Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown Source: Access to C drive denied and downloads fail.


  • This topic is locked This topic is locked
2 replies to this topic

#1 Somohexual

Somohexual

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:45 PM

Posted 28 May 2018 - 04:22 PM

If I try to go to C or D drive I get

Location is not available

 

C:\ is not accessible (same for D:\)

Access is denied.


 

If I try to download anything at all I get

 

Failed - Download error

 

Everything works fine in Safe Mode.

 

I've tried using Malwarebytes, RKill, TDSSKiller, Hitman Pro, Avast Free Antivirus, AdwCleaner, and simply changing my computer permissions. Nothing is working and I have no idea why. :/

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by Brandon (administrator) on BRANDON-PC (28-05-2018 12:19:29)
Running from C:\Users\Brandon\Desktop
Loaded Profiles: Brandon (Available Profiles: Brandon & UpdatusUser & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microvirt Software Technology Co. Ltd.) D:\Program Files\Microvirt\MEmu\MemuService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(BitTorrent Inc.) C:\Users\Brandon\AppData\Roaming\uTorrent\uTorrent.exe
(Flux Software LLC) C:\Users\Brandon\AppData\Local\FluxSoftware\Flux\flux.exe
(Spotify Ltd) C:\Users\Brandon\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Users\Brandon\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(BitTorrent Inc.) C:\Users\Brandon\AppData\Roaming\uTorrent\updates\3.5.3_44396\utorrentie.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\SamsungFastStart\SmartRestarter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-12-15] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4791024 2013-07-17] (Intel® Corporation)
HKLM\...\Run: [IntelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1449984 2010-08-31] (Intel® Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-05-17] (AVAST Software)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [618496 2010-06-07] ()
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-08-25] (cyberlink)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-02] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2018-02-22] (Adobe Systems Inc.)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => D:\EaseUS Partition Master 12.5\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587800 2017-12-19] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2503403413-1387520261-2031820482-1001\...\Run: [uTorrent] => C:\Users\Brandon\AppData\Roaming\uTorrent\uTorrent.exe [1983672 2018-04-17] (BitTorrent Inc.)
HKU\S-1-5-21-2503403413-1387520261-2031820482-1001\...\Run: [f.lux] => C:\Users\Brandon\AppData\Local\FluxSoftware\Flux\flux.exe [1024240 2016-12-05] (Flux Software LLC)
HKU\S-1-5-21-2503403413-1387520261-2031820482-1001\...\Run: [Spotify Web Helper] => C:\Users\Brandon\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-18] (Spotify Ltd)
HKU\S-1-5-21-2503403413-1387520261-2031820482-1001\...\Run: [GoogleChromeAutoLaunch_E39CDFEA4A38A6B3C5F413D26810AFC3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1586008 2018-05-14] (Google Inc.)
HKU\S-1-5-21-2503403413-1387520261-2031820482-1001\...\MountPoints2: {2e3e2152-65c6-11e3-9c97-ea0e6d546a88} - F:\OblivionLauncher.exe
HKU\S-1-5-21-2503403413-1387520261-2031820482-1001\...\MountPoints2: {2e3e2155-65c6-11e3-9c97-ea0e6d546a88} - G:\CD_Start.exe
HKU\S-1-5-21-2503403413-1387520261-2031820482-1001\...\MountPoints2: {9407db7f-ec14-11e4-8654-8f37ebbd4897} - F:\setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [171896 2018-01-03] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [149736 2018-01-03] (NVIDIA Corporation)
AppInit_DLLs-x32:  c:\progra~2\browse~1\sprote~1.dll => No File
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149736 2018-01-03] (NVIDIA Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.86.1
Tcpip\..\Interfaces\{F2582219-FC48-4FD5-9DCC-8F72819CBF02}: [DhcpNameServer] 192.168.86.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2503403413-1387520261-2031820482-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2503403413-1387520261-2031820482-1001 -> DefaultScope {51953F3E-EAED-4ED3-9C0C-FBA4534DF15F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2503403413-1387520261-2031820482-1001 -> {51953F3E-EAED-4ED3-9C0C-FBA4534DF15F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-02-09] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-05-17] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-09] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-05-17] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-22] (Microsoft Corporation)
BHO-x32: W2PBrowser Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-09-17] ()
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-2503403413-1387520261-2031820482-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-02-02]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-06-03] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-09] ()
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-09] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-09] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-02-22] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2503403413-1387520261-2031820482-1001: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2012-10-15] (The Happy Cloud)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/"
CHR Profile: C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default [2018-05-28]
CHR Extension: (Duolingo on the Web) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2017-01-15]
CHR Extension: (Flash Player) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmimdmkleccdoghpgdhaahkelfhjfhgm [2018-05-28]
CHR Extension: (Adblock Plus) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-05-26]
CHR Extension: (Adblock for Youtube™) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-06-14]
CHR Extension: (Tampermonkey) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-05-23]
CHR Extension: (Adobe Acrobat) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-06]
CHR Extension: (Avast SafePrice) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-05-28]
CHR Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2018-05-28]
CHR Extension: (Full Page Screen Capture) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2018-05-27]
CHR Extension: (AdBlock) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-26]
CHR Extension: (Avast Online Security) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-20]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2017-01-15]
CHR Extension: (Forum Enhancer Kit) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\iejafjpfgdljeoclgemlojoeobgaaphm [2014-02-20]
CHR Extension: (Shardbound Stream Browser) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jggggbjablhbpnnpjlagjclfofkjmaef [2017-02-26]
CHR Extension: (Image Autosizer) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbbmeeflfcjnbeelhinbnlmdjmekfhbm [2017-02-05]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2017-07-25]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2018-04-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-10]
CHR Extension: (Evernote Web Clipper) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2018-05-23]
CHR Extension: (Chrome Media Router) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-04]
CHR Profile: C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-04-01]
CHR Profile: C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-05-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-02-21]
CHR Extension: (Avast SafePrice) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-04-23]
CHR Extension: (Avast Online Security) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-23]
CHR Profile: C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-05-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-03-25]
CHR Extension: (Avast SafePrice) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-03-25]
CHR Extension: (Avast Online Security) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-23]
CHR Profile: C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 3 [2018-05-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-02-21]
CHR Extension: (Avast SafePrice) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-02-21]
CHR Extension: (Avast Online Security) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-23]
CHR Profile: C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 4 [2018-05-01]
CHR Extension: (Slides) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-21]
CHR Extension: (Docs) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-21]
CHR Extension: (Google Drive) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-13]
CHR Extension: (YouTube) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-13]
CHR Extension: (Google Search) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-03]
CHR Extension: (Adobe Acrobat) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-21]
CHR Extension: (Avast SafePrice) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-03-25]
CHR Extension: (Sheets) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-21]
CHR Extension: (Google Docs Offline) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-13]
CHR Extension: (Avast Online Security) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-04-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-23]
CHR Extension: (Gmail) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-03]
CHR Extension: (Chrome Media Router) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-23]
CHR Profile: C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\System Profile [2016-11-18]
CHR Extension: (Google Slides) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-08]
CHR Extension: (Google Docs) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-08]
CHR Extension: (Google Drive) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-08]
CHR Extension: (YouTube) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-08]
CHR Extension: (Google Search) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-08]
CHR Extension: (Google Sheets) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-08]
CHR Extension: (Gmail) - C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-08]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7620096 2018-05-17] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2018-05-17] (AVAST Software)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [246256 2010-08-24] (CyberLink)
R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [408576 2010-08-31] (Red Bend Ltd.) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135488 2018-05-27] (SurfRight B.V.)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960160 2016-04-22] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136 2018-03-27] (Malwarebytes)
R2 MEmusvc; D:\Program Files\Microvirt\MEmu\MemuService.exe [269480 2017-12-15] (Microvirt Software Technology Co. Ltd.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-07-17] ()
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-12-15] (Realtek Semiconductor)
R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [911872 2010-08-31] (Intel® Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-11-30] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3377904 2013-07-17] (Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196640 2018-05-17] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-03-12] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-03-12] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-03-12] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-03-12] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [234560 2018-05-17] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-05-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159120 2018-05-17] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111360 2018-05-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-05-17] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-05-17] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-05-17] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-05-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381552 2018-05-17] (AVAST Software)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-01-09] (Bluestack System Inc. )
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2015-04-26] (DT Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [24056 2016-01-14] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [21496 2016-01-14] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-07-11] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2016-07-11] () [File not signed]
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-31] (REALiX™)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-05-28] (Malwarebytes)
R2 memudrv; D:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [260368 2015-11-02] (Microvirt Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R1 MpKsl1258c7bc; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{122F51F1-8D83-41F4-9324-EC6FF0A08409}\MpKsl1258c7bc.sys [58120 2018-05-28] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31024 2018-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [59240 2017-12-14] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2018-01-03] (NVIDIA Corporation)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2018-05-28] ()
S3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows ® Win 7 DDK provider)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
U1 aswbdisk; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-05-28 11:38 - 2018-05-28 11:38 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-05-28 11:37 - 2018-05-28 11:37 - 000000020 ___SH C:\Users\UpdatusUser\ntuser.ini
2018-05-28 11:37 - 2018-05-28 11:37 - 000000000 ____D C:\Users\UpdatusUser\AppData\Local\CrashDumps
2018-05-28 10:31 - 2018-05-28 10:31 - 036617024 _____ (Adlice Software ) C:\Users\Brandon\Desktop\RogueKiller_setup.exe
2018-05-28 10:15 - 2018-05-28 10:15 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2018-05-27 19:51 - 2018-05-27 20:00 - 000233120 _____ C:\TDSSKiller.3.1.0.17_27.05.2018_19.51.34_log.txt
2018-05-27 18:16 - 2018-05-27 18:16 - 000001524 _____ C:\Windows\system32\.crusader
2018-05-27 17:10 - 2018-05-27 17:10 - 000001857 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2018-05-27 17:10 - 2018-05-27 17:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2018-05-27 17:10 - 2018-05-27 17:10 - 000000000 ____D C:\Program Files\HitmanPro
2018-05-27 17:09 - 2018-05-27 19:37 - 000000000 ____D C:\ProgramData\HitmanPro
2018-05-27 17:09 - 2018-05-27 17:09 - 011605440 _____ (SurfRight B.V.) C:\Users\Brandon\Desktop\HitmanPro_x64.exe
2018-05-27 17:08 - 2018-05-28 11:19 - 000000000 ____D C:\ProgramData\RogueKiller
2018-05-27 17:08 - 2018-05-28 10:32 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2018-05-27 17:08 - 2018-05-28 10:32 - 000000818 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2018-05-27 17:08 - 2018-05-28 10:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-05-27 17:07 - 2018-05-28 10:32 - 000000000 ____D C:\Program Files\RogueKiller
2018-05-27 15:31 - 2018-05-27 15:31 - 036675520 _____ (Adlice Software ) C:\Users\Brandon\Desktop\RogueKiller_setup_ref3.exe
2018-05-27 15:20 - 2018-05-27 15:21 - 000064123 _____ C:\Users\Brandon\Desktop\Addition.txt
2018-05-27 15:18 - 2018-05-28 12:20 - 000036228 _____ C:\Users\Brandon\Desktop\FRST.txt
2018-05-27 15:18 - 2018-05-28 12:19 - 000000000 ____D C:\FRST
2018-05-27 15:18 - 2018-05-27 15:18 - 002413056 _____ (Farbar) C:\Users\Brandon\Desktop\FRST64.exe
2018-05-27 15:17 - 2018-05-27 15:17 - 001773568 _____ (Farbar) C:\Users\Brandon\Desktop\FRST.exe
2018-05-27 15:17 - 2018-05-27 15:17 - 001773568 _____ (Farbar) C:\Users\Brandon\Desktop\FRST (1).exe
2018-05-27 15:13 - 2018-05-27 15:15 - 000231472 _____ C:\TDSSKiller.3.1.0.17_27.05.2018_15.13.54_log.txt
2018-05-27 15:13 - 2018-05-27 15:13 - 004949824 _____ (AO Kaspersky Lab) C:\Users\Brandon\Desktop\tdsskiller.exe
2018-05-26 22:08 - 2018-05-28 11:35 - 000000280 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2018-05-26 22:07 - 2018-05-28 11:35 - 000001708 _____ C:\Users\Brandon\Desktop\Rkill.txt
2018-05-26 22:07 - 2018-05-26 22:07 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Brandon\Downloads\rkill.exe
2018-05-26 22:07 - 2018-05-26 22:07 - 000988112 _____ (Bleeping Computer, LLC) C:\Users\Brandon\Downloads\rkill64.exe
2018-05-26 22:06 - 2018-05-26 22:08 - 000000000 ____D C:\AdwCleaner
2018-05-26 22:06 - 2018-05-26 22:06 - 007271632 _____ (Malwarebytes) C:\Users\Brandon\Downloads\AdwCleaner.exe
2018-05-26 18:54 - 2018-05-26 18:54 - 000001827 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-05-26 18:54 - 2018-05-26 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-05-26 18:54 - 2018-03-19 12:57 - 000076192 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-05-26 18:45 - 2018-05-28 10:48 - 001784230 _____ C:\Windows\ntbtlog.txt
2018-05-25 22:20 - 2018-05-25 22:20 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-05-17 18:02 - 2018-05-17 18:02 - 000376536 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-05-13 10:14 - 2018-05-13 10:14 - 000000000 ____D C:\Users\Guest\AppData\Roaming\Sun
2018-05-13 10:14 - 2018-05-13 10:14 - 000000000 ____D C:\Users\Guest\AppData\LocalLow\Sun
2018-05-13 10:09 - 2018-05-13 10:09 - 000000000 ____D C:\Users\Guest\AppData\Local\VirtualStore
2018-05-09 01:35 - 2018-04-22 04:04 - 025744896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-05-09 01:35 - 2018-04-22 03:24 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-05-09 01:34 - 2018-04-23 14:57 - 000396960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-05-09 01:34 - 2018-04-23 14:02 - 000348832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-05-09 01:34 - 2018-04-22 20:35 - 005583552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-05-09 01:34 - 2018-04-22 20:35 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-05-09 01:34 - 2018-04-22 20:35 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-05-09 01:34 - 2018-04-22 20:35 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-05-09 01:34 - 2018-04-22 20:35 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-05-09 01:34 - 2018-04-22 20:12 - 004047040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-05-09 01:34 - 2018-04-22 20:12 - 003958464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-05-09 01:34 - 2018-04-22 20:10 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-05-09 01:34 - 2018-04-22 20:07 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 001461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000512512 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 20:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:44 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-05-09 01:34 - 2018-04-22 19:41 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-05-09 01:34 - 2018-04-22 19:41 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-05-09 01:34 - 2018-04-22 19:41 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-05-09 01:34 - 2018-04-22 19:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-05-09 01:34 - 2018-04-22 19:41 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-05-09 01:34 - 2018-04-22 19:41 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-05-09 01:34 - 2018-04-22 19:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-05-09 01:34 - 2018-04-22 19:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-05-09 01:34 - 2018-04-22 19:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:32 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-05-09 01:34 - 2018-04-22 19:32 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-05-09 01:34 - 2018-04-22 19:32 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-05-09 01:34 - 2018-04-22 19:31 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-05-09 01:34 - 2018-04-22 19:28 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-05-09 01:34 - 2018-04-22 19:28 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-05-09 01:34 - 2018-04-22 19:27 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-05-09 01:34 - 2018-04-22 19:25 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-05-09 01:34 - 2018-04-22 19:24 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-05-09 01:34 - 2018-04-22 19:24 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-05-09 01:34 - 2018-04-22 19:24 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-05-09 01:34 - 2018-04-22 19:23 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-05-09 01:34 - 2018-04-22 19:23 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-05-09 01:34 - 2018-04-22 19:22 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-05-09 01:34 - 2018-04-22 19:19 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-05-09 01:34 - 2018-04-22 19:19 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-05-09 01:34 - 2018-04-22 19:19 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-05-09 01:34 - 2018-04-22 19:19 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-05-09 01:34 - 2018-04-22 19:18 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-05-09 01:34 - 2018-04-22 19:18 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:18 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:18 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 19:18 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-05-09 01:34 - 2018-04-22 03:53 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-05-09 01:34 - 2018-04-22 03:53 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-05-09 01:34 - 2018-04-22 03:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-05-09 01:34 - 2018-04-22 03:39 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-05-09 01:34 - 2018-04-22 03:38 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-05-09 01:34 - 2018-04-22 03:38 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-05-09 01:34 - 2018-04-22 03:38 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-05-09 01:34 - 2018-04-22 03:37 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-05-09 01:34 - 2018-04-22 03:32 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-05-09 01:34 - 2018-04-22 03:31 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-05-09 01:34 - 2018-04-22 03:30 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-05-09 01:34 - 2018-04-22 03:27 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-05-09 01:34 - 2018-04-22 03:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-05-09 01:34 - 2018-04-22 03:26 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-05-09 01:34 - 2018-04-22 03:26 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-05-09 01:34 - 2018-04-22 03:26 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-05-09 01:34 - 2018-04-22 03:18 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-05-09 01:34 - 2018-04-22 03:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-05-09 01:34 - 2018-04-22 03:15 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-05-09 01:34 - 2018-04-22 03:08 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-05-09 01:34 - 2018-04-22 03:08 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-05-09 01:34 - 2018-04-22 03:07 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-05-09 01:34 - 2018-04-22 03:04 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-05-09 01:34 - 2018-04-22 03:04 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-05-09 01:34 - 2018-04-22 03:04 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-05-09 01:34 - 2018-04-22 03:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-05-09 01:34 - 2018-04-22 03:03 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-05-09 01:34 - 2018-04-22 03:03 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-05-09 01:34 - 2018-04-22 03:02 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-05-09 01:34 - 2018-04-22 03:02 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-05-09 01:34 - 2018-04-22 03:00 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-05-09 01:34 - 2018-04-22 03:00 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-05-09 01:34 - 2018-04-22 02:57 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-05-09 01:34 - 2018-04-22 02:56 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-05-09 01:34 - 2018-04-22 02:55 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-05-09 01:34 - 2018-04-22 02:54 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-05-09 01:34 - 2018-04-22 02:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-05-09 01:34 - 2018-04-22 02:53 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-05-09 01:34 - 2018-04-22 02:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-05-09 01:34 - 2018-04-22 02:49 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-05-09 01:34 - 2018-04-22 02:49 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-05-09 01:34 - 2018-04-22 02:48 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-05-09 01:34 - 2018-04-22 02:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-05-09 01:34 - 2018-04-22 02:46 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-05-09 01:34 - 2018-04-22 02:45 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-05-09 01:34 - 2018-04-22 02:40 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-05-09 01:34 - 2018-04-22 02:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-05-09 01:34 - 2018-04-22 02:39 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-05-09 01:34 - 2018-04-22 02:37 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-05-09 01:34 - 2018-04-22 02:37 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-05-09 01:34 - 2018-04-22 02:35 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-05-09 01:34 - 2018-04-22 02:34 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-05-09 01:34 - 2018-04-22 02:33 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-05-09 01:34 - 2018-04-22 02:31 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-05-09 01:34 - 2018-04-22 02:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-05-09 01:34 - 2018-04-22 02:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-05-09 01:34 - 2018-04-22 02:26 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-05-09 01:34 - 2018-04-22 02:26 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-05-09 01:34 - 2018-04-22 02:26 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-05-09 01:34 - 2018-04-22 02:22 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-05-09 01:34 - 2018-04-22 02:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-05-09 01:34 - 2018-04-22 02:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-05-09 01:34 - 2018-04-22 02:04 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-05-09 01:34 - 2018-04-22 02:03 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-05-09 01:34 - 2018-04-18 12:03 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-05-09 01:34 - 2018-04-18 12:03 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\hhsetup.dll
2018-05-09 01:34 - 2018-04-18 11:51 - 000523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-05-09 01:34 - 2018-04-18 11:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhsetup.dll
2018-05-09 01:34 - 2018-04-18 11:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\hh.exe
2018-05-09 01:34 - 2018-04-18 11:35 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hh.exe
2018-05-09 01:34 - 2018-04-11 12:38 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-05-09 01:34 - 2018-04-11 12:38 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-05-09 01:34 - 2018-04-11 12:36 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-05-09 01:34 - 2018-04-11 12:36 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-05-09 01:34 - 2018-04-10 15:45 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-05-09 01:34 - 2018-04-10 12:36 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2018-05-09 01:34 - 2018-04-10 12:36 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2018-05-09 01:34 - 2018-04-10 12:35 - 001735168 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-05-09 01:34 - 2018-04-10 12:34 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-05-09 01:34 - 2018-04-10 12:33 - 001241600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-05-09 01:34 - 2018-04-10 12:32 - 000487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-05-09 01:34 - 2018-04-10 12:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2018-05-09 01:34 - 2018-04-10 11:54 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-05-09 01:34 - 2018-04-10 11:48 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-05-09 01:34 - 2018-04-10 11:47 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-05-09 01:34 - 2018-04-10 11:47 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-05-09 01:34 - 2018-04-07 12:41 - 000371392 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-05-09 01:34 - 2018-03-18 18:16 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-05-09 01:34 - 2018-03-18 18:11 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-05-09 01:34 - 2018-03-14 13:16 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-05-09 01:34 - 2018-03-14 13:12 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-05-09 01:34 - 2018-03-14 13:12 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-05-09 01:34 - 2018-03-14 13:12 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-05-09 01:34 - 2018-03-14 13:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2018-05-09 01:34 - 2018-03-14 12:57 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-05-09 01:34 - 2018-03-14 12:57 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-05-09 01:34 - 2018-03-14 12:57 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-05-09 01:34 - 2018-03-14 12:57 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2018-05-09 01:34 - 2018-03-14 12:53 - 002651648 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-05-09 01:34 - 2018-03-14 12:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-05-09 01:34 - 2018-03-14 12:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-05-09 01:34 - 2018-03-14 12:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-05-09 01:34 - 2018-03-14 12:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-05-09 01:34 - 2018-03-14 12:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-05-09 01:34 - 2018-03-14 12:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-05-04 19:16 - 2018-05-04 19:16 - 000275264 _____ C:\Windows\Minidump\050418-26816-01.dmp
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-05-28 12:20 - 2016-11-05 19:39 - 000000000 ____D C:\Users\Brandon\AppData\Roaming\uTorrent
2018-05-28 12:19 - 2012-12-25 21:54 - 000000000 ____D C:\Users\Brandon\AppData\Local\CrashDumps
2018-05-28 11:46 - 2009-07-14 00:45 - 000014144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-05-28 11:46 - 2009-07-14 00:45 - 000014144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-05-28 11:42 - 2009-07-14 01:13 - 000782470 _____ C:\Windows\system32\PerfStringBackup.INI
2018-05-28 11:42 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2018-05-28 11:39 - 2018-03-25 12:07 - 000000000 ____D C:\Users\Brandon\AppData\LocalLow\uTorrent
2018-05-28 11:37 - 2015-06-22 11:29 - 000000439 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2018-05-28 11:37 - 2013-02-17 14:30 - 000000000 ____D C:\Users\UpdatusUser
2018-05-28 11:37 - 2010-12-22 05:51 - 000000000 ____D C:\ProgramData\NVIDIA
2018-05-28 11:36 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-05-28 10:26 - 2013-02-16 16:27 - 000000000 ____D C:\Users\Brandon\AppData\Local\ElevatedDiagnostics
2018-05-27 18:17 - 2013-12-22 13:21 - 000000000 ____D C:\Program Files (x86)\DAEMON Tools Pro
2018-05-26 22:08 - 2013-05-01 10:34 - 000000000 ____D C:\ProgramData\IObit
2018-05-23 18:18 - 2013-11-22 18:16 - 000000000 ____D C:\ProgramData\ProductData
2018-05-22 22:04 - 2018-03-17 12:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-05-17 18:20 - 2012-12-25 10:35 - 000002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-17 18:09 - 2012-12-25 10:34 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-17 18:09 - 2012-12-25 10:34 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-17 18:03 - 2018-02-09 11:32 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-05-17 18:02 - 2018-02-09 11:31 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-05-17 18:02 - 2018-02-09 11:31 - 000381552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-05-17 18:02 - 2018-02-09 11:31 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-05-17 18:02 - 2018-02-09 11:31 - 000196640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-05-17 18:02 - 2018-02-09 11:31 - 000159120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-05-17 18:02 - 2018-02-09 11:31 - 000111360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-05-17 18:02 - 2018-02-09 11:31 - 000085968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-05-17 18:02 - 2018-02-09 11:31 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-05-17 18:01 - 2018-02-09 11:31 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-05-17 18:01 - 2018-02-09 11:31 - 000234560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-05-13 10:38 - 2018-03-25 12:12 - 000002119 _____ C:\Users\Guest\Desktop\Google Chrome.lnk
2018-05-13 10:14 - 2018-03-25 12:12 - 000000000 ____D C:\Users\Guest\AppData\Roaming\Adobe
2018-05-10 23:47 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\rescache
2018-05-09 23:51 - 2009-07-14 00:45 - 000281496 _____ C:\Windows\system32\FNTCACHE.DAT
2018-05-09 23:27 - 2013-11-19 10:38 - 000000000 ____D C:\Windows\system32\MRT
2018-05-09 23:18 - 2017-12-11 04:42 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-05-09 23:18 - 2013-02-17 13:27 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-05-09 01:25 - 2018-03-13 20:25 - 000004470 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-05-09 01:25 - 2013-02-18 19:56 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-05-09 01:25 - 2013-02-18 19:56 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-09 01:25 - 2013-02-18 19:56 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-05-09 01:25 - 2013-02-18 19:56 - 000000000 ____D C:\Windows\system32\Macromed
2018-05-09 01:25 - 2010-12-22 05:57 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-05-04 19:16 - 2013-01-17 12:19 - 000000000 ____D C:\Windows\Minidump
 
==================== Files in the root of some directories =======
 
2013-05-29 19:37 - 2013-05-29 19:37 - 000168960 _____ () C:\Program Files (x86)\Aga.Controls.dll
2013-05-29 19:37 - 2013-05-29 19:37 - 000562688 _____ () C:\Program Files (x86)\Aga.Controls.pdb
2013-05-29 19:37 - 2013-05-29 19:37 - 000129536 _____ (EQATEC A/S) C:\Program Files (x86)\EQATEC.Profiler.RuntimeFullNet.dll
2013-05-29 19:37 - 2013-05-29 19:37 - 000492032 _____ (Dino Chiesa) C:\Program Files (x86)\Ionic.Zip.dll
2013-05-29 19:37 - 2013-05-29 19:37 - 000765440 _____ () C:\Program Files (x86)\Ionic.Zip.pdb
2013-05-29 19:37 - 2013-05-29 19:37 - 000909019 _____ () C:\Program Files (x86)\Ionic.Zip.xml
2013-05-29 19:37 - 2013-05-29 19:37 - 000061440 _____ (JacksonSoft) C:\Program Files (x86)\JacksonSoft.CustomTabControl.dll
2013-05-29 19:37 - 2013-05-29 19:37 - 000007850 _____ () C:\Program Files (x86)\layout.xml
2013-05-29 19:37 - 2013-05-29 19:37 - 000001357 _____ () C:\Program Files (x86)\License - Aga.Controls.txt
2013-05-29 19:37 - 2013-05-29 19:37 - 000000534 _____ () C:\Program Files (x86)\License - Algorithmia.txt
2013-05-29 19:37 - 2013-05-29 19:37 - 000011530 _____ () C:\Program Files (x86)\License - CustomTabControl.txt
2013-05-29 19:37 - 2013-05-29 19:37 - 000001109 _____ () C:\Program Files (x86)\License - DockPanel.txt
2013-05-29 19:37 - 2013-05-29 19:37 - 000002693 _____ () C:\Program Files (x86)\License - Ionic.Zip.txt
2013-05-29 19:37 - 2013-05-29 19:37 - 000001126 _____ () C:\Program Files (x86)\License - zlib.txt
2013-05-29 19:37 - 2013-05-29 19:37 - 003211264 _____ (The Open Toolkit Library) C:\Program Files (x86)\OpenTK.Compatibility.dll
2013-05-29 19:37 - 2013-05-29 19:37 - 003256320 _____ (The Open Toolkit Library) C:\Program Files (x86)\OpenTK.dll
2013-05-29 19:37 - 2013-05-29 19:37 - 000024576 _____ (The Open Toolkit Library) C:\Program Files (x86)\OpenTK.GLControl.dll
2013-05-29 19:37 - 2013-05-29 19:37 - 000027648 _____ (ItzWarty) C:\Program Files (x86)\RAFLib2.dll
2013-05-29 19:37 - 2013-05-29 19:37 - 000056832 _____ () C:\Program Files (x86)\RAFLib2.pdb
2013-05-29 19:37 - 2013-05-29 19:37 - 000011776 _____ () C:\Program Files (x86)\RAFlibPlus.dll
2013-05-29 19:37 - 2013-05-29 19:37 - 000000088 _____ () C:\Program Files (x86)\README.txt
2013-05-29 19:37 - 2013-05-29 19:37 - 003383808 _____ () C:\Program Files (x86)\SlimDX.dll
2013-05-29 19:37 - 2013-05-29 19:37 - 000447488 _____ (Weifen Luo) C:\Program Files (x86)\WeifenLuo.WinFormsUI.Docking.dll
2013-05-29 19:37 - 2013-05-29 19:37 - 000065536 _____ (ItzWarty) C:\Program Files (x86)\wGUI.dll
2013-05-29 19:37 - 2013-05-29 19:37 - 000165376 _____ () C:\Program Files (x86)\wGUI.pdb
2013-05-29 19:37 - 2013-05-29 19:37 - 000066048 _____ (ItzWarty) C:\Program Files (x86)\wLib.dll
2013-05-29 19:37 - 2013-05-29 19:37 - 000066048 _____ (ItzWarty) C:\Program Files (x86)\wLib.dll.eqbak
2013-05-29 19:37 - 2013-05-29 19:37 - 000061440 _____ (ComponentAce) C:\Program Files (x86)\zlib.net.dll
2013-05-29 19:37 - 2013-05-29 19:37 - 000122368 _____ () C:\Program Files (x86)\zlib.net.pdb
2017-05-20 21:47 - 2017-06-25 20:18 - 000000776 _____ () C:\Users\Brandon\AppData\Local\Nox_crash.log
2014-02-21 20:57 - 2014-02-21 20:57 - 000001523 _____ () C:\Users\Brandon\AppData\Local\PDLSetup.20140221.195754.txt
2015-06-23 16:11 - 2015-06-23 16:11 - 000007597 _____ () C:\Users\Brandon\AppData\Local\Resmon.ResmonCfg
2013-12-01 20:44 - 2013-12-01 20:45 - 000032546 _____ () C:\Users\Brandon\AppData\Local\WiDiSetupLog.20131201.194424.wdl
2014-02-20 12:52 - 2014-02-20 12:54 - 000029125 _____ () C:\Users\Brandon\AppData\Local\WiDiSetupLog.20140220.115226.wdl
 
Some files in TEMP:
====================
2018-05-27 17:08 - 2018-04-22 20:07 - 001665336 _____ (Microsoft Corporation) C:\Users\Brandon\AppData\Local\Temp\dllnt_dump.dll
2018-02-21 13:45 - 2018-03-17 12:01 - 000492544 _____ () C:\Users\Brandon\AppData\Local\Temp\s3.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-05-18 19:33
 
  1. ==================== End of FRST.txt ============================

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Windows Defender:
===================================
Date: 2017-12-10 11:03:04.920
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{47F1C682-43CF-4CB7-8580-903198A07728}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
 
Date: 2015-10-10 00:56:05.467
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
Name:BrowserModifier:Win32/Diplugem
ID:213571
Severity:High
Category:Browser Modifier
Path Found:file:C:\Program Files (x86)\YoutubeAdblocker\47uMYgy.dat;file:C:\Program Files (x86)\YoutubeAdblocker\47uMYgy.tlb;file:C:\ProgramData\YoutubeAdblocker\mrSfisej.dat;file:C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\neadphceaoaeekdphlenpfjifmoeopbe\2.19\G7u_2YS.js;file:C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\neadphceaoaeekdphlenpfjifmoeopbe\2.19\G7u_2YS.js;file:C:\Users\Brandon\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\neadphceaoaeekdphlenpfjifmoeopbe\2.19\G7u_2YS.js;folder:C:\Program Files (x86)\YoutubeAdblocker\;folder:C:\ProgramData\YoutubeAdblocker\
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:c:\program files\windows defender\MpCmdRun.exe
 
Date: 2015-08-19 09:55:02.111
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
Name:BrowserModifier:Win32/Diplugem
ID:213571
Severity:High
Category:Browser Modifier
Path Found:file:C:\ProgramData\YoutubeAdblocker\mrSfisej.exe;regkey:HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507};uninstall:HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:c:\program files\windows defender\MpCmdRun.exe
 
Date: 2015-08-01 08:35:29.605
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
Name:BrowserModifier:Win32/CouponRuc
ID:207024
Severity:High
Category:Browser Modifier
Path Found:clsid:HKLM\SOFTWARE\CLASSES\CLSID\{A1E46116-1E06-2557-6130-70B02842FBFD};file:C:\Program Files (x86)\YoutubeAdblocker\47uMYgy.x64.dll;regkey:HKLM\SOFTWARE\CLASSES\CLSID\{A1E46116-1E06-2557-6130-70B02842FBFD}
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:c:\program files\windows defender\MpCmdRun.exe
 
Date: 2015-12-27 22:01:28.044
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{9BA2409B-D53E-4D5B-A903-A2488BD951E0}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
 
CodeIntegrity:
===================================
 
Date: 2013-10-22 10:27:11.223
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2013-10-22 10:27:11.223
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2013-10-19 21:45:56.220
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2013-10-19 21:45:56.218
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2013-10-19 21:45:56.216
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2013-10-19 21:45:56.203
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2013-10-19 21:45:56.201
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
Date: 2013-10-19 21:45:56.198
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2630QM CPU @ 2.00GHz
Percentage of memory in use: 56%
Total physical RAM: 6056.29 MB
Available physical RAM: 2647.5 MB
Total Virtual: 12110.75 MB
Available Virtual: 8531.02 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:350.43 GB) (Free:15.2 GB) NTFS
Drive d: () (Fixed) (Total:327.9 GB) (Free:208.39 GB) NTFS
 
\\?\Volume{55a6c1cf-0e3e-11e0-a99d-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{ed7546c6-4d73-11e2-beb6-806e6f6e6963}\ (SAMSUNG_REC) (Fixed) (Total:20.2 GB) (Free:0.94 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: A926DF55)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=350.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20.2 GB) - (Type=27)
Partition 4: (Not Active) - (Size=327.9 GB) - (Type=0F Extended)
 
==================== End of Addition.txt ============================

Edited by Somohexual, 28 May 2018 - 04:31 PM.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:45 PM

Posted 02 June 2018 - 04:25 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> https://www.bleepingcomputer.com/logreply/678265 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:45 PM

Posted 07 June 2018 - 04:30 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users