 - 2018-03-01 19:04 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-04-03 12:10 - 2018-04-03 12:10 - 000281816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:CD16517D [139]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3288293313-1438963180-3751763624-1000\...\localhost -> localhost
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2017-07-14 21:12 - 000000871 _____ C:\Windows\system32\Drivers\etc\hosts
 
0.0.0.1 mssplus.mcafee.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3288293313-1438963180-3751763624-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MichaelGD3\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: CalendarSynchService => 2
MSCONFIG\Services: GamesAppIntegrationService => 3
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: HPClientSvc => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: iFunSoftUpdaterSvc => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: pdfcDispatcher => 2
MSCONFIG\Services: TrueKeyServiceHelper => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^MichaelGD3^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Gameroom.lnk => C:\Windows\pss\Facebook Gameroom.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MichaelGD3^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Cartridge Alerts - HP DJ 3700 series.lnk => C:\Windows\pss\Monitor Cartridge Alerts - HP DJ 3700 series.lnk.Startup
MSCONFIG\startupfolder: C:^Users^MichaelGD3^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk => C:\Windows\pss\PalTalk.lnk.Startup
MSCONFIG\startupreg: Ad-Aware Antivirus => "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
MSCONFIG\startupreg: Ad-Aware Browsing Protection => "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: avast => "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
MSCONFIG\startupreg: DATAMNGR => C:\PROGRA~2\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
MSCONFIG\startupreg: Google Update => C:\Users\MichaelGD3\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: MobiLink3 => C:\Program Files (x86)\Novatel Wireless\Virgin Mobile\MobiLink3.exe
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: StartCCC => "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: WinZip FAH => C:\Program Files\WinZip\FAHConsole.exe
MSCONFIG\startupreg: WinZip PreLoader => C:\Program Files\WinZip\WzPreloader.exe
MSCONFIG\startupreg: WinZip UN => C:\Program Files\WinZip\WZUpdateNotifier.exe
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{B15A3B3F-79C5-4A54-94F0-F9670112EF74}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\RoxioNow\RNow.exe
FirewallRules: [{F6DB8FC8-41E9-4FE3-9F5A-0552542CA8F5}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\RoxioNow\RNow.exe
FirewallRules: [{CF279F59-13E4-40D1-B0D8-1C3793EEC224}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\RoxioNow\IndivDRM.exe
FirewallRules: [{72523B42-DA4F-4316-802A-FB55CB87D42A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\RoxioNow\IndivDRM.exe
FirewallRules: [{1056C3DB-DD17-41A5-B7E3-BABDC8BBD93D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{082C0BD5-5ECF-4C4A-A59A-68607403955C}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{8A5F243C-9F19-4439-BE59-7436B493948C}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{8224FFBF-EEF2-4FE4-B469-37900DA0E530}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{98EC4ADE-716F-453E-8831-FA22FB3FC917}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5CEFDCDA-FFC7-4708-989F-C83FC174D122}] => (Allow) LPort=2869
FirewallRules: [{427FD195-1932-4B63-97FC-8F3219314E0F}] => (Allow) LPort=1900
FirewallRules: [{5702DC64-46B9-4EBA-9BA2-2008856831E7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{238077EA-F844-40C8-8334-705B8293EA5D}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{A76E4529-3200-4766-A8AB-16631FBBAFF2}C:\users\michaelgd3\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe] => (Allow) C:\users\michaelgd3\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe
FirewallRules: [UDP Query User{4D08F874-555E-43A6-AF59-263C84C9F9F7}C:\users\michaelgd3\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe] => (Allow) C:\users\michaelgd3\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe
FirewallRules: [{950D5563-A83A-4018-9785-982F7D94515E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
FirewallRules: [TCP Query User{7749A4FB-50A5-46D1-A61D-383492F4E8E5}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Block) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [UDP Query User{B1F37D4E-3FA9-4B83-B8A1-1508780CAE96}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Block) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [{E74660E2-E640-4AB4-A427-0C53C09A4104}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F44EDA0D-942A-4751-8DA5-4883FDC0B53F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9D48AFDC-9A5D-4259-8544-AC72F58687D9}] => (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\DeviceSetup.exe
FirewallRules: [{379C4ACA-23AD-4D56-88EF-4B89005E840A}] => (Allow) LPort=5357
FirewallRules: [{D65BA543-3F4D-49AB-8CED-5C29EF01277D}] => (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{BAADE1FA-FE1E-4E6A-BA90-582EEB2C7DFF}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{5351F145-7316-4FFD-9E17-EAA288D3F652}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{DFB16D24-F899-48EC-8713-FB1859BC222B}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{6E5F9DAB-D4E0-4743-95C3-AD13D1CA6E45}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [TCP Query User{7302731A-99D4-475A-9C35-08B078A2FF8B}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [UDP Query User{CDA09F20-1EBF-4A6E-8C17-A902E2AAB872}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe
FirewallRules: [TCP Query User{920578AB-89FC-4E24-B3C9-282A8C3D4C87}C:\users\michaelgd3\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\michaelgd3\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{B60B7803-AA9E-4AB3-8495-CF4CA6C74CAF}C:\users\michaelgd3\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\michaelgd3\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{78AF170F-A527-4513-814C-A0B1D6951A8E}C:\users\michaelgd3\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\michaelgd3\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{35F2437D-5F9A-4C09-90E0-0C76384019B8}C:\users\michaelgd3\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\michaelgd3\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{2DC49D3F-74DE-4F90-AF7C-45EB33E1245E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{CD7887FA-3349-4459-AC5C-E0D4EA31BA42}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.3.0\DriverBooster.exe
FirewallRules: [{1B77D14B-04D5-46EC-A6B8-82A835980C1A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.3.0\DriverBooster.exe
FirewallRules: [{0FCB66FE-B940-41BB-A309-EF936A85779F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.3.0\DBDownloader.exe
FirewallRules: [{24261FC7-34CB-43C0-BA5B-2E24DF3CB0AA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.3.0\DBDownloader.exe
FirewallRules: [{8FE471BC-63BC-471D-A2D9-4FBF44467F3F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.3.0\AutoUpdate.exe
FirewallRules: [{92E6C3B2-7A19-48D1-8D70-27BCF0044263}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.3.0\AutoUpdate.exe
 
==================== Restore Points =========================
 
19-04-2018 13:39:04 Driver Booster : Realtek PCIe FE Family Controller
20-04-2018 12:31:33 BEFORE GOOGLE RESET
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/20/2018 01:36:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.23537, time stamp: 0x57c44efe
Faulting module name: ntdll.dll, version: 6.1.7601.24094, time stamp: 0x5abee643
Exception code: 0xc0000374
Fault offset: 0x00000000000bf6b2
Faulting process id: 0x1814
Faulting application start time: 0x01d3d8ce06b5c52e
Faulting application path: C:\Windows\explorer.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 5ee20e7c-44c1-11e8-bdcb-e89a8fdcf810
 
Error: (04/20/2018 01:35:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.23537, time stamp: 0x57c44efe
Faulting module name: ntdll.dll, version: 6.1.7601.24094, time stamp: 0x5abee643
Exception code: 0xc0000374
Fault offset: 0x00000000000bf6b2
Faulting process id: 0x620
Faulting application start time: 0x01d3d8cad1e50596
Faulting application path: C:\Windows\Explorer.EXE
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 3b042a5a-44c1-11e8-bdcb-e89a8fdcf810
 
Error: (04/20/2018 01:28:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: javaw.exe, version: 8.0.1610.12, time stamp: 0x5a39ba13
Faulting module name: ntdll.dll, version: 6.1.7601.24094, time stamp: 0x5abedfcd
Exception code: 0xc0000374
Fault offset: 0x000ce9fb
Faulting process id: 0x14f8
Faulting application start time: 0x01d3d8cd0b70310e
Faulting application path: C:\Program Files (x86)\Java\jre1.8.0_161\bin\javaw.exe
Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report Id: 4ce134b6-44c0-11e8-bdcb-e89a8fdcf810
 
Error: (04/20/2018 01:24:59 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 
Error: (04/20/2018 01:04:02 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:
 
Error: (04/20/2018 12:48:09 PM) (Source: TrueKey) (EventID: 0) (User: )
Description: Failed to process session change. System.ArgumentNullException: Value cannot be null.
   at System.Threading.Monitor.Enter(Object obj)
   at McAfee.YAP.Service.Common.UsersManager.GetWindowsUsers(Boolean async)
   at McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
   at System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)
 
Error: (04/20/2018 12:38:37 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The operation timed out
 
Error: (04/20/2018 11:57:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: javaw.exe, version: 8.0.1610.12, time stamp: 0x5a39ba13
Faulting module name: ntdll.dll, version: 6.1.7601.24094, time stamp: 0x5abedfcd
Exception code: 0xc0000374
Fault offset: 0x000ce9fb
Faulting process id: 0x1a30
Faulting application start time: 0x01d3d8c04658a227
Faulting application path: C:\Program Files (x86)\Java\jre1.8.0_161\bin\javaw.exe
Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report Id: 89dd7269-44b3-11e8-a120-e89a8fdcf810
 
 
System errors:
=============
Error: (04/20/2018 04:58:50 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: The DHCP allocator has disabled itself on IP address 24.38.130.36, since the IP address is outside the 192.168.137.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
 
Error: (04/20/2018 04:26:22 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: The DHCP allocator has disabled itself on IP address 24.38.130.36, since the IP address is outside the 192.168.137.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
 
Error: (04/20/2018 01:25:19 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: The DHCP allocator has disabled itself on IP address 24.38.130.36, since the IP address is outside the 192.168.137.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
 
Error: (04/20/2018 01:25:15 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
 
Error: (04/20/2018 01:16:12 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: The DHCP allocator has disabled itself on IP address 24.38.130.36, since the IP address is outside the 192.168.137.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
 
Error: (04/20/2018 01:16:09 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
 
Error: (04/20/2018 01:16:09 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
 
Error: (04/20/2018 01:14:16 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: The DHCP allocator has disabled itself on IP address 24.38.130.36, since the IP address is outside the 192.168.137.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.
 
 
Windows Defender:
===================================
Date: 2013-07-12 16:24:18.175
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
Name:Adware:Win32/AddLyrics
ID:195750
Severity:Medium
Category:Adware
Path Found:bho:HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{F2D7DFB7-6D91-4BD7-846E-BEF9BC3BD81A};clsid:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{F2D7DFB7-6D91-4BD7-846E-BEF9BC3BD81A};clsid:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{F2D7DFB7-6D91-4BD7-846E-BEF9BC3BD81A};file:C:\Program Files (x86)\LyricSing\116.dll;interface:HKLM\SOFTWARE\CLASSES\INTERFACE\{F13DE7FD-3272-424C-ABB4-03F0C5F620EC};regkey:HKLM\SOFTWARE\CLASSES\INTERFACE\{F13DE7FD-3272-424C-ABB4-03F0C5F620EC};regkey:HKLM\SOFTWARE\CLASSES\TYPELIB\{B30BFED2-3192-40D9-9CC5-0179FB663D5A}\1.0;regkey:HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{F2D7DFB7-6D91-4BD7-846E-BEF9BC3BD81A};regkey:HKLM\SOFTWARE\Wow6432Node\CLASSES\CLSID\{F2D7DFB7-6D91-4BD7-846E-BEF9BC3BD81A};regkey:HKLM\SOFTWARE\Wow6432Node\CLASSES\TYPELIB\{B30BFED2-3192-40D9-9CC5-0179FB663D5A}\1.0;regkey:HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{F2D7DFB7-6D91-4BD7-846E-BEF9BC3BD81A};typelibversion:HKLM\SOFTWARE\CLAS
Detection Type:Concrete
Detection Source:Real-Time Protection
Status:Unknown
Process Name:
 
Date: 2013-07-12 16:23:34.081
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
Name:Adware:Win32/AddLyrics
ID:195750
Severity:Medium
Category:Adware
Path Found:file:C:\Program Files (x86)\LyricSing\116.dll
Detection Type:Concrete
Detection Source:Real-Time Protection
Status:Unknown
Process Name:
 
Date: 2013-07-12 16:20:58.362
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
Name:Adware:Win32/AddLyrics
ID:195750
Severity:Medium
Category:Adware
Path Found:file:C:\Users\MichaelGD3\AppData\Local\Temp\ly.exe
Detection Type:Concrete
Detection Source:Real-Time Protection
Status:Unknown
Process Name:
 
Date: 2015-09-10 14:46:10.094
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Backup
Error Code:0x8050a004
Error description:This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 
Signature version:1.205.1577.0
Engine version:1.1.11804.0
 
Date: 2015-09-10 14:36:55.183
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Backup
Error Code:0x8050a004
Error description:This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 
Signature version:1.205.1577.0
Engine version:1.1.11804.0
 
Date: 2015-09-10 14:25:00.243
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Backup
Error Code:0x8050a004
Error description:This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 
Signature version:1.205.1577.0
Engine version:1.1.11804.0
 
Date: 2015-09-10 14:18:36.774
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Backup
Error Code:0x8050a004
Error description:This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 
Signature version:1.205.1577.0
Engine version:1.1.11804.0
 
Date: 2015-09-10 13:01:27.175
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Backup
Error Code:0x8050a004
Error description:This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 
Signature version:1.205.1577.0
Engine version:1.1.11804.0
 
CodeIntegrity:
===================================
 
Date: 2017-01-19 13:59:01.162
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2017-01-19 13:59:00.575
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2017-01-19 13:14:53.617
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2017-01-19 13:14:53.055
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
==================== Memory info =========================== 
 
Processor: AMD E-450 APU with Radeon™ HD Graphics
Percentage of memory in use: 83%
Total physical RAM: 3700.64 MB
Available physical RAM: 601.67 MB
Total Virtual: 7399.46 MB
Available Virtual: 4569.5 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:448.74 GB) (Free:348.45 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:16.92 GB) (Free:2.08 GB) NTFS ==>[system with boot components (obtained from drive)]
 
\\?\Volume{4ca43ef7-7e52-11e1-a358-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AA598E86)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.9 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 

Attached Files



BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:04:57 PM

Posted 20 April 2018 - 08:41 PM

Closing Duplicate.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users